Action not permitted
Modal body text goes here.
wid-sec-w-2024-1197
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1197 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1197.json" }, { "category": "self", "summary": "WID-SEC-2024-1197 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1197" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47368 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052139-CVE-2021-47368-1290@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47374 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052141-CVE-2021-47374-41c2@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47375 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052141-CVE-2021-47375-8849@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47376 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052142-CVE-2021-47376-1032@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47377 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052142-CVE-2021-47377-8c20@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47403 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47403-b338@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47404 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47404-f851@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47405 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47405-b693@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47406 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47406-04e3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47407 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47407-fd65@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47408 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47409 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47409-1856@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47410 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47410-3b06@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47411 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47411-9e6f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47412 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2021-47412-b362@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47413 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47413-5ff4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47414 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47414-a400@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47415 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2021-47415-4e3d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47416 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47416-7584@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47417 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47417-783a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47418 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47418-342e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47419 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47419-22ab@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47420 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47420-939e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47421 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47421-00f1@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47422 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47422-3f95@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47423 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47423-6632@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47424 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47424-a4dc@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47425 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47425-8e9f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47426 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47426-8f34@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47427 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47427-ffc6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47428 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47428-f3c0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47429 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2021-47429-e386@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47430 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2021-47430-7b38@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47431 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2021-47431-ff0c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47432 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2021-47432-5e69@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2022-48706 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2022-48706-3175@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2022-48707 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48707-8523@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2022-48708 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48708-ba53@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2022-48709 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2022-48709-4ab8@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2022-48710 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2022-48710-aa43@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52700 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52700-1e45@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52701 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52701-5037@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52702 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52702-ebca@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52703 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52703-abcb@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52704 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52704-0d9a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52705 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52705-8468@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52706 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52706-1652@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52707 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52708 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52708-d68d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52730 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52731 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52731-29ab@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52732 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52732-c783@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52733 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52733-601c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52734 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52734-c8c2@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52735 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52735-4df1@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52736 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52736-ff92@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52737 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52737-e10e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52738 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52738-f1bb@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52739 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52739-46c6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52740 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52740-3265@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52741 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52741-6a1e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52742 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52742-005f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52743 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52743-f027@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52744 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52744-1e58@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52745 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52745-3727@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52746 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52746-0476@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52747 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52747-a85f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52748 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2023-52748-577d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52749 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52749-684e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52750 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52750-2115@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52751 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52751-69df@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52752 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2023-52752-2342@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52753 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52753-0805@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52754 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52754-9725@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52755 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052145-CVE-2023-52755-0e00@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52756 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52757 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52757-5028@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52758 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52758-9b23@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52759 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52759-0e9f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52760 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52760-5ac4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52761 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52761-5ddf@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52762 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52763 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52763-34b7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52764 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52765 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52765-3bc7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52766 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52766-2ae1@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52767 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52767-1f5b@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52768 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052149-CVE-2023-52768-68fc@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52769 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52769-8bac@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52770 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52770-fa95@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52771 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52771-43ad@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52772 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2023-52772-4875@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52773 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52773-8334@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52774 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52774-1657@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52775 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2023-52775-38a8@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52776 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52776-1f55@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52777 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52778 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52778-2a54@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52779 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52779-59e8@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52780 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52780-0324@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52781 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52781-8f04@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52782 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052153-CVE-2023-52782-acc6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52783 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52783-8ea7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52784 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52785 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52785-8104@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52786 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52786-ff76@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52787 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52787-67f0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52788 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52788-9cb4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52789 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52789-6006@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52790 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52790-2a4f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52791 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52792 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52792-69ce@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52793 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52793-18ab@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52794 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52794-bb34@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52795 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52795-4811@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52796 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52797 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52797-3d7a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52798 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52798-374e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52799 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52799-c335@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52800 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52800-63da@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52801 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52801-b287@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52802 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052159-CVE-2023-52802-81ce@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52803 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52804 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52804-b817@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52805 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52805-1338@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52806 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52806-e9ee@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52807 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52807-dcb9@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52808 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052101-CVE-2023-52808-b457@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52809 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52809-f07c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52810 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52810-efd0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52811 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52812 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52812-b5b2@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52813 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52813-0704@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52814 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52814-1cae@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52815 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52815-a80a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52816 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52816-73c7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52817 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52817-ba29@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52818 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052104-CVE-2023-52818-758f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52819 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52819-98d5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52820 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52820-1d6d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52821 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52821-1b6f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52822 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052105-CVE-2023-52822-9e83@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52823 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52823-3d81@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52824 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52824-3586@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52825 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052106-CVE-2023-52825-0696@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52826 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52826-9960@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52827 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52827-c62f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52828 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052107-CVE-2023-52828-e1e5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52829 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52829-3283@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52830 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52830-529a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52831 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52831-ce31@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52832 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52833 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52833-eee3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52834 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52835 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52835-80ee@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52836 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52836-930a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52837 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52837-6490@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52838 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052110-CVE-2023-52838-be44@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52839 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52839-e3d4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52840 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52840-8a3d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52841 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52841-1157@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52842 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052111-CVE-2023-52842-711c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52843 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52843-6515@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52844 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52844-e2e7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52845 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52846 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52846-c0ec@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52847 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52848 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52848-a5fa@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52849 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52849-b63f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52850 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52850-d1a1@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52851 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52851-b53c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52852 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052114-CVE-2023-52852-e55a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52853 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52853-5fd3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52854 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52854-7657@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52855 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052115-CVE-2023-52855-3a55@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52856 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52856-fe35@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52857 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52857-e288@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52858 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052116-CVE-2023-52858-24db@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52859 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52859-ad0e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52860 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52860-fc61@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52861 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52861-acb2@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52862 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52862-b020@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52863 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52863-490d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52864 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52865 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52865-6412@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52866 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52866-c17d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52867 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52867-3f26@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52868 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052119-CVE-2023-52868-c2c3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52869 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52869-6f57@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52870 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52870-9af4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52871 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52871-eaa4@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52872 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052120-CVE-2023-52872-48fd@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52873 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52873-cbe9@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52874 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52874-2fda@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52875 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052121-CVE-2023-52875-99fe@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52876 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52876-db2f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52877 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52877-0826@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52878 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52878-d433@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52879 vom 2024-05-21", "url": "https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52879-fa4d@gregkh/T/" }, { "category": "external", "summary": "Linux Kernel CVE Announcements vom 2024-05-21", "url": "https://kernel.org/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1978-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018686.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2011-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018710.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2010-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018711.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2135-1 vom 2024-06-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018783.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2183-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018808.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2185-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018809.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-061 vom 2024-06-25", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-061.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2024-062 vom 2024-06-25", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2024-062.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2024-072 vom 2024-06-25", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-072.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2189-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018811.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4211 vom 2024-07-02", "url": "https://access.redhat.com/errata/RHSA-2024:4211" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-4211 vom 2024-07-03", "url": "https://linux.oracle.com/errata/ELSA-2024-4211.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4352 vom 2024-07-08", "url": "https://access.redhat.com/errata/RHSA-2024:4352" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2365-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018897.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4321 vom 2024-07-10", "url": "https://access.redhat.com/errata/RHSA-2024:4321" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:4352 vom 2024-07-15", "url": "https://errata.build.resf.org/RLSA-2024:4352" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:4211 vom 2024-07-15", "url": "https://errata.build.resf.org/RLSA-2024:4211" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2493-1 vom 2024-07-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018984.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5731 vom 2024-07-17", "url": "https://lists.debian.org/debian-security-announce/2024/msg00142.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18", "url": "https://access.redhat.com/errata/RHSA-2024:4631" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24", "url": "https://access.redhat.com/errata/RHSA-2024:4823" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24", "url": "https://access.redhat.com/errata/RHSA-2024:4831" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6923-1 vom 2024-07-29", "url": "https://ubuntu.com/security/notices/USN-6923-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4902 vom 2024-07-29", "url": "https://access.redhat.com/errata/RHSA-2024:4902" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6926-1 vom 2024-07-29", "url": "https://ubuntu.com/security/notices/USN-6926-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6923-2 vom 2024-07-30", "url": "https://ubuntu.com/security/notices/USN-6923-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6927-1 vom 2024-07-30", "url": "https://ubuntu.com/security/notices/USN-6927-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4928 vom 2024-07-31", "url": "https://access.redhat.com/errata/RHSA-2024:4928" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:4928 vom 2024-08-01", "url": "https://errata.build.resf.org/RLSA-2024:4928" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-4928 vom 2024-08-01", "url": "https://linux.oracle.com/errata/ELSA-2024-4928.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6938-1 vom 2024-07-31", "url": "https://ubuntu.com/security/notices/USN-6938-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6926-2 vom 2024-08-01", "url": "https://ubuntu.com/security/notices/USN-6926-2" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-348 vom 2024-08-06", "url": "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12570 vom 2024-08-06", "url": "https://linux.oracle.com/errata/ELSA-2024-12570.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12571 vom 2024-08-06", "url": "https://linux.oracle.com/errata/ELSA-2024-12571.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5067 vom 2024-08-07", "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5066 vom 2024-08-07", "url": "https://access.redhat.com/errata/RHSA-2024:5066" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2802-1 vom 2024-08-07", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019133.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5102 vom 2024-08-08", "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5101 vom 2024-08-08", "url": "https://access.redhat.com/errata/RHSA-2024:5101" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6951-1 vom 2024-08-09", "url": "https://ubuntu.com/security/notices/USN-6951-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6953-1 vom 2024-08-09", "url": "https://ubuntu.com/security/notices/USN-6953-1" }, { "category": "external", "summary": "ORACLE OVMSA-2024-0010 vom 2024-08-08", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-August/001098.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-5101 vom 2024-08-09", "url": "https://linux.oracle.com/errata/ELSA-2024-5101.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6926-3 vom 2024-08-09", "url": "https://ubuntu.com/security/notices/USN-6926-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6957-1 vom 2024-08-13", "url": "https://ubuntu.com/security/notices/USN-6957-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6956-1 vom 2024-08-13", "url": "https://ubuntu.com/security/notices/USN-6956-1" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2024-080 vom 2024-08-13", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2024-080.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2892-1 vom 2024-08-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019188.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2896-1 vom 2024-08-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019185.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2894-1 vom 2024-08-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019182.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2024-2613 vom 2024-08-13", "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2613.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2895-1 vom 2024-08-13", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019186.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5365 vom 2024-08-14", "url": "https://access.redhat.com/errata/RHSA-2024:5365" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5363 vom 2024-08-14", "url": "https://access.redhat.com/errata/RHSA-2024:5363" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5364 vom 2024-08-14", "url": "https://access.redhat.com/errata/RHSA-2024:5364" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2901-1 vom 2024-08-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019194.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6951-2 vom 2024-08-14", "url": "https://ubuntu.com/security/notices/USN-6951-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2902-1 vom 2024-08-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019193.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-5363 vom 2024-08-15", "url": "https://linux.oracle.com/errata/ELSA-2024-5363.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2929-1 vom 2024-08-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019209.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2939-1 vom 2024-08-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019211.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2940-1 vom 2024-08-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019212.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2947-1 vom 2024-08-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019220.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2203-1 vom 2024-08-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019244.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6951-3 vom 2024-08-19", "url": "https://ubuntu.com/security/notices/USN-6951-3" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2973-1 vom 2024-08-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019280.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5672 vom 2024-08-21", "url": "https://access.redhat.com/errata/RHSA-2024:5672" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5673 vom 2024-08-21", "url": "https://access.redhat.com/errata/RHSA-2024:5673" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6974-1 vom 2024-08-22", "url": "https://ubuntu.com/security/notices/USN-6974-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6976-1 vom 2024-08-22", "url": "https://ubuntu.com/security/notices/USN-6976-1" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:5101 vom 2024-08-21", "url": "https://errata.build.resf.org/RLSA-2024:5101" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5692 vom 2024-08-21", "url": "https://access.redhat.com/errata/RHSA-2024:5692" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6972-1 vom 2024-08-21", "url": "https://ubuntu.com/security/notices/USN-6972-1" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:5102 vom 2024-08-21", "url": "https://errata.build.resf.org/RLSA-2024:5102" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6973-1 vom 2024-08-22", "url": "https://ubuntu.com/security/notices/USN-6973-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6951-4 vom 2024-08-21", "url": "https://ubuntu.com/security/notices/USN-6951-4" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6979-1 vom 2024-08-22", "url": "https://ubuntu.com/security/notices/USN-6979-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6972-2 vom 2024-08-22", "url": "https://ubuntu.com/security/notices/USN-6972-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6973-2 vom 2024-08-23", "url": "https://ubuntu.com/security/notices/USN-6973-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6974-2 vom 2024-08-23", "url": "https://ubuntu.com/security/notices/USN-6974-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6973-2 vom 2024-08-23", "url": "https://ubuntu.com/security/notices/USN-6972-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6973-3 vom 2024-08-26", "url": "https://ubuntu.com/security/notices/USN-6973-3" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3032-1 vom 2024-08-27", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019316.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:5928 vom 2024-08-28", "url": "https://access.redhat.com/errata/RHSA-2024:5928" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3060-1 vom 2024-08-28", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019328.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6972-4 vom 2024-08-29", "url": "https://ubuntu.com/security/notices/USN-6972-4" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-5928 vom 2024-08-29", "url": "https://linux.oracle.com/errata/ELSA-2024-5928.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6973-4 vom 2024-09-02", "url": "https://ubuntu.com/security/notices/USN-6973-4" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12606 vom 2024-09-03", "url": "https://linux.oracle.com/errata/ELSA-2024-12606.html" }, { "category": "external", "summary": "ORACLE OVMSA-2024-0011 vom 2024-09-04", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-September/001099.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:6297 vom 2024-09-04", "url": "https://access.redhat.com/errata/RHSA-2024:6297" }, { "category": "external", "summary": "IBM Security Bulletin 7167662 vom 2024-09-05", "url": "https://www.ibm.com/support/pages/node/7167662" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:6567 vom 2024-09-11", "url": "https://access.redhat.com/errata/RHSA-2024:6567" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-6567 vom 2024-09-12", "url": "https://linux.oracle.com/errata/ELSA-2024-6567.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12610 vom 2024-09-12", "url": "https://linux.oracle.com/errata/ELSA-2024-12610.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12612 vom 2024-09-12", "url": "https://linux.oracle.com/errata/ELSA-2024-12612.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12611 vom 2024-09-11", "url": "https://linux.oracle.com/errata/ELSA-2024-12611.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7003-1 vom 2024-09-12", "url": "https://ubuntu.com/security/notices/USN-7003-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7006-1 vom 2024-09-12", "url": "https://ubuntu.com/security/notices/USN-7006-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3225-1 vom 2024-09-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019432.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7003-3 vom 2024-09-13", "url": "https://ubuntu.com/security/notices/USN-7003-3" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:6567 vom 2024-09-17", "url": "https://errata.build.resf.org/RLSA-2024:6567" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3249-1 vom 2024-09-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019438.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:6753 vom 2024-09-18", "url": "https://access.redhat.com/errata/RHSA-2024:6753" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3320-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019459.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3319-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019460.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3318-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019461.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3348-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019477.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3349-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019476.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3334-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019469.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3336-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019468.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3347-1 vom 2024-09-19", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019478.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3350-1 vom 2024-09-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019479.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3375-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019486.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3370-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019487.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3361-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019492.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3379-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019489.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3363-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019491.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3365-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019490.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3368-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019488.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7028-1 vom 2024-09-23", "url": "https://ubuntu.com/security/notices/USN-7028-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:6993 vom 2024-09-24", "url": "https://access.redhat.com/errata/RHSA-2024:6993" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3405-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019498.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3395-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019494.html" }, { "category": "external", "summary": "IBM Security Bulletin 7169778 vom 2024-09-24", "url": "https://www.ibm.com/support/pages/node/7169778" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:7001 vom 2024-09-24", "url": "https://access.redhat.com/errata/RHSA-2024:7001" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3399-1 vom 2024-09-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019499.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:7000 vom 2024-09-24", "url": "https://access.redhat.com/errata/RHSA-2024:7000" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3425-1 vom 2024-09-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019512.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-7000 vom 2024-09-26", "url": "https://linux.oracle.com/errata/ELSA-2024-7000.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7003-4 vom 2024-09-26", "url": "https://ubuntu.com/security/notices/USN-7003-4" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7039-1 vom 2024-09-26", "url": "https://ubuntu.com/security/notices/USN-7039-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3468-1 vom 2024-09-27", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019531.html" }, { "category": "external", "summary": "Rocky Linux Security Advisory RLSA-2024:7001 vom 2024-09-30", "url": "https://errata.build.resf.org/RLSA-2024:7001" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3499-1 vom 2024-09-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019536.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7003-5 vom 2024-10-01", "url": "https://ubuntu.com/security/notices/USN-7003-5" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3553-1 vom 2024-10-08", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019560.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019562.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3551-1 vom 2024-10-08", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q7MIMQMCXNGMVS32KLTADYTPQCKF5HWU/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3564-1 vom 2024-10-09", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R7FS3QARF7WUPH5GFL22NW3G3SDO2C7Z/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3561-1 vom 2024-10-09", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LSUY4BSWS5WR46CHS4FPBIJIRLKHRDHV/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10", "url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12779 vom 2024-10-14", "url": "https://linux.oracle.com/errata/ELSA-2024-12779.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3625-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XCWDJ4VQNWRMZU52FZIMVKO3ZX7QR3L7/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3623-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TF6OKVTF5VSUGWWYIUXLV2YZK7NYELIN/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3636-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6PEVJU5FBJP53YMNJCB4SQC2P7VOWDEQ/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3631-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VBN5S6CN75ZWGV3ZNRLZRMQ5DF3HMBZE/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3639-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QREDIZHMC5MCDU7XHJHAPFFVPPIKTHWD/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3632-1 vom 2024-10-15", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IMA2L435Y3DOAG6IL6IEIK2SUGPOUZXD/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3672-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MGSVPDAL2ET3FWE6YAGBX3UOQOVXTPXB/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3696-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YYPGEHXE3QJ5NBRD57VSRTM36AC5DISM/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3679-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RDWWWR2VCADWSQCCZNNFB4VWOMZDOC63/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3695-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MOG44NUGCSJS6Q3AKMCV3X4IK2DN6CLL/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3700-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/G3EDKBVPHAPKDJ45CNEJLJ4KGJAHJ4R7/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3701-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SVZDNTNDPAUIILRXFRA47BDSDZ3IUQTH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3666-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EUYMTMU2SZQY2ZOCLHCYEZ2A2LJUYBHS/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3702-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BPAXFMRC3YVPDHRGBWET3RB7YTYFYLZW/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3694-1 vom 2024-10-16", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Y2P3R5HQ4Z7AYZLBXUGXBJMITFENT5NV/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3710-1 vom 2024-10-17", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CLMHYECK5YKZDDXZ7XKEL3G5JXCF5QRM/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7028-2 vom 2024-10-17", "url": "https://ubuntu.com/security/notices/USN-7028-2" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23", "url": "https://access.redhat.com/errata/RHSA-2024:8318" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3767-1 vom 2024-10-29", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019682.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3764-1 vom 2024-10-29", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019683.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3777-1 vom 2024-10-29", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EZDCNRY3OUDL3J55URFZK4CF6EMUGZ5C/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3774-1 vom 2024-10-29", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019686.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3775-1 vom 2024-10-29", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019693.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3783-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JBARQYJ6M5ZO2ZPYF6F55DX3BXLKEQMT/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3780-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZRFC54YJNAIE647NXDXGDHFV6UDF5EPM/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3783-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JBARQYJ6M5ZO2ZPYF6F55DX3BXLKEQMT/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3782-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019695.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3805-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6AZ2YKRZXCGZLO3DU6DW532FYLNVDCGU/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3833-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/46CHUG3NHK74I7NL4E3MYL6M7O72UAE6/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3829-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RMOWLUMWUZKBWNWZRVPCJY43YUOMCMJ7/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3830-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5FIXDPPFE66BKRWS3X45YHODJJ57FQRT/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3799-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019703.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3804-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GZWABRNLCUO6HRO6LFOXTIBDSFGOTSYD/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3803-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019712.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3806-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/I22FOLEFZIBTJBTIPHH5GXPKMIXVDSDI/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3821-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019729.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3800-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019714.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3793-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019702.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3798-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019698.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3837-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VHXZ2BQRCVWQY2AVSULS6AN56SITZ273/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3824-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S6IC3XKGED2IZ3RSTDHSMPUKMPV4R4FC/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3794-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019701.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3797-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019699.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3834-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019722.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3816-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019731.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3831-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QK6PZZGVJB6TX4W6LKJNJW74SGTITNGD/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3814-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QW54KPSGGX7Q3N4CIMSAGZRZY4WGZV2D/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3796-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019700.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3815-1 vom 2024-10-30", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JIUM76237NQIAK3CP7ENKHD5EOEBDHZH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3822-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019728.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3820-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019730.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3835-1 vom 2024-10-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019721.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3838-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IVMUBWV57LJO735WTA67PNJDTJXS5OOY/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3840-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/O2CG2OGLBEZR2LX5UI6PTT5NVZOFNGQH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3842-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VVJDY73ZQLYG6XTLPXQKV6DOXIBCWQNH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3852-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CJCHUFTBOJTQRE24NTRP6WMCK5BGPZ3N/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3860-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UFUASUPHAEZFWXKIMGZLIZD4LHGMJ5YW/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3855-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/HVT4PHTMBZOBVPW2CI26GVIVJNWCBTVN/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3859-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/I2YJKGZHLOSZMF6JYHDKXI5OARZUMTEY/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3854-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6DKQ4KINQ5TXHK6JA63O3YINMJXE2QVJ/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3857-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DM3QIZHKHG7AW6EAKKMMWCCUOYK4JU3R/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3851-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/7YDAYBSAUUUZVVIKYWRRX5O6ZCOQ2K46/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3848-1 vom 2024-10-31", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019743.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3850-1 vom 2024-10-31", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KSMKB243YKTE3C2SGCFXBMVAT6CUYWVH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3849-1 vom 2024-10-31", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019742.html" }, { "category": "external", "summary": "IBM Security Bulletin", "url": "https://www.ibm.com/support/pages/node/7174634" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3882-1 vom 2024-11-04", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GBH24SQSCU7UKVSH3JGQ4YLAU2LAG7KC/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3884-1 vom 2024-11-04", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/HFDA5EL2PDP3X64LOHUHOMKEXWQUUF7E/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3880-1 vom 2024-11-04", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4FKA7N5AUZ6CDGAARMRU76MNKUZHMPAH/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3885-1 vom 2024-11-04", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/53ENJNCPAGSKEUP2I2GUIFB6G67EXN56/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3881-1 vom 2024-11-04", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZOOTWA362J2SG2EX2CE3LPBWPJ7GVK2B/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12", "url": "https://access.redhat.com/errata/RHSA-2024:9315" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3986-1 vom 2024-11-13", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CIC23R3UQSPF2K4P2CX54TPCX5T7KWQG/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3983-1 vom 2024-11-13", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QUOFKELDJYP3JMHIXPCVKVI4REVXAKTX/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3984-1 vom 2024-11-13", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/L52VEDNTEHWEPR56WZN4KZNMEUYGCJX6/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:3985-1 vom 2024-11-13", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KB6DG7QR5KXDQRV57H4IY2TB2LW42K4S/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:9546 vom 2024-11-13", "url": "https://access.redhat.com/errata/RHSA-2024:9546" }, { "category": "external", "summary": "Ubuntu Security Notice USN-7123-1 vom 2024-11-20", "url": "https://ubuntu.com/security/notices/USN-7123-1" }, { "category": "external", "summary": "Debian Security Advisory DSA-5818 vom 2024-11-24", "url": "https://lists.debian.org/debian-security-announce/2024/msg00233.html" }, { "category": "external", "summary": "IBM Security Bulletin 7176961 vom 2024-11-22", "url": "https://www.ibm.com/support/pages/node/7176961" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:10262 vom 2024-11-26", "url": "https://access.redhat.com/errata/RHSA-2024:10262" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4082-1 vom 2024-11-27", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019851.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4081-1 vom 2024-11-27", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019852.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4103-1 vom 2024-11-28", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019863.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4100-1 vom 2024-11-28", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019864.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4125-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019882.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4127-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019881.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4124-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019883.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4131-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019887.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4123-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019884.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4122-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019885.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4139-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019889.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4140-1 vom 2024-12-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019890.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:10771 vom 2024-12-04", "url": "https://access.redhat.com/errata/RHSA-2024:10771" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:10773 vom 2024-12-04", "url": "https://access.redhat.com/errata/RHSA-2024:10773" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:10772 vom 2024-12-04", "url": "https://access.redhat.com/errata/RHSA-2024:10772" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:4180-1 vom 2024-12-05", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3ACAYSLQECATBMYSIXEOONW3SJQYVWGD/" } ], "source_lang": "en-US", "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe", "tracking": { "current_release_date": "2024-12-04T23:00:00.000+00:00", "generator": { "date": "2024-12-05T10:13:03.710+00:00", "engine": { "name": "BSI-WID", "version": "1.3.10" } }, "id": "WID-SEC-W-2024-1197", "initial_release_date": "2024-05-21T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-21T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-05-22T22:00:00.000+00:00", "number": "2", "summary": "CVE Nummern erg\u00e4nzt" }, { "date": "2024-06-10T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-11T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-12T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-23T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-24T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von SUSE und Amazon aufgenommen" }, { "date": "2024-06-25T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-01T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-02T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-07-07T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-09T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-10T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von SUSE und Red Hat aufgenommen" }, { "date": "2024-07-15T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen" }, { "date": "2024-07-16T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat und SUSE aufgenommen" }, { "date": "2024-07-22T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-24T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-07-28T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-29T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen" }, { "date": "2024-07-30T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Ubuntu und Red Hat aufgenommen" }, { "date": "2024-07-31T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Rocky Enterprise Software Foundation, Oracle Linux und Ubuntu aufgenommen" }, { "date": "2024-08-01T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-08-05T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-08-06T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-08-07T22:00:00.000+00:00", "number": "26", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-08-08T22:00:00.000+00:00", "number": "27", "summary": "Neue Updates von Ubuntu und ORACLE aufgenommen" }, { "date": "2024-08-11T22:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen" }, { "date": "2024-08-12T22:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-08-13T22:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Amazon und SUSE aufgenommen" }, { "date": "2024-08-14T22:00:00.000+00:00", "number": "31", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-08-15T22:00:00.000+00:00", "number": "32", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-08-18T22:00:00.000+00:00", "number": "33", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-08-19T22:00:00.000+00:00", "number": "34", "summary": "Neue Updates von SUSE und Ubuntu aufgenommen" }, { "date": "2024-08-20T22:00:00.000+00:00", "number": "35", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-08-21T22:00:00.000+00:00", "number": "36", "summary": "Neue Updates von Ubuntu, Rocky Enterprise Software Foundation und Red Hat aufgenommen" }, { "date": "2024-08-22T22:00:00.000+00:00", "number": "37", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-08-25T22:00:00.000+00:00", "number": "38", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-08-26T22:00:00.000+00:00", "number": "39", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-08-27T22:00:00.000+00:00", "number": "40", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-08-28T22:00:00.000+00:00", "number": "41", "summary": "Neue Updates von Red Hat, SUSE und Ubuntu aufgenommen" }, { "date": "2024-08-29T22:00:00.000+00:00", "number": "42", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-09-02T22:00:00.000+00:00", "number": "43", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-09-04T22:00:00.000+00:00", "number": "44", "summary": "Neue Updates von ORACLE und Red Hat aufgenommen" }, { "date": "2024-09-05T22:00:00.000+00:00", "number": "45", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-09-10T22:00:00.000+00:00", "number": "46", "summary": "Neue Updates von SUSE und Red Hat aufgenommen" }, { "date": "2024-09-11T22:00:00.000+00:00", "number": "47", "summary": "Neue Updates von Oracle Linux und SUSE aufgenommen" }, { "date": "2024-09-12T22:00:00.000+00:00", "number": "48", "summary": "Neue Updates von Ubuntu und SUSE aufgenommen" }, { "date": "2024-09-16T22:00:00.000+00:00", "number": "49", "summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen" }, { "date": "2024-09-18T22:00:00.000+00:00", "number": "50", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-09-19T22:00:00.000+00:00", "number": "51", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-09-22T22:00:00.000+00:00", "number": "52", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-09-23T22:00:00.000+00:00", "number": "53", "summary": "Neue Updates von Red Hat, SUSE und IBM aufgenommen" }, { "date": "2024-09-24T22:00:00.000+00:00", "number": "54", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-09-25T22:00:00.000+00:00", "number": "55", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-09-26T22:00:00.000+00:00", "number": "56", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-09-29T22:00:00.000+00:00", "number": "57", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-09-30T22:00:00.000+00:00", "number": "58", "summary": "Neue Updates von Rocky Enterprise Software Foundation und SUSE aufgenommen" }, { "date": "2024-10-01T22:00:00.000+00:00", "number": "59", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-10-08T22:00:00.000+00:00", "number": "60", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-09T22:00:00.000+00:00", "number": "61", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-14T22:00:00.000+00:00", "number": "62", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-10-15T22:00:00.000+00:00", "number": "63", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-16T22:00:00.000+00:00", "number": "64", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-17T22:00:00.000+00:00", "number": "65", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-10-23T22:00:00.000+00:00", "number": "66", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-10-28T23:00:00.000+00:00", "number": "67", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-29T23:00:00.000+00:00", "number": "68", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-30T23:00:00.000+00:00", "number": "69", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-10-31T23:00:00.000+00:00", "number": "70", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-11-03T23:00:00.000+00:00", "number": "71", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-11-12T23:00:00.000+00:00", "number": "72", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-11-13T23:00:00.000+00:00", "number": "73", "summary": "Neue Updates von SUSE und Red Hat aufgenommen" }, { "date": "2024-11-20T23:00:00.000+00:00", "number": "74", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-11-24T23:00:00.000+00:00", "number": "75", "summary": "Neue Updates von Debian und IBM aufgenommen" }, { "date": "2024-11-25T23:00:00.000+00:00", "number": "76", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-11-27T23:00:00.000+00:00", "number": "77", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-11-28T23:00:00.000+00:00", "number": "78", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-12-02T23:00:00.000+00:00", "number": "79", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-12-03T23:00:00.000+00:00", "number": "80", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-12-04T23:00:00.000+00:00", "number": "81", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "81" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Dell NetWorker", "product": { "name": "Dell NetWorker", "product_id": "T024663", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:-" } } } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC Avamar", "product": { "name": "EMC Avamar", "product_id": "T014381", "product_identification_helper": { "cpe": "cpe:/a:emc:avamar:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "24.0.0", "product": { "name": "IBM Business Automation Workflow 24.0.0", "product_id": "T036570", "product_identification_helper": { "cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0" } } } ], "category": "product_name", "name": "Business Automation Workflow" }, { "branches": [ { "category": "product_version_range", "name": "\u003c7.5.0 UP10 IF01", "product": { "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01", "product_id": "T038741" } }, { "category": "product_version", "name": "7.5.0 UP10 IF01", "product": { "name": "IBM QRadar SIEM 7.5.0 UP10 IF01", "product_id": "T038741-fixed", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01" } } } ], "category": "product_name", "name": "QRadar SIEM" }, { "branches": [ { "category": "product_version", "name": "12", "product": { "name": "IBM Security Guardium 12.0", "product_id": "T031092", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_guardium:12.0" } } } ], "category": "product_name", "name": "Security Guardium" }, { "branches": [ { "category": "product_version_range", "name": "\u003c10.1.16.3", "product": { "name": "IBM Spectrum Protect Plus \u003c10.1.16.3", "product_id": "T037795" } }, { "category": "product_version", "name": "10.1.16.3", "product": { "name": "IBM Spectrum Protect Plus 10.1.16.3", "product_id": "T037795-fixed", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.16.3" } } } ], "category": "product_name", "name": "Spectrum Protect Plus" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Open Source Linux Kernel", "product": { "name": "Open Source Linux Kernel", "product_id": "T034937", "product_identification_helper": { "cpe": "cpe:/o:linux:linux_kernel:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "RESF Rocky Linux", "product": { "name": "RESF Rocky Linux", "product_id": "T032255", "product_identification_helper": { "cpe": "cpe:/o:resf:rocky_linux:-" } } } ], "category": "vendor", "name": "RESF" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-47223", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47223" }, { "cve": "CVE-2021-47224", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47224" }, { "cve": "CVE-2021-47234", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47234" }, { "cve": "CVE-2021-47259", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47259" }, { "cve": "CVE-2021-47270", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47270" }, { "cve": "CVE-2021-47304", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47304" }, { "cve": "CVE-2021-47335", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47335" }, { "cve": "CVE-2021-47337", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47337" }, { "cve": "CVE-2021-47338", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47338" }, { "cve": "CVE-2021-47368", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47368" }, { "cve": "CVE-2021-47370", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47370" }, { "cve": "CVE-2021-47374", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47374" }, { "cve": "CVE-2021-47375", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47375" }, { "cve": "CVE-2021-47376", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47376" }, { "cve": "CVE-2021-47377", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47377" }, { "cve": "CVE-2021-47381", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47381" }, { "cve": "CVE-2021-47403", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47403" }, { "cve": "CVE-2021-47404", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47404" }, { "cve": "CVE-2021-47405", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47405" }, { "cve": "CVE-2021-47406", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47406" }, { "cve": "CVE-2021-47407", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47407" }, { "cve": "CVE-2021-47408", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47408" }, { "cve": "CVE-2021-47409", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47409" }, { "cve": "CVE-2021-47410", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47410" }, { "cve": "CVE-2021-47411", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47411" }, { "cve": "CVE-2021-47412", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47412" }, { "cve": "CVE-2021-47413", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47413" }, { "cve": "CVE-2021-47414", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47414" }, { "cve": "CVE-2021-47415", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47415" }, { "cve": "CVE-2021-47416", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47416" }, { "cve": "CVE-2021-47417", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47417" }, { "cve": "CVE-2021-47418", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47418" }, { "cve": "CVE-2021-47419", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47419" }, { "cve": "CVE-2021-47420", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47420" }, { "cve": "CVE-2021-47421", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47421" }, { "cve": "CVE-2021-47422", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47422" }, { "cve": "CVE-2021-47423", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47423" }, { "cve": "CVE-2021-47424", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47424" }, { "cve": "CVE-2021-47425", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47425" }, { "cve": "CVE-2021-47426", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47426" }, { "cve": "CVE-2021-47427", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47427" }, { "cve": "CVE-2021-47428", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47428" }, { "cve": "CVE-2021-47429", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47429" }, { "cve": "CVE-2021-47430", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47430" }, { "cve": "CVE-2021-47431", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47431" }, { "cve": "CVE-2021-47432", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47432" }, { "cve": "CVE-2021-47433", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47433" }, { "cve": "CVE-2021-47434", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47434" }, { "cve": "CVE-2021-47435", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47435" }, { "cve": "CVE-2021-47436", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47436" }, { "cve": "CVE-2021-47437", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47437" }, { "cve": "CVE-2021-47438", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47438" }, { "cve": "CVE-2021-47439", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47439" }, { "cve": "CVE-2021-47440", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47440" }, { "cve": "CVE-2021-47441", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47441" }, { "cve": "CVE-2021-47442", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47442" }, { "cve": "CVE-2021-47443", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47443" }, { "cve": "CVE-2021-47444", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47444" }, { "cve": "CVE-2021-47445", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47445" }, { "cve": "CVE-2021-47446", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47446" }, { "cve": "CVE-2021-47447", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47447" }, { "cve": "CVE-2021-47448", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47448" }, { "cve": "CVE-2021-47449", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47449" }, { "cve": "CVE-2021-47450", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47450" }, { "cve": "CVE-2021-47451", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47451" }, { "cve": "CVE-2021-47452", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47452" }, { "cve": "CVE-2021-47453", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47453" }, { "cve": "CVE-2021-47454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47454" }, { "cve": "CVE-2021-47455", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47455" }, { "cve": "CVE-2021-47456", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47456" }, { "cve": "CVE-2021-47457", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47457" }, { "cve": "CVE-2021-47458", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47458" }, { "cve": "CVE-2021-47459", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47459" }, { "cve": "CVE-2021-47460", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47460" }, { "cve": "CVE-2021-47461", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47461" }, { "cve": "CVE-2021-47462", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47462" }, { "cve": "CVE-2021-47463", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47463" }, { "cve": "CVE-2021-47464", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47464" }, { "cve": "CVE-2021-47465", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47465" }, { "cve": "CVE-2021-47466", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47466" }, { "cve": "CVE-2021-47467", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47467" }, { "cve": "CVE-2021-47468", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47468" }, { "cve": "CVE-2021-47469", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47469" }, { "cve": "CVE-2021-47470", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47470" }, { "cve": "CVE-2021-47471", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47471" }, { "cve": "CVE-2021-47472", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47472" }, { "cve": "CVE-2021-47473", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47473" }, { "cve": "CVE-2021-47474", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47474" }, { "cve": "CVE-2021-47475", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47475" }, { "cve": "CVE-2021-47476", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47476" }, { "cve": "CVE-2021-47477", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47477" }, { "cve": "CVE-2021-47478", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47478" }, { "cve": "CVE-2021-47479", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47479" }, { "cve": "CVE-2021-47480", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47480" }, { "cve": "CVE-2021-47481", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47481" }, { "cve": "CVE-2021-47482", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47482" }, { "cve": "CVE-2021-47483", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47483" }, { "cve": "CVE-2021-47484", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47484" }, { "cve": "CVE-2021-47485", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47485" }, { "cve": "CVE-2021-47486", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47486" }, { "cve": "CVE-2021-47487", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47487" }, { "cve": "CVE-2021-47488", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47488" }, { "cve": "CVE-2021-47489", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47489" }, { "cve": "CVE-2021-47490", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47490" }, { "cve": "CVE-2021-47491", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47491" }, { "cve": "CVE-2021-47492", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47492" }, { "cve": "CVE-2021-47493", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47493" }, { "cve": "CVE-2021-47494", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47494" }, { "cve": "CVE-2021-47495", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47495" }, { "cve": "CVE-2021-47496", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47496" }, { "cve": "CVE-2021-47497", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47497" }, { "cve": "CVE-2021-47498", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2021-47498" }, { "cve": "CVE-2022-48706", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2022-48706" }, { "cve": "CVE-2022-48707", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2022-48707" }, { "cve": "CVE-2022-48708", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2022-48708" }, { "cve": "CVE-2022-48709", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2022-48709" }, { "cve": "CVE-2022-48710", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2022-48710" }, { "cve": "CVE-2023-52700", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52700" }, { "cve": "CVE-2023-52701", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52701" }, { "cve": "CVE-2023-52702", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52702" }, { "cve": "CVE-2023-52703", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52703" }, { "cve": "CVE-2023-52704", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52704" }, { "cve": "CVE-2023-52705", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52705" }, { "cve": "CVE-2023-52706", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52706" }, { "cve": "CVE-2023-52707", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52707" }, { "cve": "CVE-2023-52708", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52708" }, { "cve": "CVE-2023-52730", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52730" }, { "cve": "CVE-2023-52731", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52731" }, { "cve": "CVE-2023-52732", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52732" }, { "cve": "CVE-2023-52733", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52733" }, { "cve": "CVE-2023-52734", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52734" }, { "cve": "CVE-2023-52735", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52735" }, { "cve": "CVE-2023-52736", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52736" }, { "cve": "CVE-2023-52737", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52737" }, { "cve": "CVE-2023-52738", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52738" }, { "cve": "CVE-2023-52739", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52739" }, { "cve": "CVE-2023-52740", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52740" }, { "cve": "CVE-2023-52741", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52741" }, { "cve": "CVE-2023-52742", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52742" }, { "cve": "CVE-2023-52743", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52743" }, { "cve": "CVE-2023-52744", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52744" }, { "cve": "CVE-2023-52745", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52745" }, { "cve": "CVE-2023-52746", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52746" }, { "cve": "CVE-2023-52747", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52747" }, { "cve": "CVE-2023-52748", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52748" }, { "cve": "CVE-2023-52749", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52749" }, { "cve": "CVE-2023-52750", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52750" }, { "cve": "CVE-2023-52751", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52751" }, { "cve": "CVE-2023-52752", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52752" }, { "cve": "CVE-2023-52753", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52753" }, { "cve": "CVE-2023-52754", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52754" }, { "cve": "CVE-2023-52755", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52755" }, { "cve": "CVE-2023-52756", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52756" }, { "cve": "CVE-2023-52757", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52757" }, { "cve": "CVE-2023-52758", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52758" }, { "cve": "CVE-2023-52759", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52759" }, { "cve": "CVE-2023-52760", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52760" }, { "cve": "CVE-2023-52761", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52761" }, { "cve": "CVE-2023-52762", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52762" }, { "cve": "CVE-2023-52763", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52763" }, { "cve": "CVE-2023-52764", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52764" }, { "cve": "CVE-2023-52765", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52765" }, { "cve": "CVE-2023-52766", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52766" }, { "cve": "CVE-2023-52767", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52767" }, { "cve": "CVE-2023-52768", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52768" }, { "cve": "CVE-2023-52769", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52769" }, { "cve": "CVE-2023-52770", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52770" }, { "cve": "CVE-2023-52771", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52771" }, { "cve": "CVE-2023-52772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52772" }, { "cve": "CVE-2023-52773", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52773" }, { "cve": "CVE-2023-52774", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52774" }, { "cve": "CVE-2023-52775", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52775" }, { "cve": "CVE-2023-52776", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52776" }, { "cve": "CVE-2023-52777", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52777" }, { "cve": "CVE-2023-52778", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52778" }, { "cve": "CVE-2023-52779", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52779" }, { "cve": "CVE-2023-52780", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52780" }, { "cve": "CVE-2023-52781", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52781" }, { "cve": "CVE-2023-52782", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52782" }, { "cve": "CVE-2023-52783", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52783" }, { "cve": "CVE-2023-52784", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52784" }, { "cve": "CVE-2023-52785", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52785" }, { "cve": "CVE-2023-52786", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52786" }, { "cve": "CVE-2023-52787", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52787" }, { "cve": "CVE-2023-52788", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52788" }, { "cve": "CVE-2023-52789", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52789" }, { "cve": "CVE-2023-52790", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52790" }, { "cve": "CVE-2023-52791", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52791" }, { "cve": "CVE-2023-52792", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52792" }, { "cve": "CVE-2023-52793", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52793" }, { "cve": "CVE-2023-52794", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52794" }, { "cve": "CVE-2023-52795", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52795" }, { "cve": "CVE-2023-52796", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52796" }, { "cve": "CVE-2023-52797", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52797" }, { "cve": "CVE-2023-52798", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52798" }, { "cve": "CVE-2023-52799", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52799" }, { "cve": "CVE-2023-52800", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52800" }, { "cve": "CVE-2023-52801", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52801" }, { "cve": "CVE-2023-52802", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52802" }, { "cve": "CVE-2023-52803", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52803" }, { "cve": "CVE-2023-52804", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52804" }, { "cve": "CVE-2023-52805", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52805" }, { "cve": "CVE-2023-52806", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52806" }, { "cve": "CVE-2023-52807", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52807" }, { "cve": "CVE-2023-52808", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52808" }, { "cve": "CVE-2023-52809", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52809" }, { "cve": "CVE-2023-52810", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52810" }, { "cve": "CVE-2023-52811", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52811" }, { "cve": "CVE-2023-52812", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52812" }, { "cve": "CVE-2023-52813", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52813" }, { "cve": "CVE-2023-52814", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52814" }, { "cve": "CVE-2023-52815", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52815" }, { "cve": "CVE-2023-52816", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52816" }, { "cve": "CVE-2023-52817", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52817" }, { "cve": "CVE-2023-52818", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52818" }, { "cve": "CVE-2023-52819", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52819" }, { "cve": "CVE-2023-52820", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52820" }, { "cve": "CVE-2023-52821", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52821" }, { "cve": "CVE-2023-52822", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52822" }, { "cve": "CVE-2023-52823", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52823" }, { "cve": "CVE-2023-52824", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52824" }, { "cve": "CVE-2023-52825", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52825" }, { "cve": "CVE-2023-52826", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52826" }, { "cve": "CVE-2023-52827", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52827" }, { "cve": "CVE-2023-52828", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52828" }, { "cve": "CVE-2023-52829", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52829" }, { "cve": "CVE-2023-52830", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52830" }, { "cve": "CVE-2023-52831", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52831" }, { "cve": "CVE-2023-52832", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52832" }, { "cve": "CVE-2023-52833", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52833" }, { "cve": "CVE-2023-52834", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52834" }, { "cve": "CVE-2023-52835", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52835" }, { "cve": "CVE-2023-52836", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52836" }, { "cve": "CVE-2023-52837", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52837" }, { "cve": "CVE-2023-52838", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52838" }, { "cve": "CVE-2023-52839", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52839" }, { "cve": "CVE-2023-52840", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52840" }, { "cve": "CVE-2023-52841", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52841" }, { "cve": "CVE-2023-52842", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52842" }, { "cve": "CVE-2023-52843", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52843" }, { "cve": "CVE-2023-52844", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52844" }, { "cve": "CVE-2023-52845", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52845" }, { "cve": "CVE-2023-52846", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52846" }, { "cve": "CVE-2023-52847", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52847" }, { "cve": "CVE-2023-52848", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52848" }, { "cve": "CVE-2023-52849", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52849" }, { "cve": "CVE-2023-52850", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52850" }, { "cve": "CVE-2023-52851", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52851" }, { "cve": "CVE-2023-52852", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52852" }, { "cve": "CVE-2023-52853", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52853" }, { "cve": "CVE-2023-52854", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52854" }, { "cve": "CVE-2023-52855", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52855" }, { "cve": "CVE-2023-52856", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52856" }, { "cve": "CVE-2023-52857", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52857" }, { "cve": "CVE-2023-52858", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52858" }, { "cve": "CVE-2023-52859", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52859" }, { "cve": "CVE-2023-52860", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52860" }, { "cve": "CVE-2023-52861", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52861" }, { "cve": "CVE-2023-52862", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52862" }, { "cve": "CVE-2023-52863", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52863" }, { "cve": "CVE-2023-52864", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52864" }, { "cve": "CVE-2023-52865", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52865" }, { "cve": "CVE-2023-52866", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52866" }, { "cve": "CVE-2023-52867", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52867" }, { "cve": "CVE-2023-52868", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52868" }, { "cve": "CVE-2023-52869", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52869" }, { "cve": "CVE-2023-52870", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52870" }, { "cve": "CVE-2023-52871", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52871" }, { "cve": "CVE-2023-52872", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52872" }, { "cve": "CVE-2023-52873", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52873" }, { "cve": "CVE-2023-52874", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52874" }, { "cve": "CVE-2023-52875", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52875" }, { "cve": "CVE-2023-52876", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52876" }, { "cve": "CVE-2023-52877", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52877" }, { "cve": "CVE-2023-52878", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52878" }, { "cve": "CVE-2023-52879", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2023-52879" }, { "cve": "CVE-2024-36010", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie arm64, ext4 oder libbpf, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "67646", "T004914", "T032255", "T038741", "T037795", "T014381", "T036570", "2951", "T002207", "T000126", "T031092", "T024663", "398363", "T034937" ] }, "release_date": "2024-05-21T22:00:00.000+00:00", "title": "CVE-2024-36010" } ] }
cve-2023-52814
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "1da177e4c3f4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.202" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.140" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.64" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.3" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52814", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:07:24.937431Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:33.076Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.899Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b93a25de28af", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c11cf5e117f5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9b70fc7d70e8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b0702ee4d811", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "da46e63482fd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "80285ae1ec87", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:14.005Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b" }, { "url": "https://git.kernel.org/stable/c/c11cf5e117f50f5a767054600885acd981449afe" }, { "url": "https://git.kernel.org/stable/c/9b70fc7d70e8ef7c4a65034c9487f58609e708a1" }, { "url": "https://git.kernel.org/stable/c/b0702ee4d811708251cdf54d4a1d3e888d365111" }, { "url": "https://git.kernel.org/stable/c/da46e63482fdc5e35c008865c22ac64027f6f0c2" }, { "url": "https://git.kernel.org/stable/c/80285ae1ec8717b597b20de38866c29d84d321a1" } ], "title": "drm/amdgpu: Fix potential null pointer derefernce", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52814", "datePublished": "2024-05-21T15:31:22.263Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:14.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47439
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47439", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:42:32.231853Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T18:04:47.594Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.767Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f2e1de075018cf71bcd7d628e9f759cb8540b0c3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/383239a33cf29ebee9ce0d4e0e5c900b77a16148" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef1100ef20f29aec4e62abeccdb5bdbebba1e378" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/dsa/microchip/ksz_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f2e1de075018", "status": "affected", "version": "469b390e1ba3", "versionType": "git" }, { "lessThan": "383239a33cf2", "status": "affected", "version": "469b390e1ba3", "versionType": "git" }, { "lessThan": "ef1100ef20f2", "status": "affected", "version": "469b390e1ba3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/dsa/microchip/ksz_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: microchip: Added the condition for scheduling ksz_mib_read_work\n\nWhen the ksz module is installed and removed using rmmod, kernel crashes\nwith null pointer dereferrence error. During rmmod, ksz_switch_remove\nfunction tries to cancel the mib_read_workqueue using\ncancel_delayed_work_sync routine and unregister switch from dsa.\n\nDuring dsa_unregister_switch it calls ksz_mac_link_down, which in turn\nreschedules the workqueue since mib_interval is non-zero.\nDue to which queue executed after mib_interval and it tries to access\ndp-\u003eslave. But the slave is unregistered in the ksz_switch_remove\nfunction. Hence kernel crashes.\n\nTo avoid this crash, before canceling the workqueue, resetted the\nmib_interval to 0.\n\nv1 -\u003e v2:\n-Removed the if condition in ksz_mib_read_work" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:55.266Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f2e1de075018cf71bcd7d628e9f759cb8540b0c3" }, { "url": "https://git.kernel.org/stable/c/383239a33cf29ebee9ce0d4e0e5c900b77a16148" }, { "url": "https://git.kernel.org/stable/c/ef1100ef20f29aec4e62abeccdb5bdbebba1e378" } ], "title": "net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47439", "datePublished": "2024-05-22T06:19:34.192Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:55.266Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47443
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47443", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:42:00.760765Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T16:16:01.807Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.240Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/nfc/digital_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "429054ec51e6", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "a67d47e32c91", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "b7b023e6ff56", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "9881b0c86064", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "7ab488d7228a", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "3f2960b39f22", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "564249219e5b", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" }, { "lessThan": "58e7dcc9ca29", "status": "affected", "version": "1c7a4c24fbfd", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/nfc/digital_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.13" }, { "lessThan": "3.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_tg_listen_mdaa()\n\n\u0027params\u0027 is allocated in digital_tg_listen_mdaa(), but not free when\ndigital_send_cmd() failed, which will cause memory leak. Fix it by\nfreeing \u0027params\u0027 if digital_send_cmd() return failed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:59.989Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5" }, { "url": "https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e" }, { "url": "https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b" }, { "url": "https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416" }, { "url": "https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed" }, { "url": "https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9" }, { "url": "https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c" }, { "url": "https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907" } ], "title": "NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47443", "datePublished": "2024-05-22T06:19:36.889Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-06T16:16:01.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47458
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47458", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:55:25.437565Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:55:34.667Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.133Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b74ddcc22ee6455946e80a9c4808801f8f8561e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/232ed9752510de4436468b653d145565669c8498" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7623b1035ca2d17bde0f6a086ad6844a34648df1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d3a83576378b4c904f711598dde2c5e881c4295c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/93be0eeea14cf39235e585c8f56df3b3859deaad" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e677ea5b7396f715a76b6b0ef441430e4c4b57f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b15fa9224e6e1239414525d8d556d824701849fc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ocfs2/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ac011cb3ff7a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4b74ddcc22ee", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "232ed9752510", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7623b1035ca2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d3a83576378b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "93be0eeea14c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0e677ea5b739", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b15fa9224e6e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ocfs2/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.253", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.214", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: mount fails with buffer overflow in strlen\n\nStarting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an\nocfs2 filesystem with either o2cb or pcmk cluster stack fails with the\ntrace below. Problem seems to be that strings for cluster stack and\ncluster name are not guaranteed to be null terminated in the disk\nrepresentation, while strlcpy assumes that the source string is always\nnull terminated. This causes a read outside of the source string\ntriggering the buffer overflow detection.\n\n detected buffer overflow in strlen\n ------------[ cut here ]------------\n kernel BUG at lib/string.c:1149!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1\n Debian 5.14.6-2\n RIP: 0010:fortify_panic+0xf/0x11\n ...\n Call Trace:\n ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]\n ocfs2_fill_super+0x359/0x19b0 [ocfs2]\n mount_bdev+0x185/0x1b0\n legacy_get_tree+0x27/0x40\n vfs_get_tree+0x25/0xb0\n path_mount+0x454/0xa20\n __x64_sys_mount+0x103/0x140\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:20.223Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb" }, { "url": "https://git.kernel.org/stable/c/4b74ddcc22ee6455946e80a9c4808801f8f8561e" }, { "url": "https://git.kernel.org/stable/c/232ed9752510de4436468b653d145565669c8498" }, { "url": "https://git.kernel.org/stable/c/7623b1035ca2d17bde0f6a086ad6844a34648df1" }, { "url": "https://git.kernel.org/stable/c/d3a83576378b4c904f711598dde2c5e881c4295c" }, { "url": "https://git.kernel.org/stable/c/93be0eeea14cf39235e585c8f56df3b3859deaad" }, { "url": "https://git.kernel.org/stable/c/0e677ea5b7396f715a76b6b0ef441430e4c4b57f" }, { "url": "https://git.kernel.org/stable/c/b15fa9224e6e1239414525d8d556d824701849fc" } ], "title": "ocfs2: mount fails with buffer overflow in strlen", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47458", "datePublished": "2024-05-22T06:19:46.675Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:20.223Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52756
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-06-08T11:37:10.679Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52756", "datePublished": "2024-05-21T15:30:43.574Z", "dateRejected": "2024-06-08T11:37:10.679Z", "dateReserved": "2024-05-21T15:19:24.235Z", "dateUpdated": "2024-06-08T11:37:10.679Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52872
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52872", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:43:05.660039Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T15:02:28.263Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.237Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/81a4dd5e6c78f5d8952fa8c9d36565db1fe01444" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df6cfab66ff2a44bd23ad5dd5309cb3421bb6593" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/19d34b73234af542cc8a218cf398dee73cdb1890" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ce4df90333c4fe65acb8b5089fdfe9b955ce976a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a75b205de43365f80a33b98ec9289785da56243" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/n_gsm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "81a4dd5e6c78", "status": "affected", "version": "dd37f6573878", "versionType": "git" }, { "lessThan": "df6cfab66ff2", "status": "affected", "version": "c568f7086c6e", "versionType": "git" }, { "lessThan": "19d34b73234a", "status": "affected", "version": "c568f7086c6e", "versionType": "git" }, { "lessThan": "ce4df90333c4", "status": "affected", "version": "c568f7086c6e", "versionType": "git" }, { "lessThan": "3a75b205de43", "status": "affected", "version": "c568f7086c6e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/n_gsm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.138", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.62", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.11", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.1", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix race condition in status line change on dead connections\n\ngsm_cleanup_mux() cleans up the gsm by closing all DLCIs, stopping all\ntimers, removing the virtual tty devices and clearing the data queues.\nThis procedure, however, may cause subsequent changes of the virtual modem\nstatus lines of a DLCI. More data is being added the outgoing data queue\nand the deleted kick timer is restarted to handle this. At this point many\nresources have already been removed by the cleanup procedure. Thus, a\nkernel panic occurs.\n\nFix this by proving in gsm_modem_update() that the cleanup procedure has\nnot been started and the mux is still alive.\n\nNote that writing to a virtual tty is already protected by checks against\nthe DLCI specific connection state." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:18.407Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/81a4dd5e6c78f5d8952fa8c9d36565db1fe01444" }, { "url": "https://git.kernel.org/stable/c/df6cfab66ff2a44bd23ad5dd5309cb3421bb6593" }, { "url": "https://git.kernel.org/stable/c/19d34b73234af542cc8a218cf398dee73cdb1890" }, { "url": "https://git.kernel.org/stable/c/ce4df90333c4fe65acb8b5089fdfe9b955ce976a" }, { "url": "https://git.kernel.org/stable/c/3a75b205de43365f80a33b98ec9289785da56243" } ], "title": "tty: n_gsm: fix race condition in status line change on dead connections", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52872", "datePublished": "2024-05-21T15:32:06.610Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-06T15:02:28.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47405
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.329Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47405", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:38:03.910355Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:57.407Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/usbhid/hid-core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7ce4e4914661", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "efc5c8d29256", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c3156fea4d8a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "764ac04de056", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "965147067fa1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f7ac4d24e161", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2b704864c92d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f7744fa16b96", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/usbhid/hid-core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.286", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.285", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.249", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.209", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.151", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: free raw_report buffers in usbhid_stop\n\nFree the unsent raw_report buffers when the device is removed.\n\nFixes a memory leak reported by syzbot at:\nhttps://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:17.800Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030" }, { "url": "https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f" }, { "url": "https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae" }, { "url": "https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b" }, { "url": "https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3" }, { "url": "https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f" }, { "url": "https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81" }, { "url": "https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de" } ], "title": "HID: usbhid: free raw_report buffers in usbhid_stop", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47405", "datePublished": "2024-05-21T15:03:58.680Z", "dateReserved": "2024-05-21T14:58:30.816Z", "dateUpdated": "2024-11-04T12:05:17.800Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47234
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47234", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:51:08.789493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:12.606Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:07.418Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6472955af5e88b5489b6d78316082ad56ea3e489" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aaac9a1bd370338ce372669eb9a6059d16b929aa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/phy/mediatek/phy-mtk-tphy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9a1790794623", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6472955af5e8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "aaac9a1bd370", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/phy/mediatek/phy-mtk-tphy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.46", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()\n\nUse clk_disable_unprepare() in the error path of mtk_phy_init() to fix\nsome resource leaks." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:02:00.644Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425" }, { "url": "https://git.kernel.org/stable/c/6472955af5e88b5489b6d78316082ad56ea3e489" }, { "url": "https://git.kernel.org/stable/c/aaac9a1bd370338ce372669eb9a6059d16b929aa" } ], "title": "phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47234", "datePublished": "2024-05-21T14:19:36.414Z", "dateReserved": "2024-04-10T18:59:19.530Z", "dateUpdated": "2024-11-04T12:02:00.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52771
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52771", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:49:27.742644Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T21:33:44.767Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/37179fcc916bce8c3cc7b36d67ef814cce55142b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6b2e428e673b3f55965674a426c40922e91388aa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/cxl/core/port.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "37179fcc916b", "status": "affected", "version": "8dd2bc0f8e02", "versionType": "git" }, { "lessThan": "6b2e428e673b", "status": "affected", "version": "8dd2bc0f8e02", "versionType": "git" }, { "lessThan": "8d2ad999ca3c", "status": "affected", "version": "8dd2bc0f8e02", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/cxl/core/port.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.18" }, { "lessThan": "5.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix delete_endpoint() vs parent unregistration race\n\nThe CXL subsystem, at cxl_mem -\u003eprobe() time, establishes a lineage of\nports (struct cxl_port objects) between an endpoint and the root of a\nCXL topology. Each port including the endpoint port is attached to the\ncxl_port driver.\n\nGiven that setup, it follows that when either any port in that lineage\ngoes through a cxl_port -\u003eremove() event, or the memdev goes through a\ncxl_mem -\u003eremove() event. The hierarchy below the removed port, or the\nentire hierarchy if the memdev is removed needs to come down.\n\nThe delete_endpoint() callback is careful to check whether it is being\ncalled to tear down the hierarchy, or if it is only being called to\nteardown the memdev because an ancestor port is going through\n-\u003eremove().\n\nThat care needs to take the device_lock() of the endpoint\u0027s parent.\nWhich requires 2 bugs to be fixed:\n\n1/ A reference on the parent is needed to prevent use-after-free\n scenarios like this signature:\n\n BUG: spinlock bad magic on CPU#0, kworker/u56:0/11\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20230524-3.fc38 05/24/2023\n Workqueue: cxl_port detach_memdev [cxl_core]\n RIP: 0010:spin_bug+0x65/0xa0\n Call Trace:\n do_raw_spin_lock+0x69/0xa0\n __mutex_lock+0x695/0xb80\n delete_endpoint+0xad/0x150 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n detach_memdev+0x15/0x20 [cxl_core]\n process_one_work+0x1e3/0x4c0\n worker_thread+0x1dd/0x3d0\n\n2/ In the case of RCH topologies, the parent device that needs to be\n locked is not always @port-\u003edev as returned by cxl_mem_find_port(), use\n endpoint-\u003edev.parent instead." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:23.113Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/37179fcc916bce8c3cc7b36d67ef814cce55142b" }, { "url": "https://git.kernel.org/stable/c/6b2e428e673b3f55965674a426c40922e91388aa" }, { "url": "https://git.kernel.org/stable/c/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708" } ], "title": "cxl/port: Fix delete_endpoint() vs parent unregistration race", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52771", "datePublished": "2024-05-21T15:30:53.629Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-05T21:33:44.767Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52813
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52813", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:18:51.048604Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:13.216Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.058Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "crypto/pcrypt.c", "kernel/padata.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "fb2d3a50a8f2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "039fec48e062", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c9c133469730", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e97bf4ada7dd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "546c1796ad1e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c55fc098fd9d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e134f3aba98e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "372636debe85", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8f4f68e788c3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "crypto/pcrypt.c", "kernel/padata.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(\u0026wait-\u003ecompletion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst-\u003eflags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon\u0027t call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(\u0026wait-\u003ecompletion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel) |\n rcu_read_lock_bh(); |\n err = -EINVAL; | (padata_replace)\n | pinst-\u003eflags |= PADATA_RESET;\n err = -EBUSY |\n if (pinst-\u003eflags \u0026 PADATA_RESET) |\n rcu_read_unlock_bh() |\n return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:12.866Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818" }, { "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0" }, { "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7" }, { "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d" }, { "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316" }, { "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e" }, { "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf" }, { "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28" }, { "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523" } ], "title": "crypto: pcrypt - Fix hungtask for PADATA_RESET", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52813", "datePublished": "2024-05-21T15:31:21.604Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:12.866Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52847
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52847", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T19:17:00.085705Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-18T19:41:06.842Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.080Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bbc3b8dd2cb7817e703f112d988e4f4728f0f2a9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b35fdade92c5058a5e727e233fe263b828de2c9a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2f3d9198cdae1cb079ec8652f4defacd481eab2b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/51c94256a83fe4e17406c66ff3e1ad7d242d8574" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/20568d06f6069cb835e05eed432edf962645d226" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1871014d6ef4812ad11ef7d838d73ce09d632267" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/847599fffa528b2cdec4e21b6bf7586dad982132" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bd5b50b329e850d467e7bcc07b2b6bde3752fbda" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/pci/bt8xx/bttv-driver.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bbc3b8dd2cb7", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "b35fdade92c5", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "2f3d9198cdae", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "51c94256a83f", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "20568d06f606", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "1871014d6ef4", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "847599fffa52", "status": "affected", "version": "162e6376ac58", "versionType": "git" }, { "lessThan": "bd5b50b329e8", "status": "affected", "version": "162e6376ac58", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/pci/bt8xx/bttv-driver.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0 cpu1\n bttv_probe\n -\u003etimer_setup\n -\u003ebttv_set_dma\n -\u003emod_timer;\nbttv_remove\n -\u003ekfree(btv);\n -\u003ebttv_irq_timeout\n -\u003eUSE btv" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:47.046Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bbc3b8dd2cb7817e703f112d988e4f4728f0f2a9" }, { "url": "https://git.kernel.org/stable/c/b35fdade92c5058a5e727e233fe263b828de2c9a" }, { "url": "https://git.kernel.org/stable/c/2f3d9198cdae1cb079ec8652f4defacd481eab2b" }, { "url": "https://git.kernel.org/stable/c/51c94256a83fe4e17406c66ff3e1ad7d242d8574" }, { "url": "https://git.kernel.org/stable/c/20568d06f6069cb835e05eed432edf962645d226" }, { "url": "https://git.kernel.org/stable/c/1871014d6ef4812ad11ef7d838d73ce09d632267" }, { "url": "https://git.kernel.org/stable/c/847599fffa528b2cdec4e21b6bf7586dad982132" }, { "url": "https://git.kernel.org/stable/c/bd5b50b329e850d467e7bcc07b2b6bde3752fbda" } ], "title": "media: bttv: fix use after free error due to btv-\u003etimeout timer", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52847", "datePublished": "2024-05-21T15:31:44.513Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:47.046Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48709
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-48709", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:28:35.234316Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:16:42.951Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T15:17:55.857Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_switch.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "47f4ff6f23f0", "status": "affected", "version": "8b032a55c1bd", "versionType": "git" }, { "lessThan": "4a606ce68426", "status": "affected", "version": "8b032a55c1bd", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_switch.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.16" }, { "lessThan": "5.16", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: switch: fix potential memleak in ice_add_adv_recipe()\n\nWhen ice_add_special_words() fails, the \u0027rm\u0027 is not released, which will\nlead to a memory leak. Fix this up by going to \u0027err_unroll\u0027 label.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:14:59.462Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/47f4ff6f23f00f5501ff2d7054c1a37c170a7aa0" }, { "url": "https://git.kernel.org/stable/c/4a606ce68426c88ff2563382b33cc34f3485fe57" } ], "title": "ice: switch: fix potential memleak in ice_add_adv_recipe()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2022-48709", "datePublished": "2024-05-21T15:22:50.054Z", "dateReserved": "2024-05-03T14:55:07.148Z", "dateUpdated": "2024-11-04T12:14:59.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52851
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52851", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:56:10.534699Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:32.402Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.176Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/437f033e30c897bb3723eac9e9003cd9f88d00a3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4f4a7a7d1404297f2a92df0046f7e64dc5c52dd9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6387f269d84e6e149499408c4d1fc805017729b2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2ef422f063b74adcc4a4a9004b0a87bb55e0a836" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/mlx5/main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "437f033e30c8", "status": "affected", "version": "04876c12c19e", "versionType": "git" }, { "lessThan": "4f4a7a7d1404", "status": "affected", "version": "04876c12c19e", "versionType": "git" }, { "lessThan": "6387f269d84e", "status": "affected", "version": "04876c12c19e", "versionType": "git" }, { "lessThan": "2ef422f063b7", "status": "affected", "version": "04876c12c19e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/mlx5/main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF\n\nIn the unlikely event that workqueue allocation fails and returns NULL in\nmlx5_mkey_cache_init(), delete the call to\nmlx5r_umr_resource_cleanup() (which frees the QP) in\nmlx5_ib_stage_post_ib_reg_umr_init(). This will avoid attempted double\nfree of the same QP when __mlx5_ib_add() does its cleanup.\n\nResolves a splat:\n\n Syzkaller reported a UAF in ib_destroy_qp_user\n\n workqueue: Failed to create a rescuer kthread for wq \"mkey_cache\": -EINTR\n infiniband mlx5_0: mlx5_mkey_cache_init:981:(pid 1642):\n failed to create work queue\n infiniband mlx5_0: mlx5_ib_stage_post_ib_reg_umr_init:4075:(pid 1642):\n mr cache init failed -12\n ==================================================================\n BUG: KASAN: slab-use-after-free in ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n Read of size 8 at addr ffff88810da310a8 by task repro_upstream/1642\n\n Call Trace:\n \u003cTASK\u003e\n kasan_report (mm/kasan/report.c:590)\n ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4178)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ...\n \u003c/TASK\u003e\n\n Allocated by task 1642:\n __kmalloc (./include/linux/kasan.h:198 mm/slab_common.c:1026\n mm/slab_common.c:1039)\n create_qp (./include/linux/slab.h:603 ./include/linux/slab.h:720\n ./include/rdma/ib_verbs.h:2795 drivers/infiniband/core/verbs.c:1209)\n ib_create_qp_kernel (drivers/infiniband/core/verbs.c:1347)\n mlx5r_umr_resource_init (drivers/infiniband/hw/mlx5/umr.c:164)\n mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4070)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ...\n\n Freed by task 1642:\n __kmem_cache_free (mm/slub.c:1826 mm/slub.c:3809 mm/slub.c:3822)\n ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2112)\n mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4076\n drivers/infiniband/hw/mlx5/main.c:4065)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ..." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:51.827Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/437f033e30c897bb3723eac9e9003cd9f88d00a3" }, { "url": "https://git.kernel.org/stable/c/4f4a7a7d1404297f2a92df0046f7e64dc5c52dd9" }, { "url": "https://git.kernel.org/stable/c/6387f269d84e6e149499408c4d1fc805017729b2" }, { "url": "https://git.kernel.org/stable/c/2ef422f063b74adcc4a4a9004b0a87bb55e0a836" } ], "title": "IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52851", "datePublished": "2024-05-21T15:31:47.220Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:51.827Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52747
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.817Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52747", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:25.655553Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:33.803Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/hfi1/file_ops.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "00d9e212b8a3", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" }, { "lessThan": "7896accedf5b", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" }, { "lessThan": "79b595d95914", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" }, { "lessThan": "9bae58d58b6b", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" }, { "lessThan": "0a4f811f2e5d", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" }, { "lessThan": "6601fc0d15ff", "status": "affected", "version": "f404ca4c7ea8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/hfi1/file_ops.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Restore allocated resources on failed copyout\n\nFix a resource leak if an error occurs." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:55.787Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45" }, { "url": "https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321" }, { "url": "https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef" }, { "url": "https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12" }, { "url": "https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae" }, { "url": "https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68" } ], "title": "IB/hfi1: Restore allocated resources on failed copyout", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52747", "datePublished": "2024-05-21T15:23:07.916Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:51:55.787Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52759
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52759", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:42:27.384958Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:47.464Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.888Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/gfs2/quota.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1c28dace6601", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b4deec69fe32", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2bb42a27a92f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2a054b87a1b7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5bfda356e903", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "53fc16c1ad84", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "212f112fe5e9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "119565e566f9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "50e33567bc4a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4c6a08125f22", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/gfs2/quota.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.57", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: ignore negated quota changes\n\nWhen lots of quota changes are made, there may be cases in which an\ninode\u0027s quota information is increased and then decreased, such as when\nblocks are added to a file, then deleted from it. If the timing is\nright, function do_qc can add pending quota changes to a transaction,\nthen later, another call to do_qc can negate those changes, resulting\nin a net gain of 0. The quota_change information is recorded in the qc\nbuffer (and qd element of the inode as well). The buffer is added to the\ntransaction by the first call to do_qc, but a subsequent call changes\nthe value from non-zero back to zero. At that point it\u0027s too late to\nremove the buffer_head from the transaction. Later, when the quota sync\ncode is called, the zero-change qd element is discovered and flagged as\nan assert warning. If the fs is mounted with errors=panic, the kernel\nwill panic.\n\nThis is usually seen when files are truncated and the quota changes are\nnegated by punch_hole/truncate which uses gfs2_quota_hold and\ngfs2_quota_unhold rather than block allocations that use gfs2_quota_lock\nand gfs2_quota_unlock which automatically do quota sync.\n\nThis patch solves the problem by adding a check to qd_check_sync such\nthat net-zero quota changes already added to the transaction are no\nlonger deemed necessary to be synced, and skipped.\n\nIn this case references are taken for the qd and the slot from do_qc\nso those need to be put. The normal sequence of events for a normal\nnon-zero quota change is as follows:\n\ngfs2_quota_change\n do_qc\n qd_hold\n slot_hold\n\nLater, when the changes are to be synced:\n\ngfs2_quota_sync\n qd_fish\n qd_check_sync\n gets qd ref via lockref_get_not_dead\n do_sync\n do_qc(QC_SYNC)\n qd_put\n\t lockref_put_or_lock\n qd_unlock\n qd_put\n lockref_put_or_lock\n\nIn the net-zero change case, we add a check to qd_check_sync so it puts\nthe qd and slot references acquired in gfs2_quota_change and skip the\nunneeded sync." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:08.262Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4" }, { "url": "https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561" }, { "url": "https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2" }, { "url": "https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae" }, { "url": "https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3" }, { "url": "https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3" }, { "url": "https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c" }, { "url": "https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b" }, { "url": "https://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848" }, { "url": "https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5" } ], "title": "gfs2: ignore negated quota changes", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52759", "datePublished": "2024-05-21T15:30:45.773Z", "dateReserved": "2024-05-21T15:19:24.237Z", "dateUpdated": "2024-11-04T14:52:08.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52762
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.550Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52762", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:09.603259Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:55.655Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/block/virtio_blk.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "72775cad7f57", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "472bd4787406", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "017278f14114", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d667fe301dcb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fafb51a67fb8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/block/virtio_blk.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:11.878Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b" }, { "url": "https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48" }, { "url": "https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9" }, { "url": "https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90" }, { "url": "https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be" } ], "title": "virtio-blk: fix implicit overflow on virtio_max_dma_size", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52762", "datePublished": "2024-05-21T15:30:47.724Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:11.878Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52795
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52795", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:45:54.468862Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:53.184Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.679Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/vhost/vdpa.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c0f8b8fb7df9", "status": "affected", "version": "ebe6a354fa7e", "versionType": "git" }, { "lessThan": "ae8ea4e20067", "status": "affected", "version": "ebe6a354fa7e", "versionType": "git" }, { "lessThan": "bf04132cd64c", "status": "affected", "version": "ebe6a354fa7e", "versionType": "git" }, { "lessThan": "e07754e0a1ea", "status": "affected", "version": "ebe6a354fa7e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/vhost/vdpa.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\". So this call to\nida_simple_remove() is a use after free and a double free." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:52.450Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111" }, { "url": "https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c" }, { "url": "https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f" }, { "url": "https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343" } ], "title": "vhost-vdpa: fix use after free in vhost_vdpa_probe()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52795", "datePublished": "2024-05-21T15:31:09.623Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-04T14:52:52.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47377
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-28T19:02:12.595Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47377", "datePublished": "2024-05-21T15:03:40.389Z", "dateRejected": "2024-05-28T19:02:12.595Z", "dateReserved": "2024-05-21T14:58:30.811Z", "dateUpdated": "2024-05-28T19:02:12.595Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52703
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52703", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:57:22.463182Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T16:41:20.808Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1b5de7d44890b78519acbcc80d8d1f23ff2872e5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/723ef7b66f37c0841f5a451ccbce47ee1641e081" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a753352622b4f3c0219e0e9c73114b2848ae6042" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/525bdcb0838d19d918c7786151ee14661967a030" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/338f826d3afead6e4df521f7972a4bef04a72efb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/02df3170c04a8356cd571ab9155a42f030190abc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c68f345b7c425b38656e1791a0486769a8797016" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/usb/kalmia.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1b5de7d44890", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "723ef7b66f37", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "a753352622b4", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "525bdcb0838d", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "338f826d3afe", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "02df3170c04a", "status": "affected", "version": "d40261236e8e", "versionType": "git" }, { "lessThan": "c68f345b7c42", "status": "affected", "version": "d40261236e8e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/usb/kalmia.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.0" }, { "lessThan": "3.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.306", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path\n\nsyzbot reported that act_len in kalmia_send_init_packet() is\nuninitialized when passing it to the first usb_bulk_msg error path. Jiri\nPirko noted that it\u0027s pointless to pass it in the error path, and that\nthe value that would be printed in the second error path would be the\nvalue of act_len from the first call to usb_bulk_msg.[1]\n\nWith this in mind, let\u0027s just not pass act_len to the usb_bulk_msg error\npaths.\n\n1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:29.319Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1b5de7d44890b78519acbcc80d8d1f23ff2872e5" }, { "url": "https://git.kernel.org/stable/c/723ef7b66f37c0841f5a451ccbce47ee1641e081" }, { "url": "https://git.kernel.org/stable/c/a753352622b4f3c0219e0e9c73114b2848ae6042" }, { "url": "https://git.kernel.org/stable/c/525bdcb0838d19d918c7786151ee14661967a030" }, { "url": "https://git.kernel.org/stable/c/338f826d3afead6e4df521f7972a4bef04a72efb" }, { "url": "https://git.kernel.org/stable/c/02df3170c04a8356cd571ab9155a42f030190abc" }, { "url": "https://git.kernel.org/stable/c/c68f345b7c425b38656e1791a0486769a8797016" } ], "title": "net/usb: kalmia: Don\u0027t pass act_len in usb_bulk_msg error path", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52703", "datePublished": "2024-05-21T15:22:52.687Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-07T16:41:20.808Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52739
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0a626e27f984dfbe96bd8e4fd08f20a2ede3ea23" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3af734f3eac6f70ef8e272a80da40544b9d0f2b5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3b4c045a98f53a8890a94bb5846a390c8e39e673" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/462a8e08e0e6287e5ce13187257edbf24213ed03" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52739", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:31.888561Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:35.029Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/page_alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0a626e27f984", "status": "affected", "version": "e320d3012d25", "versionType": "git" }, { "lessThan": "3af734f3eac6", "status": "affected", "version": "e320d3012d25", "versionType": "git" }, { "lessThan": "3b4c045a98f5", "status": "affected", "version": "e320d3012d25", "versionType": "git" }, { "lessThan": "462a8e08e0e6", "status": "affected", "version": "e320d3012d25", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/page_alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nFix page corruption caused by racy check in __free_pages\n\nWhen we upgraded our kernel, we started seeing some page corruption like\nthe following consistently:\n\n BUG: Bad page state in process ganesha.nfsd pfn:1304ca\n page:0000000022261c55 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1304ca\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 ffff8a513ffd4c98 ffffeee24b35ec08 0000000000000000\n raw: 0000000000000000 0000000000000001 00000000ffffff7f 0000000000000000\n page dumped because: nonzero mapcount\n CPU: 0 PID: 15567 Comm: ganesha.nfsd Kdump: loaded Tainted: P B O 5.10.158-1.nutanix.20221209.el7.x86_64 #1\n Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 04/05/2016\n Call Trace:\n dump_stack+0x74/0x96\n bad_page.cold+0x63/0x94\n check_new_page_bad+0x6d/0x80\n rmqueue+0x46e/0x970\n get_page_from_freelist+0xcb/0x3f0\n ? _cond_resched+0x19/0x40\n __alloc_pages_nodemask+0x164/0x300\n alloc_pages_current+0x87/0xf0\n skb_page_frag_refill+0x84/0x110\n ...\n\nSometimes, it would also show up as corruption in the free list pointer\nand cause crashes.\n\nAfter bisecting the issue, we found the issue started from commit\ne320d3012d25 (\"mm/page_alloc.c: fix freeing non-compound pages\"):\n\n\tif (put_page_testzero(page))\n\t\tfree_the_page(page, order);\n\telse if (!PageHead(page))\n\t\twhile (order-- \u003e 0)\n\t\t\tfree_the_page(page + (1 \u003c\u003c order), order);\n\nSo the problem is the check PageHead is racy because at this point we\nalready dropped our reference to the page. So even if we came in with\ncompound page, the page can already be freed and PageHead can return\nfalse and we will end up freeing all the tail pages causing double free." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:46.353Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0a626e27f984dfbe96bd8e4fd08f20a2ede3ea23" }, { "url": "https://git.kernel.org/stable/c/3af734f3eac6f70ef8e272a80da40544b9d0f2b5" }, { "url": "https://git.kernel.org/stable/c/3b4c045a98f53a8890a94bb5846a390c8e39e673" }, { "url": "https://git.kernel.org/stable/c/462a8e08e0e6287e5ce13187257edbf24213ed03" } ], "title": "Fix page corruption caused by racy check in __free_pages", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52739", "datePublished": "2024-05-21T15:23:02.545Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:46.353Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52732
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52732", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:31:40.303033Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:22.758Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.612Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ceph/addr.c", "fs/ceph/caps.c", "fs/ceph/file.c", "fs/ceph/mds_client.c", "fs/ceph/snap.c", "fs/ceph/super.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "66ec619e4591", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a68e564adcaa", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ceph/addr.c", "fs/ceph/caps.c", "fs/ceph/file.c", "fs/ceph/mds_client.c", "fs/ceph/snap.c", "fs/ceph/super.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don\u0027t know what exactly has\nhappened in MDS side. And we shouldn\u0027t continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:39.075Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c" }, { "url": "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9" } ], "title": "ceph: blocklist the kclient when receiving corrupted snap trace", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52732", "datePublished": "2024-05-21T15:22:57.926Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:39.075Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52873
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52873", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:20:52.471859Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:59.912Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.108Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6779.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "fbe466f06d4e", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "3994387ba356", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "ca6d565a2319", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "df1c4a9efa3f", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "a90239551abc", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "f6a7c51cf07a", "status": "affected", "version": "710774e04861", "versionType": "git" }, { "lessThan": "1f57f78fbacf", "status": "affected", "version": "710774e04861", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6779.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:19.573Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/fbe466f06d4ea18745da0d57540539b7b36936ae" }, { "url": "https://git.kernel.org/stable/c/3994387ba3564976731179c4d4a6d7850ddda71a" }, { "url": "https://git.kernel.org/stable/c/ca6d565a2319d69d9766e6ecbb5af827fc4afb2b" }, { "url": "https://git.kernel.org/stable/c/df1c4a9efa3f5b6fb5e0ae63890230dbe2190b7e" }, { "url": "https://git.kernel.org/stable/c/a90239551abc181687f8c0ba60b276f7d75c141e" }, { "url": "https://git.kernel.org/stable/c/f6a7c51cf07a399ec067d39f0a22f1817c5c7d2b" }, { "url": "https://git.kernel.org/stable/c/1f57f78fbacf630430bf954e5a84caafdfea30c0" } ], "title": "clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52873", "datePublished": "2024-05-21T15:32:07.253Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:19.573Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52879
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52879", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T16:59:47.559597Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:30.864Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/linux/trace_events.h", "kernel/trace/trace.c", "kernel/trace/trace.h", "kernel/trace/trace_events.c", "kernel/trace/trace_events_filter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "961c4511c757", "status": "affected", "version": "e6807c873d87", "versionType": "git" }, { "lessThan": "a98172e36e5f", "status": "affected", "version": "407bf1c140f0", "versionType": "git" }, { "lessThan": "cbc7c29dff0f", "status": "affected", "version": "fa6d449e4d02", "versionType": "git" }, { "lessThan": "2fa74d29fc18", "status": "affected", "version": "a46bf337a20f", "versionType": "git" }, { "lessThan": "2c9de867ca28", "status": "affected", "version": "9beec0437013", "versionType": "git" }, { "lessThan": "9034c87d61be", "status": "affected", "version": "f5ca233e2e66", "versionType": "git" }, { "lessThan": "bb32500fb9b7", "status": "affected", "version": "f5ca233e2e66", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/linux/trace_events.h", "kernel/trace/trace.c", "kernel/trace/trace.h", "kernel/trace/trace_events.c", "kernel/trace/trace_events_filter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.6" }, { "lessThan": "6.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.1", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Have trace_event_file have ref counters\n\nThe following can crash the kernel:\n\n # cd /sys/kernel/tracing\n # echo \u0027p:sched schedule\u0027 \u003e kprobe_events\n # exec 5\u003e\u003eevents/kprobes/sched/enable\n # \u003e kprobe_events\n # exec 5\u003e\u0026-\n\nThe above commands:\n\n 1. Change directory to the tracefs directory\n 2. Create a kprobe event (doesn\u0027t matter what one)\n 3. Open bash file descriptor 5 on the enable file of the kprobe event\n 4. Delete the kprobe event (removes the files too)\n 5. Close the bash file descriptor 5\n\nThe above causes a crash!\n\n BUG: kernel NULL pointer dereference, address: 0000000000000028\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 6 PID: 877 Comm: bash Not tainted 6.5.0-rc4-test-00008-g2c6b6b1029d4-dirty #186\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n RIP: 0010:tracing_release_file_tr+0xc/0x50\n\nWhat happens here is that the kprobe event creates a trace_event_file\n\"file\" descriptor that represents the file in tracefs to the event. It\nmaintains state of the event (is it enabled for the given instance?).\nOpening the \"enable\" file gets a reference to the event \"file\" descriptor\nvia the open file descriptor. When the kprobe event is deleted, the file is\nalso deleted from the tracefs system which also frees the event \"file\"\ndescriptor.\n\nBut as the tracefs file is still opened by user space, it will not be\ntotally removed until the final dput() is called on it. But this is not\ntrue with the event \"file\" descriptor that is already freed. If the user\ndoes a write to or simply closes the file descriptor it will reference the\nevent \"file\" descriptor that was just freed, causing a use-after-free bug.\n\nTo solve this, add a ref count to the event \"file\" descriptor as well as a\nnew flag called \"FREED\". The \"file\" will not be freed until the last\nreference is released. But the FREE flag will be set when the event is\nremoved to prevent any more modifications to that event from happening,\neven if there\u0027s still a reference to the event \"file\" descriptor." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:27.196Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e" }, { "url": "https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f" }, { "url": "https://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0" }, { "url": "https://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976" }, { "url": "https://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706" }, { "url": "https://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d" }, { "url": "https://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4" } ], "title": "tracing: Have trace_event_file have ref counters", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52879", "datePublished": "2024-05-21T15:32:11.263Z", "dateReserved": "2024-05-21T15:19:24.265Z", "dateUpdated": "2024-11-04T14:54:27.196Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52870
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52870", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:46:17.967898Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T18:52:22.777Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6765.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2617aa8ceaf3", "status": "affected", "version": "1aca9939bf72", "versionType": "git" }, { "lessThan": "533ca5153ad6", "status": "affected", "version": "1aca9939bf72", "versionType": "git" }, { "lessThan": "dd1f30d68fa9", "status": "affected", "version": "1aca9939bf72", "versionType": "git" }, { "lessThan": "10cc81124407", "status": "affected", "version": "1aca9939bf72", "versionType": "git" }, { "lessThan": "b5ff3e89b4e7", "status": "affected", "version": "1aca9939bf72", "versionType": "git" }, { "lessThan": "b82681042724", "status": "affected", "version": "1aca9939bf72", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6765.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:15.935Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2617aa8ceaf30e41d3eb7f5fef3445542bef193a" }, { "url": "https://git.kernel.org/stable/c/533ca5153ad6c7b7d47ae0114b14d0333964b946" }, { "url": "https://git.kernel.org/stable/c/dd1f30d68fa98eb672c0a259297b761656a9025f" }, { "url": "https://git.kernel.org/stable/c/10cc81124407d862f0f747db4baa9c006510b480" }, { "url": "https://git.kernel.org/stable/c/b5ff3e89b4e7f46ad2aa0de7e08d18e6f87d71bc" }, { "url": "https://git.kernel.org/stable/c/b82681042724924ae3ba0f2f2eeec217fa31e830" } ], "title": "clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52870", "datePublished": "2024-05-21T15:31:59.836Z", "dateReserved": "2024-05-21T15:19:24.263Z", "dateUpdated": "2024-11-06T18:52:22.777Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52787
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52787", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:34:28.406298Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:03.186Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "block/blk-mq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b5c8e0ff76d1", "status": "affected", "version": "900e08075202", "versionType": "git" }, { "lessThan": "e9c309ded295", "status": "affected", "version": "900e08075202", "versionType": "git" }, { "lessThan": "b80056bd75a1", "status": "affected", "version": "900e08075202", "versionType": "git" }, { "lessThan": "b0077e269f6c", "status": "affected", "version": "900e08075202", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "block/blk-mq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.16" }, { "lessThan": "5.16", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.72", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: make sure active queue usage is held for bio_integrity_prep()\n\nblk_integrity_unregister() can come if queue usage counter isn\u0027t held\nfor one bio with integrity prepared, so this request may be completed with\ncalling profile-\u003ecomplete_fn, then kernel panic.\n\nAnother constraint is that bio_integrity_prep() needs to be called\nbefore bio merge.\n\nFix the issue by:\n\n- call bio_integrity_prep() with one queue usage counter grabbed reliably\n\n- call bio_integrity_prep() before bio merge" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:44.063Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9" }, { "url": "https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78" }, { "url": "https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf" }, { "url": "https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab" } ], "title": "blk-mq: make sure active queue usage is held for bio_integrity_prep()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52787", "datePublished": "2024-05-21T15:31:04.343Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:44.063Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52843
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52843", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:39.566045Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:04:29.081Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/900a4418e3f66a32db6baaf23f92b99c20ae6535" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9a3f9054a5227d7567cba1fb821df48ccecad10c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cbdcdf42d15dac74c7287679fb2a9d955f8feb1f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a2653828ffc6101aef80bf58d5b77484239f779" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/352887b3edd007cf9b0abc30fe9d98622acd859b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f980e9a57dfb9530f1f4ee41a2420f2a256d7b29" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0a720d0259ad3521ec6c9e4199f9f6fc75bac77a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ff5cb6a4f0c6d7fbdc84858323fb4b7af32cfd79" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b3ba18703a63f6fd487183b9262b08e5632da1b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/llc/llc_input.c", "net/llc/llc_s_ac.c", "net/llc/llc_station.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "900a4418e3f6", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "9a3f9054a522", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "cbdcdf42d15d", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "3a2653828ffc", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "352887b3edd0", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "f980e9a57dfb", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "0a720d0259ad", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "ff5cb6a4f0c6", "status": "affected", "version": "f83f1768f833", "versionType": "git" }, { "lessThan": "7b3ba18703a6", "status": "affected", "version": "f83f1768f833", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/llc/llc_input.c", "net/llc/llc_s_ac.c", "net/llc/llc_station.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.25" }, { "lessThan": "2.6.25", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n netif_receive_skb_internal net/core/dev.c:5723 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:42.228Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/900a4418e3f66a32db6baaf23f92b99c20ae6535" }, { "url": "https://git.kernel.org/stable/c/9a3f9054a5227d7567cba1fb821df48ccecad10c" }, { "url": "https://git.kernel.org/stable/c/cbdcdf42d15dac74c7287679fb2a9d955f8feb1f" }, { "url": "https://git.kernel.org/stable/c/3a2653828ffc6101aef80bf58d5b77484239f779" }, { "url": "https://git.kernel.org/stable/c/352887b3edd007cf9b0abc30fe9d98622acd859b" }, { "url": "https://git.kernel.org/stable/c/f980e9a57dfb9530f1f4ee41a2420f2a256d7b29" }, { "url": "https://git.kernel.org/stable/c/0a720d0259ad3521ec6c9e4199f9f6fc75bac77a" }, { "url": "https://git.kernel.org/stable/c/ff5cb6a4f0c6d7fbdc84858323fb4b7af32cfd79" }, { "url": "https://git.kernel.org/stable/c/7b3ba18703a63f6fd487183b9262b08e5632da1b" } ], "title": "llc: verify mac len before reading mac header", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52843", "datePublished": "2024-05-21T15:31:41.872Z", "dateReserved": "2024-05-21T15:19:24.254Z", "dateUpdated": "2024-11-04T14:53:42.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47485
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47485", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:45:08.968768Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:26.389Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.745Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/qib/qib_user_sdma.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bda41654b6e0", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "3f57c3f67fd9", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "60833707b968", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "73d2892148aa", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "0f8cdfff0682", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "c3e17e58f571", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "0d4395477741", "status": "affected", "version": "f931551bafe1", "versionType": "git" }, { "lessThan": "d39bf40e55e6", "status": "affected", "version": "f931551bafe1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/qib/qib_user_sdma.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.35" }, { "lessThan": "2.6.35", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.216", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:50.705Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0" }, { "url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad" }, { "url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d" }, { "url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42" }, { "url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724" }, { "url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780" }, { "url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952" }, { "url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be" } ], "title": "IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47485", "datePublished": "2024-05-22T08:19:36.158Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:50.705Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52855
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52855", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:15:57.421865Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T14:51:47.408Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.070Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/dwc2/hcd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "14c9ec34e811", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "fed492aa6493", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "64c47749fc75", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "bdb3dd409630", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "fcaafb574fc8", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "6b21a2272885", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "3e851a77a13c", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "a7bee9598afb", "status": "affected", "version": "33ad261aa62b", "versionType": "git" }, { "lessThan": "ef307bc6ef04", "status": "affected", "version": "33ad261aa62b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/dwc2/hcd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.2" }, { "lessThan": "4.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n ...\nout:\n spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:56.495Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72" }, { "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d" }, { "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e" }, { "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6" }, { "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001" }, { "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790" }, { "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d" }, { "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90" }, { "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6" } ], "title": "usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52855", "datePublished": "2024-05-21T15:31:49.909Z", "dateReserved": "2024-05-21T15:19:24.257Z", "dateUpdated": "2024-11-05T14:51:47.408Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47403
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "82a82340bab6" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "3.18" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.4.286" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.9.285" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.14.249" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "\t4.19.209" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.4.151" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.71" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.14.10" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47403", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:05:46.322377Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:29.725Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/ipack/devices/ipoctal.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "31398849b84e", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "c0adb5a947de", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "dde4c1429b97", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "9c5b77a7ffc9", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "3253c87e1e5b", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "7cea84867847", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "811178f296b1", "status": "affected", "version": "82a82340bab6", "versionType": "git" }, { "lessThan": "bb8a4fcb2136", "status": "affected", "version": "82a82340bab6", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/ipack/devices/ipoctal.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.18" }, { "lessThan": "3.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.286", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.285", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.249", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.209", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.151", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipack: ipoctal: fix module reference leak\n\nA reference to the carrier module was taken on every open but was only\nreleased once when the final reference to the tty struct was dropped.\n\nFix this by taking the module reference and initialising the tty driver\ndata when installing the tty." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:15.478Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a" }, { "url": "https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6" }, { "url": "https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b" }, { "url": "https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69" }, { "url": "https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666" }, { "url": "https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c" }, { "url": "https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562" }, { "url": "https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27" } ], "title": "ipack: ipoctal: fix module reference leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47403", "datePublished": "2024-05-21T15:03:57.344Z", "dateReserved": "2024-05-21T14:58:30.816Z", "dateUpdated": "2024-11-04T12:05:15.478Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52766
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52766", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:26:12.286527Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:28.810Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/i3c/master/mipi-i3c-hci/dma.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d23ad76f240c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8be39f66915b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7c2b91b30d74", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4c86cb2321bd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "45a832f989e5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/i3c/master/mipi-i3c-hci/dma.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:16.966Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d23ad76f240c0f597b7a9eb79905d246f27d40df" }, { "url": "https://git.kernel.org/stable/c/8be39f66915b40d26ea2c18ba84b5c3d5da6809b" }, { "url": "https://git.kernel.org/stable/c/7c2b91b30d74d7c407118ad72502d4ca28af1af6" }, { "url": "https://git.kernel.org/stable/c/4c86cb2321bd9c72d3b945ce7f747961beda8e65" }, { "url": "https://git.kernel.org/stable/c/45a832f989e520095429589d5b01b0c65da9b574" } ], "title": "i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52766", "datePublished": "2024-05-21T15:30:50.343Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:16.966Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52702
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52702", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T19:06:04.936886Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T19:06:29.409Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.071Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/openvswitch/meter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c0f65ee0a332", "status": "affected", "version": "c7c4c44c9a95", "versionType": "git" }, { "lessThan": "1563e998a938", "status": "affected", "version": "c7c4c44c9a95", "versionType": "git" }, { "lessThan": "e336a9e08618", "status": "affected", "version": "c7c4c44c9a95", "versionType": "git" }, { "lessThan": "2fa28f5c6fcb", "status": "affected", "version": "c7c4c44c9a95", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/openvswitch/meter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix possible memory leak in ovs_meter_cmd_set()\n\nold_meter needs to be free after it is detached regardless of whether\nthe new meter is successfully attached." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:27.761Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6" }, { "url": "https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536" }, { "url": "https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e" }, { "url": "https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5" } ], "title": "net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52702", "datePublished": "2024-05-21T15:22:52.017Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:27.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52736
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52736", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:05.495763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:38.920Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.525Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e909f5f2aa55a8f9aa6919cce08015cb0e8d4668" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/427ca2530da8dc61a42620d7113b05e187b6c2c0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87978e6ad45a16835cc58234451111091be3c59a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/pci/hda/hda_bind.c", "sound/pci/hda/hda_codec.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7fc4e7191eae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e909f5f2aa55", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "427ca2530da8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "87978e6ad45a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/pci/hda/hda_bind.c", "sound/pci/hda/hda_codec.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Do not unset preset when cleaning up codec\n\nSeveral functions that take part in codec\u0027s initialization and removal\nare re-used by ASoC codec drivers implementations. Drivers mimic the\nbehavior of hda_codec_driver_probe/remove() found in\nsound/pci/hda/hda_bind.c with their component-\u003eprobe/remove() instead.\n\nOne of the reasons for that is the expectation of\nsnd_hda_codec_device_new() to receive a valid pointer to an instance of\nstruct snd_card. This expectation can be met only once sound card\ncomponents probing commences.\n\nAs ASoC sound card may be unbound without codec device being actually\nremoved from the system, unsetting -\u003epreset in\nsnd_hda_codec_cleanup_for_unbind() interferes with module unload -\u003e load\nscenario causing null-ptr-deref. Preset is assigned only once, during\ndevice/driver matching whereas ASoC codec driver\u0027s module reloading may\noccur several times throughout the lifetime of an audio stack." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:42.616Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8" }, { "url": "https://git.kernel.org/stable/c/e909f5f2aa55a8f9aa6919cce08015cb0e8d4668" }, { "url": "https://git.kernel.org/stable/c/427ca2530da8dc61a42620d7113b05e187b6c2c0" }, { "url": "https://git.kernel.org/stable/c/87978e6ad45a16835cc58234451111091be3c59a" } ], "title": "ALSA: hda: Do not unset preset when cleaning up codec", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52736", "datePublished": "2024-05-21T15:23:00.572Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:42.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52740
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52740", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:15:22.000735Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:49.892Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/86f7e423933608d536015a0f2eb9e0338c1227e0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f097c24815e67909a1fcc2c605586d02babd673" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/interrupt.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "86f7e4239336", "status": "affected", "version": "13799748b957", "versionType": "git" }, { "lessThan": "6f097c24815e", "status": "affected", "version": "13799748b957", "versionType": "git" }, { "lessThan": "2ea31e2e62bb", "status": "affected", "version": "13799748b957", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/interrupt.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch\n\nThe RFI and STF security mitigation options can flip the\ninterrupt_exit_not_reentrant static branch condition concurrently with\nthe interrupt exit code which tests that branch.\n\nInterrupt exit tests this condition to set MSR[EE|RI] for exit, then\nagain in the case a soft-masked interrupt is found pending, to recover\nthe MSR so the interrupt can be replayed before attempting to exit\nagain. If the condition changes between these two tests, the MSR and irq\nsoft-mask state will become corrupted, leading to warnings and possible\ncrashes. For example, if the branch is initially true then false,\nMSR[EE] will be 0 but PACA_IRQ_HARD_DIS clear and EE may not get\nenabled, leading to warnings in irq_64.c." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:47.485Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/86f7e423933608d536015a0f2eb9e0338c1227e0" }, { "url": "https://git.kernel.org/stable/c/6f097c24815e67909a1fcc2c605586d02babd673" }, { "url": "https://git.kernel.org/stable/c/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1" } ], "title": "powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52740", "datePublished": "2024-05-21T15:23:03.201Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:47.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52871
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52871", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:17:57.620656Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:42.515Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/soc/qcom/llcc-qcom.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cc1a1dcb411f", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "5e5b85ea0f4b", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "995ee1e84e8d", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "f0ef883cae30", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "3565684309e5", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "1143bfb9b055", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" }, { "lessThan": "f1a1bc8775b2", "status": "affected", "version": "a3134fb09e0b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/soc/qcom/llcc-qcom.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.19" }, { "lessThan": "4.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:17.175Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cc1a1dcb411fe224f48553cfdcdfe6e61395b69c" }, { "url": "https://git.kernel.org/stable/c/5e5b85ea0f4bc484bfe4cc73ead51fa48d2366a0" }, { "url": "https://git.kernel.org/stable/c/995ee1e84e8db7fa5dcdde7dfe0bd7bb6f9bbb8c" }, { "url": "https://git.kernel.org/stable/c/f0ef883cae309bc5e8cdfcdbc1b4822732ce20a8" }, { "url": "https://git.kernel.org/stable/c/3565684309e54fa998ea27f37028d67cc3e1dff2" }, { "url": "https://git.kernel.org/stable/c/1143bfb9b055897975aeaea254da148e19524493" }, { "url": "https://git.kernel.org/stable/c/f1a1bc8775b26345aba2be278118999e7f661d3d" } ], "title": "soc: qcom: llcc: Handle a second device without data corruption", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52871", "datePublished": "2024-05-21T15:32:00.922Z", "dateReserved": "2024-05-21T15:19:24.263Z", "dateUpdated": "2024-11-04T14:54:17.175Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47420
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47420", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:26:39.842792Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:26:55.110Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7e5ce6029b627efb4a004746cfdc1eeff850e6eb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b072ef1215aca33186e3a10109e872e528a9e516" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7e5ce6029b62", "status": "affected", "version": "264fb4d332f5", "versionType": "git" }, { "lessThan": "b072ef1215ac", "status": "affected", "version": "264fb4d332f5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix a potential ttm-\u003esg memory leak\n\nMemory is allocated for ttm-\u003esg by kmalloc in kfd_mem_dmamap_userptr,\nbut isn\u0027t freed by kfree in kfd_mem_dmaunmap_userptr. Free it!" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:34.133Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7e5ce6029b627efb4a004746cfdc1eeff850e6eb" }, { "url": "https://git.kernel.org/stable/c/b072ef1215aca33186e3a10109e872e528a9e516" } ], "title": "drm/amdkfd: fix a potential ttm-\u003esg memory leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47420", "datePublished": "2024-05-21T15:04:08.635Z", "dateReserved": "2024-05-21T14:58:30.820Z", "dateUpdated": "2024-11-04T12:05:34.133Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52863
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52863", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:54:12.271284Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:25.382Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.245Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hwmon/axi-fan-control.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7d870088db48", "status": "affected", "version": "8412b410fa5e", "versionType": "git" }, { "lessThan": "b3e7eb23a6e9", "status": "affected", "version": "8412b410fa5e", "versionType": "git" }, { "lessThan": "33de53a27060", "status": "affected", "version": "8412b410fa5e", "versionType": "git" }, { "lessThan": "f62b89698478", "status": "affected", "version": "8412b410fa5e", "versionType": "git" }, { "lessThan": "c49f14cc1bb1", "status": "affected", "version": "8412b410fa5e", "versionType": "git" }, { "lessThan": "2a5b3370a1d9", "status": "affected", "version": "8412b410fa5e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hwmon/axi-fan-control.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (axi-fan-control) Fix possible NULL pointer dereference\n\naxi_fan_control_irq_handler(), dependent on the private\naxi_fan_control_data structure, might be called before the hwmon\ndevice is registered. That will cause an \"Unable to handle kernel\nNULL pointer dereference\" error." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:06.801Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a" }, { "url": "https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062" }, { "url": "https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105" }, { "url": "https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0" }, { "url": "https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb" }, { "url": "https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0" } ], "title": "hwmon: (axi-fan-control) Fix possible NULL pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52863", "datePublished": "2024-05-21T15:31:55.198Z", "dateReserved": "2024-05-21T15:19:24.261Z", "dateUpdated": "2024-11-04T14:54:06.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52734
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-28T19:06:48.152Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52734", "datePublished": "2024-05-21T15:22:59.252Z", "dateRejected": "2024-05-28T19:06:48.152Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-05-28T19:06:48.152Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47444
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47444", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:29:09.418657Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:53.878Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.303Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a7b45024f66f9ec769e8dbb1a51ae83cd05929c7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09f3946bb452918dbfb1982add56f9ffaae393dc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/97794170b696856483f74b47bfb6049780d2d3a0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/drm_edid.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a7b45024f66f", "status": "affected", "version": "e11f5bd8228f", "versionType": "git" }, { "lessThan": "09f3946bb452", "status": "affected", "version": "e11f5bd8228f", "versionType": "git" }, { "lessThan": "97794170b696", "status": "affected", "version": "e11f5bd8228f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/drm_edid.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read\n\nIn commit e11f5bd8228f (\"drm: Add support for DP 1.4 Compliance edid\ncorruption test\") the function connector_bad_edid() started assuming\nthat the memory for the EDID passed to it was big enough to hold\n`edid[0x7e] + 1` blocks of data (1 extra for the base block). It\ncompletely ignored the fact that the function was passed `num_blocks`\nwhich indicated how much memory had been allocated for the EDID.\n\nLet\u0027s fix this by adding a bounds check.\n\nThis is important for handling the case where there\u0027s an error in the\nfirst block of the EDID. In that case we will call\nconnector_bad_edid() without having re-allocated memory based on\n`edid[0x7e]`." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:01.384Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a7b45024f66f9ec769e8dbb1a51ae83cd05929c7" }, { "url": "https://git.kernel.org/stable/c/09f3946bb452918dbfb1982add56f9ffaae393dc" }, { "url": "https://git.kernel.org/stable/c/97794170b696856483f74b47bfb6049780d2d3a0" } ], "title": "drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47444", "datePublished": "2024-05-22T06:19:37.533Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:01.384Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47469
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47469", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:27.288931Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:03:45.404Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/spi/spi.c", "include/linux/spi/spi.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "aa3f3d7bef59", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c8dce228db6f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "722ef19a161c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6098475d4cb4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/spi/spi.c", "include/linux/spi/spi.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.286", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.230", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix deadlock when adding SPI controllers on SPI buses\n\nCurrently we have a global spi_add_lock which we take when adding new\ndevices so that we can check that we\u0027re not trying to reuse a chip\nselect that\u0027s already controlled. This means that if the SPI device is\nitself a SPI controller and triggers the instantiation of further SPI\ndevices we trigger a deadlock as we try to register and instantiate\nthose devices while in the process of doing so for the parent controller\nand hence already holding the global spi_add_lock. Since we only care\nabout concurrency within a single SPI bus move the lock to be per\ncontroller, avoiding the deadlock.\n\nThis can be easily triggered in the case of spi-mux." } ], "providerMetadata": { "dateUpdated": "2024-11-17T15:02:35.197Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/aa3f3d7bef59583f2d3234173105a27ff61ef8fe" }, { "url": "https://git.kernel.org/stable/c/c8dce228db6f81dbc897a018dfc5c418e917cf64" }, { "url": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd" }, { "url": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0" } ], "title": "spi: Fix deadlock when adding SPI controllers on SPI buses", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47469", "datePublished": "2024-05-22T06:23:27.629Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-17T15:02:35.197Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47423
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47423", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:29:52.464224Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:23.519Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df0c9418923679bc6d0060bdb1b5bf2c755159e0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9f9d4c88b2edc7924e19c44909cfc3fa4e4d3d43" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1508b09945bde393326a9dab73b1fc35f672d771" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/11cd944bb87d9e575b94c07c952105eda745b459" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f69556a42043b5444ca712ee889829ba89fdcba8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88c3610045ca6e699331b6bb5c095c5565f30721" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f5a8703a9c418c6fc54eb772712dfe7641e3991c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/nouveau/nouveau_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "df0c94189236", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "9f9d4c88b2ed", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "1508b09945bd", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "11cd944bb87d", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "f69556a42043", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "88c3610045ca", "status": "affected", "version": "6e9fc177399f", "versionType": "git" }, { "lessThan": "f5a8703a9c41", "status": "affected", "version": "6e9fc177399f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/nouveau/nouveau_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.5" }, { "lessThan": "4.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.287", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.251", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.211", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/debugfs: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:37.647Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/df0c9418923679bc6d0060bdb1b5bf2c755159e0" }, { "url": "https://git.kernel.org/stable/c/9f9d4c88b2edc7924e19c44909cfc3fa4e4d3d43" }, { "url": "https://git.kernel.org/stable/c/1508b09945bde393326a9dab73b1fc35f672d771" }, { "url": "https://git.kernel.org/stable/c/11cd944bb87d9e575b94c07c952105eda745b459" }, { "url": "https://git.kernel.org/stable/c/f69556a42043b5444ca712ee889829ba89fdcba8" }, { "url": "https://git.kernel.org/stable/c/88c3610045ca6e699331b6bb5c095c5565f30721" }, { "url": "https://git.kernel.org/stable/c/f5a8703a9c418c6fc54eb772712dfe7641e3991c" } ], "title": "drm/nouveau/debugfs: fix file release memory leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47423", "datePublished": "2024-05-21T15:04:10.611Z", "dateReserved": "2024-05-21T14:58:30.820Z", "dateUpdated": "2024-11-04T12:05:37.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52874
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.236Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2191950d35d8f81620ea8d4e04d983f664fe3a8a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/de4c5bacca4f50233f1f791bec9eeb4dee1b14cd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5d092b66119d774853cc9308522620299048a662" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52874", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:24.980070Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.047Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/x86/coco/tdx/tdcall.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2191950d35d8", "status": "affected", "version": "7a3a401874be", "versionType": "git" }, { "lessThan": "de4c5bacca4f", "status": "affected", "version": "7a3a401874be", "versionType": "git" }, { "lessThan": "5d092b66119d", "status": "affected", "version": "7a3a401874be", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/x86/coco/tdx/tdcall.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.4" }, { "lessThan": "6.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro\n\nIn the TDX_HYPERCALL asm, after the TDCALL instruction returns from the\nuntrusted VMM, the registers that the TDX guest shares to the VMM need\nto be cleared to avoid speculative execution of VMM-provided values.\n\nRSI is specified in the bitmap of those registers, but it is missing\nwhen zeroing out those registers in the current TDX_HYPERCALL.\n\nIt was there when it was originally added in commit 752d13305c78\n(\"x86/tdx: Expand __tdx_hypercall() to handle more arguments\"), but was\nlater removed in commit 1e70c680375a (\"x86/tdx: Do not corrupt\nframe-pointer in __tdx_hypercall()\"), which was correct because %rsi is\nlater restored in the \"pop %rsi\". However a later commit 7a3a401874be\n(\"x86/tdx: Drop flags from __tdx_hypercall()\") removed that \"pop %rsi\"\nbut forgot to add the \"xor %rsi, %rsi\" back.\n\nFix by adding it back." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:20.855Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2191950d35d8f81620ea8d4e04d983f664fe3a8a" }, { "url": "https://git.kernel.org/stable/c/de4c5bacca4f50233f1f791bec9eeb4dee1b14cd" }, { "url": "https://git.kernel.org/stable/c/5d092b66119d774853cc9308522620299048a662" } ], "title": "x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52874", "datePublished": "2024-05-21T15:32:07.937Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:20.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52749
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52749", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:59.089454Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:26.791Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.612Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/96474ea47dc67b0704392d59192b233c8197db0e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bef4a48f4ef798c4feddf045d49e53c8a97d5e37" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/spi/spi.c", "include/linux/spi/spi.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4ec4508db975", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "96474ea47dc6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bef4a48f4ef7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/spi/spi.c", "include/linux/spi/spi.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.66", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix null dereference on suspend\n\nA race condition exists where a synchronous (noqueue) transfer can be\nactive during a system suspend. This can cause a null pointer\ndereference exception to occur when the system resumes.\n\nExample order of events leading to the exception:\n1. spi_sync() calls __spi_transfer_message_noqueue() which sets\n ctlr-\u003ecur_msg\n2. Spi transfer begins via spi_transfer_one_message()\n3. System is suspended interrupting the transfer context\n4. System is resumed\n6. spi_controller_resume() calls spi_start_queue() which resets cur_msg\n to NULL\n7. Spi transfer context resumes and spi_finalize_current_message() is\n called which dereferences cur_msg (which is now NULL)\n\nWait for synchronous transfers to complete before suspending by\nacquiring the bus mutex and setting/checking a suspend flag." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:58.145Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068" }, { "url": "https://git.kernel.org/stable/c/96474ea47dc67b0704392d59192b233c8197db0e" }, { "url": "https://git.kernel.org/stable/c/bef4a48f4ef798c4feddf045d49e53c8a97d5e37" } ], "title": "spi: Fix null dereference on suspend", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52749", "datePublished": "2024-05-21T15:30:38.904Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:51:58.145Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52820
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T15:26:37.788Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52820", "datePublished": "2024-05-21T15:31:26.238Z", "dateRejected": "2024-05-24T15:26:37.788Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-05-24T15:26:37.788Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52816
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52816", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T16:24:14.199378Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:04.920Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.052Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f7a400d5e80f99581e3e8a9843e1f6118bf454f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2806f880379232e789957c2078d612669eb7a69c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d33a35b13cbfec3238043f196fa87a6384f9d087" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/56649c43d40ce0147465a2d5756d300e87f9ee1c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/282c1d793076c2edac6c3db51b7e8ed2b41d60a5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_svm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3f7a400d5e80", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2806f8803792", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d33a35b13cbf", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "56649c43d40c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "282c1d793076", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_svm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix shift out-of-bounds issue\n\n[ 567.613292] shift exponent 255 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 567.614498] CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic #34~22.04.1-Ubuntu\n[ 567.614502] Hardware name: AMD Splinter/Splinter-RPL, BIOS WS43927N_871 09/25/2023\n[ 567.614504] Workqueue: events send_exception_work_handler [amdgpu]\n[ 567.614748] Call Trace:\n[ 567.614750] \u003cTASK\u003e\n[ 567.614753] dump_stack_lvl+0x48/0x70\n[ 567.614761] dump_stack+0x10/0x20\n[ 567.614763] __ubsan_handle_shift_out_of_bounds+0x156/0x310\n[ 567.614769] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.614773] ? update_sd_lb_stats.constprop.0+0xf2/0x3c0\n[ 567.614780] svm_range_split_by_granularity.cold+0x2b/0x34 [amdgpu]\n[ 567.615047] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615052] svm_migrate_to_ram+0x185/0x4d0 [amdgpu]\n[ 567.615286] do_swap_page+0x7b6/0xa30\n[ 567.615291] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615294] ? __free_pages+0x119/0x130\n[ 567.615299] handle_pte_fault+0x227/0x280\n[ 567.615303] __handle_mm_fault+0x3c0/0x720\n[ 567.615311] handle_mm_fault+0x119/0x330\n[ 567.615314] ? lock_mm_and_find_vma+0x44/0x250\n[ 567.615318] do_user_addr_fault+0x1a9/0x640\n[ 567.615323] exc_page_fault+0x81/0x1b0\n[ 567.615328] asm_exc_page_fault+0x27/0x30\n[ 567.615332] RIP: 0010:__get_user_8+0x1c/0x30" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:16.409Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3f7a400d5e80f99581e3e8a9843e1f6118bf454f" }, { "url": "https://git.kernel.org/stable/c/2806f880379232e789957c2078d612669eb7a69c" }, { "url": "https://git.kernel.org/stable/c/d33a35b13cbfec3238043f196fa87a6384f9d087" }, { "url": "https://git.kernel.org/stable/c/56649c43d40ce0147465a2d5756d300e87f9ee1c" }, { "url": "https://git.kernel.org/stable/c/282c1d793076c2edac6c3db51b7e8ed2b41d60a5" } ], "title": "drm/amdkfd: Fix shift out-of-bounds issue", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52816", "datePublished": "2024-05-21T15:31:23.567Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:16.409Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52751
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/93877b9afc2994c89362007aac480a7b150f386f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5c86919455c1edec99ebd3338ad213b59271a71b" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52751", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:15.794672Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:32.822Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/smb/client/cached_dir.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6db94d08359c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "93877b9afc29", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5c86919455c1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/smb/client/cached_dir.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in smb2_query_info_compound()\n\nThe following UAF was triggered when running fstests generic/072 with\nKASAN enabled against Windows Server 2022 and mount options\n\u0027multichannel,max_channels=2,vers=3.1.1,mfsymlinks,noperm\u0027\n\n BUG: KASAN: slab-use-after-free in smb2_query_info_compound+0x423/0x6d0 [cifs]\n Read of size 8 at addr ffff888014941048 by task xfs_io/27534\n\n CPU: 0 PID: 27534 Comm: xfs_io Not tainted 6.6.0-rc7 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n Call Trace:\n dump_stack_lvl+0x4a/0x80\n print_report+0xcf/0x650\n ? srso_alias_return_thunk+0x5/0x7f\n ? srso_alias_return_thunk+0x5/0x7f\n ? __phys_addr+0x46/0x90\n kasan_report+0xda/0x110\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? __pfx_smb2_query_info_compound+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __stack_depot_save+0x39/0x480\n ? kasan_save_stack+0x33/0x60\n ? kasan_set_track+0x25/0x30\n ? ____kasan_slab_free+0x126/0x170\n smb2_queryfs+0xc2/0x2c0 [cifs]\n ? __pfx_smb2_queryfs+0x10/0x10 [cifs]\n ? __pfx___lock_acquire+0x10/0x10\n smb311_queryfs+0x210/0x220 [cifs]\n ? __pfx_smb311_queryfs+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __lock_acquire+0x480/0x26c0\n ? lock_release+0x1ed/0x640\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_raw_spin_unlock+0x9b/0x100\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n ? __pfx___do_sys_fstatfs+0x10/0x10\n ? srso_alias_return_thunk+0x5/0x7f\n ? lockdep_hardirqs_on_prepare+0x136/0x200\n ? srso_alias_return_thunk+0x5/0x7f\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Allocated by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x8f/0xa0\n open_cached_dir+0x71b/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n smb311_queryfs+0x210/0x220 [cifs]\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Freed by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2b/0x50\n ____kasan_slab_free+0x126/0x170\n slab_free_freelist_hook+0xd0/0x1e0\n __kmem_cache_free+0x9d/0x1b0\n open_cached_dir+0xff5/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n\nThis is a race between open_cached_dir() and cached_dir_lease_break()\nwhere the cache entry for the open directory handle receives a lease\nbreak while creating it. And before returning from open_cached_dir(),\nwe put the last reference of the new @cfid because of\n!@cfid-\u003ehas_lease.\n\nBesides the UAF, while running xfstests a lot of missed lease breaks\nhave been noticed in tests that run several concurrent statfs(2) calls\non those cached fids\n\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 00000000715bfe83 len 108\n CIFS: VFS: Dump pending requests:\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 000000005aa7316e len 108\n ...\n\nTo fix both, in open_cached_dir() ensure that @cfid-\u003ehas_lease is set\nright before sending out compounded request so that any potential\nlease break will be get processed by demultiplex thread while we\u0027re\nstill caching @cfid. And, if open failed for some reason, re-check\n@cfid-\u003ehas_lease to decide whether or not put lease reference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:00.698Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9" }, { "url": "https://git.kernel.org/stable/c/93877b9afc2994c89362007aac480a7b150f386f" }, { "url": "https://git.kernel.org/stable/c/5c86919455c1edec99ebd3338ad213b59271a71b" } ], "title": "smb: client: fix use-after-free in smb2_query_info_compound()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52751", "datePublished": "2024-05-21T15:30:40.226Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:52:00.698Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47451
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47451", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:25:32.208577Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:53.967Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.385Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a670c323055282c9b72794a491d53cef86bbeaf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cae7cab804c943d723d52724a3aeb07a3f4a2650" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/902c0b1887522a099aa4e1e6b4b476c2fe5dd13e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/netfilter/xt_IDLETIMER.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2a670c323055", "status": "affected", "version": "68983a354a65", "versionType": "git" }, { "lessThan": "cae7cab804c9", "status": "affected", "version": "68983a354a65", "versionType": "git" }, { "lessThan": "902c0b188752", "status": "affected", "version": "68983a354a65", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/netfilter/xt_IDLETIMER.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value\n\nCurrently, when the rule related to IDLETIMER is added, idletimer_tg timer\nstructure is initialized by kmalloc on executing idletimer_tg_create\nfunction. However, in this process timer-\u003etimer_type is not defined to\na specific value. Thus, timer-\u003etimer_type has garbage value and it occurs\nkernel panic. So, this commit fixes the panic by initializing\ntimer-\u003etimer_type using kzalloc instead of kmalloc.\n\nTest commands:\n # iptables -A OUTPUT -j IDLETIMER --timeout 1 --label test\n $ cat /sys/class/xt_idletimer/timers/test\n Killed\n\nSplat looks like:\n BUG: KASAN: user-memory-access in alarm_expires_remaining+0x49/0x70\n Read of size 8 at addr 0000002e8c7bc4c8 by task cat/917\n CPU: 12 PID: 917 Comm: cat Not tainted 5.14.0+ #3 79940a339f71eb14fc81aee1757a20d5bf13eb0e\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n dump_stack_lvl+0x6e/0x9c\n kasan_report.cold+0x112/0x117\n ? alarm_expires_remaining+0x49/0x70\n __asan_load8+0x86/0xb0\n alarm_expires_remaining+0x49/0x70\n idletimer_tg_show+0xe5/0x19b [xt_IDLETIMER 11219304af9316a21bee5ba9d58f76a6b9bccc6d]\n dev_attr_show+0x3c/0x60\n sysfs_kf_seq_show+0x11d/0x1f0\n ? device_remove_bin_file+0x20/0x20\n kernfs_seq_show+0xa4/0xb0\n seq_read_iter+0x29c/0x750\n kernfs_fop_read_iter+0x25a/0x2c0\n ? __fsnotify_parent+0x3d1/0x570\n ? iov_iter_init+0x70/0x90\n new_sync_read+0x2a7/0x3d0\n ? __x64_sys_llseek+0x230/0x230\n ? rw_verify_area+0x81/0x150\n vfs_read+0x17b/0x240\n ksys_read+0xd9/0x180\n ? vfs_write+0x460/0x460\n ? do_syscall_64+0x16/0xc0\n ? lockdep_hardirqs_on+0x79/0x120\n __x64_sys_read+0x43/0x50\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f0cdc819142\n Code: c0 e9 c2 fe ff ff 50 48 8d 3d 3a ca 0a 00 e8 f5 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n RSP: 002b:00007fff28eee5b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f0cdc819142\n RDX: 0000000000020000 RSI: 00007f0cdc032000 RDI: 0000000000000003\n RBP: 00007f0cdc032000 R08: 00007f0cdc031010 R09: 0000000000000000\n R10: 0000000000000022 R11: 0000000000000246 R12: 00005607e9ee31f0\n R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:11.022Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2a670c323055282c9b72794a491d53cef86bbeaf" }, { "url": "https://git.kernel.org/stable/c/cae7cab804c943d723d52724a3aeb07a3f4a2650" }, { "url": "https://git.kernel.org/stable/c/902c0b1887522a099aa4e1e6b4b476c2fe5dd13e" } ], "title": "netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47451", "datePublished": "2024-05-22T06:19:42.082Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:11.022Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52788
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52788", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:27:01.312532Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:43.170Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.790Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/i915/i915_perf.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1566e8be73fd", "status": "affected", "version": "9b344cf6aea0", "versionType": "git" }, { "lessThan": "55db76caa782", "status": "affected", "version": "2fec539112e8", "versionType": "git" }, { "lessThan": "bf8e10503008", "status": "affected", "version": "2fec539112e8", "versionType": "git" }, { "lessThan": "10f49cdfd5fb", "status": "affected", "version": "2fec539112e8", "versionType": "git" }, { "lessThan": "471aa951bf12", "status": "affected", "version": "2fec539112e8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/i915/i915_perf.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:45.286Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1" }, { "url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e" }, { "url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09" }, { "url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98" }, { "url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83" } ], "title": "i915/perf: Fix NULL deref bugs with drm_dbg() calls", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52788", "datePublished": "2024-05-21T15:31:04.980Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:45.286Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47409
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.169Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47409", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:57.427219Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:39.628Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/dwc2/hcd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4b7f4a0eb92b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a7182993dd8e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8b9c1c33e51d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2754fa3b73df", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "337f00a0bc62", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "856e6e8e0f93", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/dwc2/hcd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.250", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.210", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.152", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.72", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.11", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:22.412Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b" }, { "url": "https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282" }, { "url": "https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7" }, { "url": "https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262" }, { "url": "https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df" }, { "url": "https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82" } ], "title": "usb: dwc2: check return value after calling platform_get_resource()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47409", "datePublished": "2024-05-21T15:04:01.300Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:22.412Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47450
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47450", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:46:22.813390Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:28.577Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.495Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/arm64/kvm/hyp/include/nvhe/gfp.h", "arch/arm64/kvm/hyp/nvhe/mem_protect.c", "arch/arm64/kvm/hyp/nvhe/page_alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b372264c66ef", "status": "affected", "version": "1025c8c0c6ac", "versionType": "git" }, { "lessThan": "1d58a17ef545", "status": "affected", "version": "1025c8c0c6ac", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/arm64/kvm/hyp/include/nvhe/gfp.h", "arch/arm64/kvm/hyp/nvhe/mem_protect.c", "arch/arm64/kvm/hyp/nvhe/page_alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix host stage-2 PGD refcount\n\nThe KVM page-table library refcounts the pages of concatenated stage-2\nPGDs individually. However, when running KVM in protected mode, the\nhost\u0027s stage-2 PGD is currently managed by EL2 as a single high-order\ncompound page, which can cause the refcount of the tail pages to reach 0\nwhen they shouldn\u0027t, hence corrupting the page-table.\n\nFix this by introducing a new hyp_split_page() helper in the EL2 page\nallocator (matching the kernel\u0027s split_page() function), and make use of\nit from host_s2_zalloc_pages_exact()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:08.607Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39" }, { "url": "https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1" } ], "title": "KVM: arm64: Fix host stage-2 PGD refcount", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47450", "datePublished": "2024-05-22T06:19:41.443Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:08.607Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47404
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47404", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:40:32.628487Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:42:16.335Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.325Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/hid-betopff.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a4faa7153b87", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6fc4476dda58", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1c83c38dec83", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bb8b72374db6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fe9bb925e709", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "dedfc35a2de2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "708107b80aa6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1e4ce418b1cb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/hid-betopff.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.286", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.285", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.249", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.209", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.151", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:16.663Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019" }, { "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525" }, { "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9" }, { "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914" }, { "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550" }, { "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee" }, { "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e" }, { "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993" } ], "title": "HID: betop: fix slab-out-of-bounds Write in betop_probe", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47404", "datePublished": "2024-05-21T15:03:58.021Z", "dateReserved": "2024-05-21T14:58:30.816Z", "dateUpdated": "2024-11-04T12:05:16.663Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47419
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47419", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:00:04.629892Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T14:40:36.981Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.382Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c951c08a5996365aecbc5f1a9bddec3905e1ddfc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7a1c1af341041221b3acb9d7036cc2b43e0efa75" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a56d447f196fa9973c568f54c0d76d5391c3b0c0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/sched/sch_taprio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c951c08a5996", "status": "affected", "version": "c71c512f4a65", "versionType": "git" }, { "lessThan": "3ec73ffeef54", "status": "affected", "version": "a969a632cbe7", "versionType": "git" }, { "lessThan": "7a1c1af34104", "status": "affected", "version": "44d4775ca518", "versionType": "git" }, { "lessThan": "a56d447f196f", "status": "affected", "version": "44d4775ca518", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/sched/sch_taprio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_taprio: properly cancel timer from taprio_destroy()\n\nThere is a comment in qdisc_create() about us not calling ops-\u003ereset()\nin some cases.\n\nerr_out4:\n\t/*\n\t * Any broken qdiscs that would require a ops-\u003ereset() here?\n\t * The qdisc was never in action so it shouldn\u0027t be necessary.\n\t */\n\nAs taprio sets a timer before actually receiving a packet, we need\nto cancel it from ops-\u003edestroy, just in case ops-\u003ereset has not\nbeen called.\n\nsyzbot reported:\n\nODEBUG: free active (active state 0) object type: hrtimer hint: advance_sched+0x0/0x9a0 arch/x86/include/asm/atomic64_64.h:22\nWARNING: CPU: 0 PID: 8441 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nModules linked in:\nCPU: 0 PID: 8441 Comm: syz-executor813 Not tainted 5.14.0-rc6-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505\nCode: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd e0 d3 e3 89 4c 89 ee 48 c7 c7 e0 c7 e3 89 e8 5b 86 11 05 \u003c0f\u003e 0b 83 05 85 03 92 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3\nRSP: 0018:ffffc9000130f330 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000\nRDX: ffff88802baeb880 RSI: ffffffff815d87b5 RDI: fffff52000261e58\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815d25ee R11: 0000000000000000 R12: ffffffff898dd020\nR13: ffffffff89e3ce20 R14: ffffffff81653630 R15: dffffc0000000000\nFS: 0000000000f0d300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffb64b3e000 CR3: 0000000036557000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __debug_check_no_obj_freed lib/debugobjects.c:987 [inline]\n debug_check_no_obj_freed+0x301/0x420 lib/debugobjects.c:1018\n slab_free_hook mm/slub.c:1603 [inline]\n slab_free_freelist_hook+0x171/0x240 mm/slub.c:1653\n slab_free mm/slub.c:3213 [inline]\n kfree+0xe4/0x540 mm/slub.c:4267\n qdisc_create+0xbcf/0x1320 net/sched/sch_api.c:1299\n tc_modify_qdisc+0x4c8/0x1a60 net/sched/sch_api.c:1663\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2403\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2457\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2486\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:32.971Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c951c08a5996365aecbc5f1a9bddec3905e1ddfc" }, { "url": "https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866" }, { "url": "https://git.kernel.org/stable/c/7a1c1af341041221b3acb9d7036cc2b43e0efa75" }, { "url": "https://git.kernel.org/stable/c/a56d447f196fa9973c568f54c0d76d5391c3b0c0" } ], "title": "net/sched: sch_taprio: properly cancel timer from taprio_destroy()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47419", "datePublished": "2024-05-21T15:04:07.992Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:32.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52858
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "3b5e748615e7" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.0" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.4.261" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.201" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "\t5.15.139" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.63" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.12" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.2" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52858", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T19:00:23.134670Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:43.603Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt7629.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e8ae4b49dd9c", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "4f861b63945e", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "e964d21dc034", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "a836efc21ef0", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "1d89430fc315", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "5fbea47eebff", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "2befa515c1bb", "status": "affected", "version": "3b5e748615e7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt7629.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.0" }, { "lessThan": "5.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:00.268Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e8ae4b49dd9cfde69d8de8c0c0cd7cf1b004482e" }, { "url": "https://git.kernel.org/stable/c/4f861b63945e076f9f003a5fad958174096df1ee" }, { "url": "https://git.kernel.org/stable/c/e964d21dc034b650d719c4ea39564bec72b42f94" }, { "url": "https://git.kernel.org/stable/c/a836efc21ef04608333d6d05753e558ebd1f85d0" }, { "url": "https://git.kernel.org/stable/c/1d89430fc3158f872d492f1b88d07262f48290c0" }, { "url": "https://git.kernel.org/stable/c/5fbea47eebff5daeca7d918c99289bcd3ae4dc8d" }, { "url": "https://git.kernel.org/stable/c/2befa515c1bb6cdd33c262b909d93d1973a219aa" } ], "title": "clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52858", "datePublished": "2024-05-21T15:31:51.891Z", "dateReserved": "2024-05-21T15:19:24.258Z", "dateUpdated": "2024-11-04T14:54:00.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47462
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47462", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:48:07.390031Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:24.847Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.432Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ee4e9ae98f1f262d6fae0d266cfdf3ba2c321d9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/mempolicy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9ee4e9ae98f1", "status": "affected", "version": "bda420b98505", "versionType": "git" }, { "lessThan": "6d2aec9e123b", "status": "affected", "version": "bda420b98505", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/mempolicy.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()\n\nsyzbot reported access to unitialized memory in mbind() [1]\n\nIssue came with commit bda420b98505 (\"numa balancing: migrate on fault\namong multiple bound nodes\")\n\nThis commit added a new bit in MPOL_MODE_FLAGS, but only checked valid\ncombination (MPOL_F_NUMA_BALANCING can only be used with MPOL_BIND) in\ndo_set_mempolicy()\n\nThis patch moves the check in sanitize_mpol_flags() so that it is also\nused by mbind()\n\n [1]\n BUG: KMSAN: uninit-value in __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n mpol_equal include/linux/mempolicy.h:105 [inline]\n vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Uninit was created at:\n slab_alloc_node mm/slub.c:3221 [inline]\n slab_alloc mm/slub.c:3230 [inline]\n kmem_cache_alloc+0x751/0xff0 mm/slub.c:3235\n mpol_new mm/mempolicy.c:293 [inline]\n do_mbind+0x912/0x15f0 mm/mempolicy.c:1289\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n =====================================================\n Kernel panic - not syncing: panic_on_kmsan set ...\n CPU: 0 PID: 15049 Comm: syz-executor.0 Tainted: G B 5.15.0-rc2-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n Call Trace:\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106\n dump_stack+0x25/0x28 lib/dump_stack.c:113\n panic+0x44f/0xdeb kernel/panic.c:232\n kmsan_report+0x2ee/0x300 mm/kmsan/report.c:186\n __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208\n __mpol_equal+0x567/0x590 mm/mempolicy.c:2260\n mpol_equal include/linux/mempolicy.h:105 [inline]\n vma_merge+0x4a1/0x1e60 mm/mmap.c:1190\n mbind_range+0xcc8/0x1e80 mm/mempolicy.c:811\n do_mbind+0xf42/0x15f0 mm/mempolicy.c:1333\n kernel_mbind mm/mempolicy.c:1483 [inline]\n __do_sys_mbind mm/mempolicy.c:1490 [inline]\n __se_sys_mbind+0x437/0xb80 mm/mempolicy.c:1486\n __x64_sys_mbind+0x19d/0x200 mm/mempolicy.c:1486\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:24.798Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9ee4e9ae98f1f262d6fae0d266cfdf3ba2c321d9" }, { "url": "https://git.kernel.org/stable/c/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c" } ], "title": "mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47462", "datePublished": "2024-05-22T06:23:23.034Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-04T12:06:24.798Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52817
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52817", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-08T14:18:47.738827Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-08T14:19:04.428Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bf2d51eedf03", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "437e0fa907ba", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f475d5502f33", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "174f62a0aa15", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6c1b3d89a2dd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "820daf9ffe2b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ba3c0796d292", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5104fdf50d32", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G OE 5.15.0-43-generic #46-Ubunt u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS: 00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636] \u003cTASK\u003e\n[4005007.702640] amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002] full_proxy_read+0x5c/0x80\n[4005007.703011] vfs_read+0x9f/0x1a0\n[4005007.703019] ksys_read+0x67/0xe0\n[4005007.703023] __x64_sys_read+0x19/0x20\n[4005007.703028] do_syscall_64+0x5c/0xc0\n[4005007.703034] ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040] ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047] ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052] ? irqentry_exit+0x19/0x30\n[4005007.703057] ? exc_page_fault+0x89/0x160\n[4005007.703062] ? asm_exc_page_fault+0x8/0x30\n[4005007.703068] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105] \u003c/TASK\u003e\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_ iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v 2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:17.554Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398" }, { "url": "https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9" }, { "url": "https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a" }, { "url": "https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455" }, { "url": "https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736" }, { "url": "https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288" }, { "url": "https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996" }, { "url": "https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad" } ], "title": "drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52817", "datePublished": "2024-05-21T15:31:24.225Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-11-04T14:53:17.554Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52836
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52836", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:05:10.965267Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:59.048Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d8267cabbe1bed15ccf8b0e684c528bf8eeef715" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dcd85e3c929368076a7592b27f541e0da8b427f5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ed2d68b3925145f5f51c46559484881d6082f75" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e89d0ed45a419c485bae999426ecf92697cbdda3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c56df79d68677cf062da1b6e3b33e74299a92dfc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e36407713163363e65566e7af0abe207d5f59a0c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/304a2c4aad0fff887ce493e4197bf9cbaf394479" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bccdd808902f8c677317cec47c306e42b93b849e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/locking/test-ww_mutex.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d4d37c9e6a4d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d8267cabbe1b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "dcd85e3c9293", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9ed2d68b3925", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e89d0ed45a41", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c56df79d6867", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e36407713163", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "304a2c4aad0f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bccdd808902f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/locking/test-ww_mutex.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlocking/ww_mutex/test: Fix potential workqueue corruption\n\nIn some cases running with the test-ww_mutex code, I was seeing\nodd behavior where sometimes it seemed flush_workqueue was\nreturning before all the work threads were finished.\n\nOften this would cause strange crashes as the mutexes would be\nfreed while they were being used.\n\nLooking at the code, there is a lifetime problem as the\ncontrolling thread that spawns the work allocates the\n\"struct stress\" structures that are passed to the workqueue\nthreads. Then when the workqueue threads are finished,\nthey free the stress struct that was passed to them.\n\nUnfortunately the workqueue work_struct node is in the stress\nstruct. Which means the work_struct is freed before the work\nthread returns and while flush_workqueue is waiting.\n\nIt seems like a better idea to have the controlling thread\nboth allocate and free the stress structures, so that we can\nbe sure we don\u0027t corrupt the workqueue by freeing the structure\nprematurely.\n\nSo this patch reworks the test to do so, and with this change\nI no longer see the early flush_workqueue returns." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:33.912Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389" }, { "url": "https://git.kernel.org/stable/c/d8267cabbe1bed15ccf8b0e684c528bf8eeef715" }, { "url": "https://git.kernel.org/stable/c/dcd85e3c929368076a7592b27f541e0da8b427f5" }, { "url": "https://git.kernel.org/stable/c/9ed2d68b3925145f5f51c46559484881d6082f75" }, { "url": "https://git.kernel.org/stable/c/e89d0ed45a419c485bae999426ecf92697cbdda3" }, { "url": "https://git.kernel.org/stable/c/c56df79d68677cf062da1b6e3b33e74299a92dfc" }, { "url": "https://git.kernel.org/stable/c/e36407713163363e65566e7af0abe207d5f59a0c" }, { "url": "https://git.kernel.org/stable/c/304a2c4aad0fff887ce493e4197bf9cbaf394479" }, { "url": "https://git.kernel.org/stable/c/bccdd808902f8c677317cec47c306e42b93b849e" } ], "title": "locking/ww_mutex/test: Fix potential workqueue corruption", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52836", "datePublished": "2024-05-21T15:31:37.174Z", "dateReserved": "2024-05-21T15:19:24.252Z", "dateUpdated": "2024-11-04T14:53:33.912Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47447
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47447", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:54:08.510506Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:50.049Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.478Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d59e44e7821a8f2bb6f2e846b9167397a5f01608" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3eda901995371d390ef82d0b6462f4ea8efbcfdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a3xx_gpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d59e44e7821a", "status": "affected", "version": "5785dd7a8ef0", "versionType": "git" }, { "lessThan": "3eda90199537", "status": "affected", "version": "5785dd7a8ef0", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a3xx_gpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a3xx: fix error handling in a3xx_gpu_init()\n\nThese error paths returned 1 on failure, instead of a negative error\ncode. This would lead to an Oops in the caller. A second problem is\nthat the check for \"if (ret != -ENODATA)\" did not work because \"ret\" was\nset to 1." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:05.179Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d59e44e7821a8f2bb6f2e846b9167397a5f01608" }, { "url": "https://git.kernel.org/stable/c/3eda901995371d390ef82d0b6462f4ea8efbcfdf" } ], "title": "drm/msm/a3xx: fix error handling in a3xx_gpu_init()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47447", "datePublished": "2024-05-22T06:19:39.506Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:05.179Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47304
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47304", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T15:35:43.044493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:55.263Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.445Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ad4ba3404931745a5977ad12db4f0c34080e52f7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fe77b85828ca9ddc42977b79de9e40d18545b4fe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be5d1b61a2ad28c7e57fe8bfa277373e8ecffcdc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/ipv4/tcp_input.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ad4ba3404931", "status": "affected", "version": "8919a9b31eb4", "versionType": "git" }, { "lessThan": "fe77b85828ca", "status": "affected", "version": "8919a9b31eb4", "versionType": "git" }, { "lessThan": "be5d1b61a2ad", "status": "affected", "version": "8919a9b31eb4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/ipv4/tcp_input.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.53", "versionType": "semver" }, { "lessThanOrEqual": "5.13.*", "status": "unaffected", "version": "5.13.5", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix tcp_init_transfer() to not reset icsk_ca_initialized\n\nThis commit fixes a bug (found by syzkaller) that could cause spurious\ndouble-initializations for congestion control modules, which could cause\nmemory leaks or other problems for congestion control modules (like CDG)\nthat allocate memory in their init functions.\n\nThe buggy scenario constructed by syzkaller was something like:\n\n(1) create a TCP socket\n(2) initiate a TFO connect via sendto()\n(3) while socket is in TCP_SYN_SENT, call setsockopt(TCP_CONGESTION),\n which calls:\n tcp_set_congestion_control() -\u003e\n tcp_reinit_congestion_control() -\u003e\n tcp_init_congestion_control()\n(4) receive ACK, connection is established, call tcp_init_transfer(),\n set icsk_ca_initialized=0 (without first calling cc-\u003erelease()),\n call tcp_init_congestion_control() again.\n\nNote that in this sequence tcp_init_congestion_control() is called\ntwice without a cc-\u003erelease() call in between. Thus, for CC modules\nthat allocate memory in their init() function, e.g, CDG, a memory leak\nmay occur. The syzkaller tool managed to find a reproducer that\ntriggered such a leak in CDG.\n\nThe bug was introduced when that commit 8919a9b31eb4 (\"tcp: Only init\ncongestion control if not initialized already\")\nintroduced icsk_ca_initialized and set icsk_ca_initialized to 0 in\ntcp_init_transfer(), missing the possibility for a sequence like the\none above, where a process could call setsockopt(TCP_CONGESTION) in\nstate TCP_SYN_SENT (i.e. after the connect() or TFO open sendmsg()),\nwhich would call tcp_init_congestion_control(). It did not intend to\nreset any initialization that the user had already explicitly made;\nit just missed the possibility of that particular sequence (which\nsyzkaller managed to find)." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:03:20.656Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ad4ba3404931745a5977ad12db4f0c34080e52f7" }, { "url": "https://git.kernel.org/stable/c/fe77b85828ca9ddc42977b79de9e40d18545b4fe" }, { "url": "https://git.kernel.org/stable/c/be5d1b61a2ad28c7e57fe8bfa277373e8ecffcdc" } ], "title": "tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47304", "datePublished": "2024-05-21T14:35:24.670Z", "dateReserved": "2024-05-21T13:27:52.133Z", "dateUpdated": "2024-11-04T12:03:20.656Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47465
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47465", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:41:27.701748Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T14:41:05.510Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.601Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/kvm/book3s_hv_rmhandlers.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "80bbb0bc3a02", "status": "affected", "version": "10d91611f426", "versionType": "git" }, { "lessThan": "fbd724c49bea", "status": "affected", "version": "10d91611f426", "versionType": "git" }, { "lessThan": "6d077c37c464", "status": "affected", "version": "10d91611f426", "versionType": "git" }, { "lessThan": "9b4416c5095c", "status": "affected", "version": "10d91611f426", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/kvm/book3s_hv_rmhandlers.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.2" }, { "lessThan": "5.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()\n\nIn commit 10d91611f426 (\"powerpc/64s: Reimplement book3s idle code in\nC\") kvm_start_guest() became idle_kvm_start_guest(). The old code\nallocated a stack frame on the emergency stack, but didn\u0027t use the\nframe to store anything, and also didn\u0027t store anything in its caller\u0027s\nframe.\n\nidle_kvm_start_guest() on the other hand is written more like a normal C\nfunction, it creates a frame on entry, and also stores CR/LR into its\ncallers frame (per the ABI). The problem is that there is no caller\nframe on the emergency stack.\n\nThe emergency stack for a given CPU is allocated with:\n\n paca_ptrs[i]-\u003eemergency_sp = alloc_stack(limit, i) + THREAD_SIZE;\n\nSo emergency_sp actually points to the first address above the emergency\nstack allocation for a given CPU, we must not store above it without\nfirst decrementing it to create a frame. This is different to the\nregular kernel stack, paca-\u003ekstack, which is initialised to point at an\ninitial frame that is ready to use.\n\nidle_kvm_start_guest() stores the backchain, CR and LR all of which\nwrite outside the allocation for the emergency stack. It then creates a\nstack frame and saves the non-volatile registers. Unfortunately the\nframe it creates is not large enough to fit the non-volatiles, and so\nthe saving of the non-volatile registers also writes outside the\nemergency stack allocation.\n\nThe end result is that we corrupt whatever is at 0-24 bytes, and 112-248\nbytes above the emergency stack allocation.\n\nIn practice this has gone unnoticed because the memory immediately above\nthe emergency stack happens to be used for other stack allocations,\neither another CPUs mc_emergency_sp or an IRQ stack. See the order of\ncalls to irqstack_early_init() and emergency_stack_init().\n\nThe low addresses of another stack are the top of that stack, and so are\nonly used if that stack is under extreme pressue, which essentially\nnever happens in practice - and if it did there\u0027s a high likelyhood we\u0027d\ncrash due to that stack overflowing.\n\nStill, we shouldn\u0027t be corrupting someone else\u0027s stack, and it is purely\nluck that we aren\u0027t corrupting something else.\n\nTo fix it we save CR/LR into the caller\u0027s frame using the existing r1 on\nentry, we then create a SWITCH_FRAME_SIZE frame (which has space for\npt_regs) on the emergency stack with the backchain pointing to the\nexisting stack, and then finally we switch to the new frame on the\nemergency stack." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:28.290Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7" }, { "url": "https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855" }, { "url": "https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8" }, { "url": "https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f" } ], "title": "KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47465", "datePublished": "2024-05-22T06:23:25.027Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-07T14:41:05.510Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52856
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52856", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:18:14.046128Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:17.443Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.060Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/bridge/lontium-lt8912b.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "42071feab712", "status": "affected", "version": "30e2ae943c26", "versionType": "git" }, { "lessThan": "7bf0cb8f4028", "status": "affected", "version": "30e2ae943c26", "versionType": "git" }, { "lessThan": "fcd9895e3654", "status": "affected", "version": "30e2ae943c26", "versionType": "git" }, { "lessThan": "b65e3249f3ca", "status": "affected", "version": "30e2ae943c26", "versionType": "git" }, { "lessThan": "44283993144a", "status": "affected", "version": "30e2ae943c26", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/bridge/lontium-lt8912b.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: lt8912b: Fix crash on bridge detach\n\nThe lt8912b driver, in its bridge detach function, calls\ndrm_connector_unregister() and drm_connector_cleanup().\n\ndrm_connector_unregister() should be called only for connectors\nexplicitly registered with drm_connector_register(), which is not the\ncase in lt8912b.\n\nThe driver\u0027s drm_connector_funcs.destroy hook is set to\ndrm_connector_cleanup().\n\nThus the driver should not call either drm_connector_unregister() nor\ndrm_connector_cleanup() in its lt8912_bridge_detach(), as they cause a\ncrash on bridge detach:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000000858f3000\n[0000000000000000] pgd=0800000085918003, p4d=0800000085918003, pud=0800000085431003, pmd=0000000000000000\nInternal error: Oops: 0000000096000006 [#1] PREEMPT SMP\nModules linked in: tidss(-) display_connector lontium_lt8912b tc358768 panel_lvds panel_simple drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks\nCPU: 3 PID: 462 Comm: rmmod Tainted: G W 6.5.0-rc2+ #2\nHardware name: Toradex Verdin AM62 on Verdin Development Board (DT)\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : drm_connector_cleanup+0x78/0x2d4 [drm]\nlr : lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\nsp : ffff800082ed3a90\nx29: ffff800082ed3a90 x28: ffff0000040c1940 x27: 0000000000000000\nx26: 0000000000000000 x25: dead000000000122 x24: dead000000000122\nx23: dead000000000100 x22: ffff000003fb6388 x21: 0000000000000000\nx20: 0000000000000000 x19: ffff000003fb6260 x18: fffffffffffe56e8\nx17: 0000000000000000 x16: 0010000000000000 x15: 0000000000000038\nx14: 0000000000000000 x13: ffff800081914b48 x12: 000000000000040e\nx11: 000000000000015a x10: ffff80008196ebb8 x9 : ffff800081914b48\nx8 : 00000000ffffefff x7 : ffff0000040c1940 x6 : ffff80007aa649d0\nx5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008159e008\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n drm_connector_cleanup+0x78/0x2d4 [drm]\n lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\n drm_bridge_detach+0x44/0x84 [drm]\n drm_encoder_cleanup+0x40/0xb8 [drm]\n drmm_encoder_alloc_release+0x1c/0x30 [drm]\n drm_managed_release+0xac/0x148 [drm]\n drm_dev_put.part.0+0x88/0xb8 [drm]\n devm_drm_dev_init_release+0x14/0x24 [drm]\n devm_action_release+0x14/0x20\n release_nodes+0x5c/0x90\n devres_release_all+0x8c/0xe0\n device_unbind_cleanup+0x18/0x68\n device_release_driver_internal+0x208/0x23c\n driver_detach+0x4c/0x94\n bus_remove_driver+0x70/0xf4\n driver_unregister+0x30/0x60\n platform_driver_unregister+0x14/0x20\n tidss_platform_driver_exit+0x18/0xb2c [tidss]\n __arm64_sys_delete_module+0x1a0/0x2b4\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0x60/0x10c\n do_el0_svc_compat+0x1c/0x40\n el0_svc_compat+0x40/0xac\n el0t_32_sync_handler+0xb0/0x138\n el0t_32_sync+0x194/0x198\nCode: 9104a276 f2fbd5b7 aa0203e1 91008af8 (f85c0420)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:57.681Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e" }, { "url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a" }, { "url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e" }, { "url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6" }, { "url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347" } ], "title": "drm/bridge: lt8912b: Fix crash on bridge detach", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52856", "datePublished": "2024-05-21T15:31:50.569Z", "dateReserved": "2024-05-21T15:19:24.257Z", "dateUpdated": "2024-11-04T14:53:57.681Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52775
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52775", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:24:43.628155Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:47.888Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.820Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/smc/af_smc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5ada292b5c50", "status": "affected", "version": "0fb0b02bd6fd", "versionType": "git" }, { "lessThan": "90072af9efe8", "status": "affected", "version": "0fb0b02bd6fd", "versionType": "git" }, { "lessThan": "94a0ae698b4d", "status": "affected", "version": "0fb0b02bd6fd", "versionType": "git" }, { "lessThan": "7234d2b5dffa", "status": "affected", "version": "0fb0b02bd6fd", "versionType": "git" }, { "lessThan": "e6d71b437abc", "status": "affected", "version": "0fb0b02bd6fd", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/smc/af_smc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.203", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.141", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.65", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: avoid data corruption caused by decline\n\nWe found a data corruption issue during testing of SMC-R on Redis\napplications.\n\nThe benchmark has a low probability of reporting a strange error as\nshown below.\n\n\"Error: Protocol error, got \"\\xe2\" as reply type byte\"\n\nFinally, we found that the retrieved error data was as follows:\n\n0xE2 0xD4 0xC3 0xD9 0x04 0x00 0x2C 0x20 0xA6 0x56 0x00 0x16 0x3E 0x0C\n0xCB 0x04 0x02 0x01 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00\n0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xE2\n\nIt is quite obvious that this is a SMC DECLINE message, which means that\nthe applications received SMC protocol message.\nWe found that this was caused by the following situations:\n\nclient server\n \u00a6 clc proposal\n -------------\u003e\n \u00a6 clc accept\n \u003c-------------\n \u00a6 clc confirm\n -------------\u003e\nwait llc confirm\n\t\t\tsend llc confirm\n \u00a6failed llc confirm\n \u00a6 x------\n(after 2s)timeout\n wait llc confirm rsp\n\nwait decline\n\n(after 1s) timeout\n (after 2s) timeout\n \u00a6 decline\n --------------\u003e\n \u00a6 decline\n \u003c--------------\n\nAs a result, a decline message was sent in the implementation, and this\nmessage was read from TCP by the already-fallback connection.\n\nThis patch double the client timeout as 2x of the server value,\nWith this simple change, the Decline messages should never cross or\ncollide (during Confirm link timeout).\n\nThis issue requires an immediate solution, since the protocol updates\ninvolve a more long-term solution." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:28.255Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c" }, { "url": "https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c" }, { "url": "https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add" }, { "url": "https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1" }, { "url": "https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563" } ], "title": "net/smc: avoid data corruption caused by decline", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52775", "datePublished": "2024-05-21T15:30:56.247Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:28.255Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52701
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52701", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:32:19.425671Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:51.546Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.233Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/863a7de987f02a901bf215509276a7de0370e0f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2558b8039d059342197610498c8749ad294adee5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/socket.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "863a7de987f0", "status": "affected", "version": "6fd1d51cfa25", "versionType": "git" }, { "lessThan": "2558b8039d05", "status": "affected", "version": "6fd1d51cfa25", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/socket.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use a bounce buffer for copying skb-\u003emark\n\nsyzbot found arm64 builds would crash in sock_recv_mark()\nwhen CONFIG_HARDENED_USERCOPY=y\n\nx86 and powerpc are not detecting the issue because\nthey define user_access_begin.\nThis will be handled in a different patch,\nbecause a check_object_size() is missing.\n\nOnly data from skb-\u003ecb[] can be copied directly to/from user space,\nas explained in commit 79a8a642bf05 (\"net: Whitelist\nthe skbuff_head_cache \"cb\" field\")\n\nsyzbot report was:\nusercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_head_cache\u0027 (offset 168, size 4)!\n------------[ cut here ]------------\nkernel BUG at mm/usercopy.c:102 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 4410 Comm: syz-executor533 Not tainted 6.2.0-rc7-syzkaller-17907-g2d3827b3f393 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : usercopy_abort+0x90/0x94 mm/usercopy.c:90\nlr : usercopy_abort+0x90/0x94 mm/usercopy.c:90\nsp : ffff80000fb9b9a0\nx29: ffff80000fb9b9b0 x28: ffff0000c6073400 x27: 0000000020001a00\nx26: 0000000000000014 x25: ffff80000cf52000 x24: fffffc0000000000\nx23: 05ffc00000000200 x22: fffffc000324bf80 x21: ffff0000c92fe1a8\nx20: 0000000000000001 x19: 0000000000000004 x18: 0000000000000000\nx17: 656a626f2042554c x16: ffff0000c6073dd0 x15: ffff80000dbd2118\nx14: ffff0000c6073400 x13: 00000000ffffffff x12: ffff0000c6073400\nx11: ff808000081bbb4c x10: 0000000000000000 x9 : 7b0572d7cc0ccf00\nx8 : 7b0572d7cc0ccf00 x7 : ffff80000bf650d4 x6 : 0000000000000000\nx5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : ffff0001fefbff08 x1 : 0000000100000000 x0 : 000000000000006c\nCall trace:\nusercopy_abort+0x90/0x94 mm/usercopy.c:90\n__check_heap_object+0xa8/0x100 mm/slub.c:4761\ncheck_heap_object mm/usercopy.c:196 [inline]\n__check_object_size+0x208/0x6b8 mm/usercopy.c:251\ncheck_object_size include/linux/thread_info.h:199 [inline]\n__copy_to_user include/linux/uaccess.h:115 [inline]\nput_cmsg+0x408/0x464 net/core/scm.c:238\nsock_recv_mark net/socket.c:975 [inline]\n__sock_recv_cmsgs+0x1fc/0x248 net/socket.c:984\nsock_recv_cmsgs include/net/sock.h:2728 [inline]\npacket_recvmsg+0x2d8/0x678 net/packet/af_packet.c:3482\n____sys_recvmsg+0x110/0x3a0\n___sys_recvmsg net/socket.c:2737 [inline]\n__sys_recvmsg+0x194/0x210 net/socket.c:2767\n__do_sys_recvmsg net/socket.c:2777 [inline]\n__se_sys_recvmsg net/socket.c:2774 [inline]\n__arm64_sys_recvmsg+0x2c/0x3c net/socket.c:2774\n__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]\ninvoke_syscall+0x64/0x178 arch/arm64/kernel/syscall.c:52\nel0_svc_common+0xbc/0x180 arch/arm64/kernel/syscall.c:142\ndo_el0_svc+0x48/0x110 arch/arm64/kernel/syscall.c:193\nel0_svc+0x58/0x14c arch/arm64/kernel/entry-common.c:637\nel0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591\nCode: 91388800 aa0903e1 f90003e8 94e6d752 (d4210000)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:25.575Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/863a7de987f02a901bf215509276a7de0370e0f9" }, { "url": "https://git.kernel.org/stable/c/2558b8039d059342197610498c8749ad294adee5" } ], "title": "net: use a bounce buffer for copying skb-\u003emark", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52701", "datePublished": "2024-05-21T15:22:51.354Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:25.575Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47425
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47425", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:32:39.731015Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:05.025Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.439Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/i2c/i2c-core-acpi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b8090a84d775", "status": "affected", "version": "525e6fabeae2", "versionType": "git" }, { "lessThan": "3d9d458a8aaa", "status": "affected", "version": "525e6fabeae2", "versionType": "git" }, { "lessThan": "60bacf259e8c", "status": "affected", "version": "525e6fabeae2", "versionType": "git" }, { "lessThan": "f86de018fd7a", "status": "affected", "version": "525e6fabeae2", "versionType": "git" }, { "lessThan": "90f1077c9184", "status": "affected", "version": "525e6fabeae2", "versionType": "git" }, { "lessThan": "6558b646ce1c", "status": "affected", "version": "525e6fabeae2", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/i2c/i2c-core-acpi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.8" }, { "lessThan": "4.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.251", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.211", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: acpi: fix resource leak in reconfiguration device addition\n\nacpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a\nreference on the adapter which is never released which will result in a\nreference count leak and render the adapter unremovable. Make sure to\nput the adapter after creating the client in the same manner that we do\nfor OF.\n\n[wsa: fixed title]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:40.044Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63" }, { "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989" }, { "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b" }, { "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95" }, { "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694" }, { "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f" } ], "title": "i2c: acpi: fix resource leak in reconfiguration device addition", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47425", "datePublished": "2024-05-21T15:04:11.931Z", "dateReserved": "2024-05-21T14:58:30.827Z", "dateUpdated": "2024-11-04T12:05:40.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47495
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47495", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:49:07.936135Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:06.481Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/usb/usbnet.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b9eba0a4a527", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "524f333e9813", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "74b3b27cf9fe", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "002d82227c0a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "492140e45d2b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "693ecbe8f799", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7e8b6a4f18ed", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "397430b50a36", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/usb/usbnet.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.291", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.289", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.254", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.215", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: sanity check for maxpacket\n\nmaxpacket of 0 makes no sense and oopses as we need to divide\nby it. Give up.\n\nV2: fixed typo in log and stylistic issues" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:01.504Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e" }, { "url": "https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767" }, { "url": "https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4" }, { "url": "https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed" }, { "url": "https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20" }, { "url": "https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a" }, { "url": "https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5" }, { "url": "https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e" } ], "title": "usbnet: sanity check for maxpacket", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47495", "datePublished": "2024-05-22T08:19:42.732Z", "dateReserved": "2024-05-22T06:20:56.202Z", "dateUpdated": "2024-11-04T12:07:01.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52804
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52804", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:50.346379Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.971Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a0649e2dd4a3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ce15b0f1a431", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "32bd8f1cbcf8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c6c8863fb3f5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1f74d336990f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5013f8269887", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "dca403bb035a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2323de34a3ae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "64933ab7b048", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type \u0027atomic_t[128]\u0027\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:02.217Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb" }, { "url": "https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809" }, { "url": "https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b" }, { "url": "https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a" }, { "url": "https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e" }, { "url": "https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f" }, { "url": "https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40" }, { "url": "https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f" }, { "url": "https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e" } ], "title": "fs/jfs: Add validity check for db_maxag and db_agpref", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52804", "datePublished": "2024-05-21T15:31:15.720Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-04T14:53:02.217Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47459
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.451Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a0e47d2833b4f65e6c799f28c6b636d36b8b936d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/864e77771a24c877aaf53aee019f78619cbcd668" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e8811707e2df0c6ba920f0cad3a3bca7b42132f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d9d52a3ebd284882f5562c88e55991add5d01586" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47459", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:14.848678Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:25.941Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/can/j1939/main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a0e47d2833b4", "status": "affected", "version": "9d71dd0c7009", "versionType": "git" }, { "lessThan": "864e77771a24", "status": "affected", "version": "9d71dd0c7009", "versionType": "git" }, { "lessThan": "6e8811707e2d", "status": "affected", "version": "9d71dd0c7009", "versionType": "git" }, { "lessThan": "d9d52a3ebd28", "status": "affected", "version": "9d71dd0c7009", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/can/j1939/main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv\n\nIt will trigger UAF for rx_kref of j1939_priv as following.\n\n cpu0 cpu1\nj1939_sk_bind(socket0, ndev0, ...)\nj1939_netdev_start\n j1939_sk_bind(socket1, ndev0, ...)\n j1939_netdev_start\nj1939_priv_set\n j1939_priv_get_by_ndev_locked\nj1939_jsk_add\n.....\nj1939_netdev_stop\nkref_put_lock(\u0026priv-\u003erx_kref, ...)\n kref_get(\u0026priv-\u003erx_kref, ...)\n REFCOUNT_WARN(\"addition on 0;...\")\n\n====================================================\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 1 PID: 20874 at lib/refcount.c:25 refcount_warn_saturate+0x169/0x1e0\nRIP: 0010:refcount_warn_saturate+0x169/0x1e0\nCall Trace:\n j1939_netdev_start+0x68b/0x920\n j1939_sk_bind+0x426/0xeb0\n ? security_socket_bind+0x83/0xb0\n\nThe rx_kref\u0027s kref_get() and kref_put() should use j1939_netdev_lock to\nprotect." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:21.353Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a0e47d2833b4f65e6c799f28c6b636d36b8b936d" }, { "url": "https://git.kernel.org/stable/c/864e77771a24c877aaf53aee019f78619cbcd668" }, { "url": "https://git.kernel.org/stable/c/6e8811707e2df0c6ba920f0cad3a3bca7b42132f" }, { "url": "https://git.kernel.org/stable/c/d9d52a3ebd284882f5562c88e55991add5d01586" } ], "title": "can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47459", "datePublished": "2024-05-22T06:23:21.061Z", "dateReserved": "2024-05-22T06:20:56.197Z", "dateUpdated": "2024-11-04T12:06:21.353Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52704
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52704", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:51:26.143724Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T20:11:31.465Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.365Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/umh.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7f9f6c54da87", "status": "affected", "version": "f5d39b020809", "versionType": "git" }, { "lessThan": "eedeb787ebb5", "status": "affected", "version": "f5d39b020809", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/umh.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.1" }, { "lessThan": "6.1", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfreezer,umh: Fix call_usermode_helper_exec() vs SIGKILL\n\nTetsuo-San noted that commit f5d39b020809 (\"freezer,sched: Rewrite\ncore freezer logic\") broke call_usermodehelper_exec() for the KILLABLE\ncase.\n\nSpecifically it was missed that the second, unconditional,\nwait_for_completion() was not optional and ensures the on-stack\ncompletion is unused before going out-of-scope." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:30.866Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7" }, { "url": "https://git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d" } ], "title": "freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52704", "datePublished": "2024-05-21T15:22:53.343Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:30.866Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52832
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "1da177e4c3f4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.14.331" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.19.300" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.4.262" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.202" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.140" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.64" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.3" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52832", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T19:51:54.630981Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-920", "description": "CWE-920 Improper Restriction of Power Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:01.577Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/mac80211/cfg.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1571120c44db", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "298e767362ca", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "efeae5f4972f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "717de20abdcd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "21a0f310a9f3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2be24c47ac19", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "adc2474d823f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5a94cffe90e2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e160ab85166e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/mac80211/cfg.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:29.175Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f" }, { "url": "https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62" }, { "url": "https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18" }, { "url": "https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea" }, { "url": "https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846" }, { "url": "https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6" }, { "url": "https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a" }, { "url": "https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd671fe87c7" }, { "url": "https://git.kernel.org/stable/c/e160ab85166e77347d0cbe5149045cb25e83937f" } ], "title": "wifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52832", "datePublished": "2024-05-21T15:31:34.247Z", "dateReserved": "2024-05-21T15:19:24.252Z", "dateUpdated": "2024-11-04T14:53:29.175Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47407
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:58.900Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47407", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:38:00.602784Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:57.180Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/x86/include/asm/kvm_page_track.h", "arch/x86/kvm/mmu/page_track.c", "arch/x86/kvm/x86.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "deb294941767", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4664318f73e4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eb7511bf9182", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/x86/include/asm/kvm_page_track.h", "arch/x86/kvm/mmu/page_track.c", "arch/x86/kvm/x86.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Handle SRCU initialization failure during page track init\n\nCheck the return of init_srcu_struct(), which can fail due to OOM, when\ninitializing the page track mechanism. Lack of checking leads to a NULL\npointer deref found by a modified syzkaller.\n\n[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:20.118Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/deb2949417677649e2413266d7ce8c2ff73952b4" }, { "url": "https://git.kernel.org/stable/c/4664318f73e496cd22c71b10888e75434a123e23" }, { "url": "https://git.kernel.org/stable/c/eb7511bf9182292ef1df1082d23039e856d1ddfb" } ], "title": "KVM: x86: Handle SRCU initialization failure during page track init", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47407", "datePublished": "2024-05-21T15:03:59.991Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:20.118Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52742
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52742", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:27:10.192146Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:37.886Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.518Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f0ad46ef772438c0596df370450d8bdc8a12dbfb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f69307f625904feed189008381fd83bd1a35b63" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/43379fcacea2dcee35d02efc9c8fe97807a503c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1be271c52bf3554edcb8d124d1f8c7f777ee5727" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/25141fb4119112f4ebf8f00cf52014abbc8020b1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d2cf3fae701646061e295815bb7588d2f3671cc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/811d581194f7412eda97acc03d17fc77824b561f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/usb/plusb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f0ad46ef7724", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "6f69307f6259", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "43379fcacea2", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "1be271c52bf3", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "25141fb41191", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "0d2cf3fae701", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" }, { "lessThan": "811d581194f7", "status": "affected", "version": "090ffa9d0e90", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/usb/plusb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.14" }, { "lessThan": "2.6.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.306", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: USB: Fix wrong-direction WARNING in plusb.c\n\nThe syzbot fuzzer detected a bug in the plusb network driver: A\nzero-length control-OUT transfer was treated as a read instead of a\nwrite. In modern kernels this error provokes a WARNING:\n\nusb 1-1: BOGUS control dir, pipe 80000280 doesn\u0027t match bRequestType c0\nWARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411\nusb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\nModules linked in:\nCPU: 1 PID: 4645 Comm: dhcpcd Not tainted\n6.2.0-rc6-syzkaller-00050-g9f266ccaa2f5 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n01/12/2023\nRIP: 0010:usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_internal_control_msg drivers/usb/core/message.c:102 [inline]\n usb_control_msg+0x320/0x4a0 drivers/usb/core/message.c:153\n __usbnet_read_cmd+0xb9/0x390 drivers/net/usb/usbnet.c:2010\n usbnet_read_cmd+0x96/0xf0 drivers/net/usb/usbnet.c:2068\n pl_vendor_req drivers/net/usb/plusb.c:60 [inline]\n pl_set_QuickLink_features drivers/net/usb/plusb.c:75 [inline]\n pl_reset+0x2f/0xf0 drivers/net/usb/plusb.c:85\n usbnet_open+0xcc/0x5d0 drivers/net/usb/usbnet.c:889\n __dev_open+0x297/0x4d0 net/core/dev.c:1417\n __dev_change_flags+0x587/0x750 net/core/dev.c:8530\n dev_change_flags+0x97/0x170 net/core/dev.c:8602\n devinet_ioctl+0x15a2/0x1d70 net/ipv4/devinet.c:1147\n inet_ioctl+0x33f/0x380 net/ipv4/af_inet.c:979\n sock_do_ioctl+0xcc/0x230 net/socket.c:1169\n sock_ioctl+0x1f8/0x680 net/socket.c:1286\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe fix is to call usbnet_write_cmd() instead of usbnet_read_cmd() and\nremove the USB_DIR_IN flag." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:49.887Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f0ad46ef772438c0596df370450d8bdc8a12dbfb" }, { "url": "https://git.kernel.org/stable/c/6f69307f625904feed189008381fd83bd1a35b63" }, { "url": "https://git.kernel.org/stable/c/43379fcacea2dcee35d02efc9c8fe97807a503c9" }, { "url": "https://git.kernel.org/stable/c/1be271c52bf3554edcb8d124d1f8c7f777ee5727" }, { "url": "https://git.kernel.org/stable/c/25141fb4119112f4ebf8f00cf52014abbc8020b1" }, { "url": "https://git.kernel.org/stable/c/0d2cf3fae701646061e295815bb7588d2f3671cc" }, { "url": "https://git.kernel.org/stable/c/811d581194f7412eda97acc03d17fc77824b561f" } ], "title": "net: USB: Fix wrong-direction WARNING in plusb.c", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52742", "datePublished": "2024-05-21T15:23:04.513Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:49.887Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47408
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47408", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:07:55.386862Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T14:37:40.499Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.320Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e2d192301a0df8160d1555b66ae8611e8050e424" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e9edc188fc76499b0b9bd60364084037f6d03773" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/netfilter/nf_conntrack_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e2d192301a0d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7ea6f5848281", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e9edc188fc76", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/netfilter/nf_conntrack_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: serialize hash resizes and cleanups\n\nSyzbot was able to trigger the following warning [1]\n\nNo repro found by syzbot yet but I was able to trigger similar issue\nby having 2 scripts running in parallel, changing conntrack hash sizes,\nand:\n\nfor j in `seq 1 1000` ; do unshare -n /bin/true \u003e/dev/null ; done\n\nIt would take more than 5 minutes for net_namespace structures\nto be cleaned up.\n\nThis is because nf_ct_iterate_cleanup() has to restart everytime\na resize happened.\n\nBy adding a mutex, we can serialize hash resizes and cleanups\nand also make get_next_corpse() faster by skipping over empty\nbuckets.\n\nEven without resizes in the picture, this patch considerably\nspeeds up network namespace dismantles.\n\n[1]\nINFO: task syz-executor.0:8312 can\u0027t die for more than 144 seconds.\ntask:syz-executor.0 state:R running task stack:25672 pid: 8312 ppid: 6573 flags:0x00004006\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6408\n preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35\n __local_bh_enable_ip+0x109/0x120 kernel/softirq.c:390\n local_bh_enable include/linux/bottom_half.h:32 [inline]\n get_next_corpse net/netfilter/nf_conntrack_core.c:2252 [inline]\n nf_ct_iterate_cleanup+0x15a/0x450 net/netfilter/nf_conntrack_core.c:2275\n nf_conntrack_cleanup_net_list+0x14c/0x4f0 net/netfilter/nf_conntrack_core.c:2469\n ops_exit_list+0x10d/0x160 net/core/net_namespace.c:171\n setup_net+0x639/0xa30 net/core/net_namespace.c:349\n copy_net_ns+0x319/0x760 net/core/net_namespace.c:470\n create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc1/0x1f0 kernel/nsproxy.c:226\n ksys_unshare+0x445/0x920 kernel/fork.c:3128\n __do_sys_unshare kernel/fork.c:3202 [inline]\n __se_sys_unshare kernel/fork.c:3200 [inline]\n __x64_sys_unshare+0x2d/0x40 kernel/fork.c:3200\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f63da68e739\nRSP: 002b:00007f63d7c05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110\nRAX: ffffffffffffffda RBX: 00007f63da792f80 RCX: 00007f63da68e739\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000\nRBP: 00007f63da6e8cc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f63da792f80\nR13: 00007fff50b75d3f R14: 00007f63d7c05300 R15: 0000000000022000\n\nShowing all locks held in the system:\n1 lock held by khungtaskd/27:\n #0: ffffffff8b980020 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446\n2 locks held by kworker/u4:2/153:\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:634 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:661 [inline]\n #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2268\n #1: ffffc9000140fdb0 ((kfence_timer).work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2272\n1 lock held by systemd-udevd/2970:\n1 lock held by in:imklog/6258:\n #0: ffff88807f970ff0 (\u0026f-\u003ef_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990\n3 locks held by kworker/1:6/8158:\n1 lock held by syz-executor.0/8312:\n2 locks held by kworker/u4:13/9320:\n1 lock held by\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:21.262Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e2d192301a0df8160d1555b66ae8611e8050e424" }, { "url": "https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1" }, { "url": "https://git.kernel.org/stable/c/e9edc188fc76499b0b9bd60364084037f6d03773" } ], "title": "netfilter: conntrack: serialize hash resizes and cleanups", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47408", "datePublished": "2024-05-21T15:04:00.651Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:21.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52791
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52791", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:52.732311Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:13.581Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.653Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/i2c/i2c-core.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "25eb381a736e", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "25284c46b657", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "f6237afabc34", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "185f3617adc8", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "8c3fa52a46ff", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "3473cf43b906", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" }, { "lessThan": "aa49c90894d0", "status": "affected", "version": "bae1d3a05a8b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/i2c/i2c-core.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.2" }, { "lessThan": "5.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:48.989Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809" }, { "url": "https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0" }, { "url": "https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b" }, { "url": "https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c" }, { "url": "https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1" }, { "url": "https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91" }, { "url": "https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02" } ], "title": "i2c: core: Run atomic i2c xfer when !preemptible", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52791", "datePublished": "2024-05-21T15:31:06.997Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:48.989Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52774
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.549Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52774", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:56.558292Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:55.198Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/s390/block/dasd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ebdc569a07a3", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "f75617cc8df4", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "f1ac7789406e", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "c841de6247e9", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "6062c527d040", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "dc96fde8fcb2", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "9372aab5d0ff", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" }, { "lessThan": "db46cd1e0426", "status": "affected", "version": "4fa52aa7a82f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/s390/block/dasd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.1" }, { "lessThan": "3.1", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.332", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.301", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.263", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.203", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.141", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.65", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:26.896Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f" }, { "url": "https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458" }, { "url": "https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d" }, { "url": "https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a" }, { "url": "https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250" }, { "url": "https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be" }, { "url": "https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240" }, { "url": "https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885" } ], "title": "s390/dasd: protect device queue against concurrent access", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52774", "datePublished": "2024-05-21T15:30:55.593Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:26.896Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52796
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52796", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:45:36.487225Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:52.629Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4f7f850611aa27aaaf1bf5687702ad2240ae442a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4d2d30f0792b47908af64c4d02ed1ee25ff50542" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/43b781e7cb5cd0b435de276111953bf2bacd1f02" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1f64cad3ac38ac5978b53c40e6c5e6fd3477c68f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/732a67ca436887b594ebc43bb5a04ffb0971a760" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8872dc638c24bb774cd2224a69d72a7f661a4d56" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/03cddc4df8c6be47fd27c8f8b87e5f9a989e1458" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/18f039428c7df183b09c69ebf10ffd4e521035d2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ipvlan/ipvlan_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4f7f850611aa", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "4d2d30f0792b", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "43b781e7cb5c", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "1f64cad3ac38", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "732a67ca4368", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "8872dc638c24", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "03cddc4df8c6", "status": "affected", "version": "2ad7bf363841", "versionType": "git" }, { "lessThan": "18f039428c7d", "status": "affected", "version": "2ad7bf363841", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ipvlan/ipvlan_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.19" }, { "lessThan": "3.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:53.688Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4f7f850611aa27aaaf1bf5687702ad2240ae442a" }, { "url": "https://git.kernel.org/stable/c/4d2d30f0792b47908af64c4d02ed1ee25ff50542" }, { "url": "https://git.kernel.org/stable/c/43b781e7cb5cd0b435de276111953bf2bacd1f02" }, { "url": "https://git.kernel.org/stable/c/1f64cad3ac38ac5978b53c40e6c5e6fd3477c68f" }, { "url": "https://git.kernel.org/stable/c/732a67ca436887b594ebc43bb5a04ffb0971a760" }, { "url": "https://git.kernel.org/stable/c/8872dc638c24bb774cd2224a69d72a7f661a4d56" }, { "url": "https://git.kernel.org/stable/c/03cddc4df8c6be47fd27c8f8b87e5f9a989e1458" }, { "url": "https://git.kernel.org/stable/c/18f039428c7df183b09c69ebf10ffd4e521035d2" } ], "title": "ipvlan: add ipvlan_route_v6_outbound() helper", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52796", "datePublished": "2024-05-21T15:31:10.290Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-04T14:52:53.688Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52755
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "affected", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "aaf0a07d6088", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8387c94d73ec", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "09d9d8b40a33", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "712e01f32e57", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eebff19acaa3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52755", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-01T03:55:53.690996Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-01T13:46:35.727Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.921Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/smb/server/smbacl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "aaf0a07d6088", "status": "affected", "version": "0626e6641f6b", "versionType": "git" }, { "lessThan": "8387c94d73ec", "status": "affected", "version": "0626e6641f6b", "versionType": "git" }, { "lessThan": "09d9d8b40a33", "status": "affected", "version": "0626e6641f6b", "versionType": "git" }, { "lessThan": "712e01f32e57", "status": "affected", "version": "0626e6641f6b", "versionType": "git" }, { "lessThan": "eebff19acaa3", "status": "affected", "version": "0626e6641f6b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/smb/server/smbacl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab out of bounds write in smb_inherit_dacl()\n\nslab out-of-bounds write is caused by that offsets is bigger than pntsd\nallocation size. This patch add the check to validate 3 offsets using\nallocation size." } ], "providerMetadata": { "dateUpdated": "2024-12-09T14:21:06.043Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/aaf0a07d60887d6c36fc46a24de0083744f07819" }, { "url": "https://git.kernel.org/stable/c/8387c94d73ec66eb597c7a23a8d9eadf64bfbafa" }, { "url": "https://git.kernel.org/stable/c/09d9d8b40a3338193619c14ed4dc040f4f119e70" }, { "url": "https://git.kernel.org/stable/c/712e01f32e577e7e48ab0adb5fe550646a3d93cb" }, { "url": "https://git.kernel.org/stable/c/eebff19acaa35820cb09ce2ccb3d21bee2156ffb" } ], "title": "ksmbd: fix slab out of bounds write in smb_inherit_dacl()", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52755", "datePublished": "2024-05-21T15:30:42.898Z", "dateReserved": "2024-05-21T15:19:24.235Z", "dateUpdated": "2024-12-09T14:21:06.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52862
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52862", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:11:35.315228Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T16:46:54.715Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.134Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "97ef07182ac4", "status": "affected", "version": "9788d087caff", "versionType": "git" }, { "lessThan": "8b72c5d4a5d2", "status": "affected", "version": "9788d087caff", "versionType": "git" }, { "lessThan": "0c3601a2fbfb", "status": "affected", "version": "9788d087caff", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:05.554Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898" }, { "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019" }, { "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112" } ], "title": "drm/amd/display: Fix null pointer dereference in error message", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52862", "datePublished": "2024-05-21T15:31:54.544Z", "dateReserved": "2024-05-21T15:19:24.261Z", "dateUpdated": "2024-11-06T16:46:54.715Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47436
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47436", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:36.424310Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:04:23.811Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:58.936Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/musb/musb_dsps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5ed60a430fb5", "status": "affected", "version": "5269937d1483", "versionType": "git" }, { "lessThan": "e923bce31ffe", "status": "affected", "version": "ffc825049ed2", "versionType": "git" }, { "lessThan": "9ab5d539bc97", "status": "affected", "version": "9a4a6805294f", "versionType": "git" }, { "lessThan": "9d89e2871167", "status": "affected", "version": "8de01a896c1b", "versionType": "git" }, { "lessThan": "ff9249aab398", "status": "affected", "version": "72bb3eafcfdd", "versionType": "git" }, { "lessThan": "c2115b2b1642", "status": "affected", "version": "7c75bde329d7", "versionType": "git" } ] }, { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/musb/musb_dsps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4.14.252", "status": "affected", "version": "4.14.247", "versionType": "semver" }, { "lessThan": "4.19.213", "status": "affected", "version": "4.19.207", "versionType": "semver" }, { "lessThan": "5.4.155", "status": "affected", "version": "5.4.148", "versionType": "semver" }, { "lessThan": "5.10.75", "status": "affected", "version": "5.10.67", "versionType": "semver" }, { "lessThan": "5.14.14", "status": "affected", "version": "5.14.6", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: dsps: Fix the probe error path\n\nCommit 7c75bde329d7 (\"usb: musb: musb_dsps: request_irq() after\ninitializing musb\") has inverted the calls to\ndsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without\nupdating correctly the error path. dsps_create_musb_pdev() allocates and\nregisters a new platform device which must be unregistered and freed\nwith platform_device_unregister(), and this is missing upon\ndsps_setup_optional_vbus_irq() error.\n\nWhile on the master branch it seems not to trigger any issue, I observed\na kernel crash because of a NULL pointer dereference with a v5.10.70\nstable kernel where the patch mentioned above was backported. With this\nkernel version, -EPROBE_DEFER is returned the first time\ndsps_setup_optional_vbus_irq() is called which triggers the probe to\nerror out without unregistering the platform device. Unfortunately, on\nthe Beagle Bone Black Wireless, the platform device still living in the\nsystem is being used by the USB Ethernet gadget driver, which during the\nboot phase triggers the crash.\n\nMy limited knowledge of the musb world prevents me to revert this commit\nwhich was sent to silence a robot warning which, as far as I understand,\ndoes not make sense. The goal of this patch was to prevent an IRQ to\nfire before the platform device being registered. I think this cannot\never happen due to the fact that enabling the interrupts is done by the\n-\u003eenable() callback of the platform musb device, and this platform\ndevice must be already registered in order for the core or any other\nuser to use this callback.\n\nHence, I decided to fix the error path, which might prevent future\nerrors on mainline kernels while also fixing older ones." } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:41:15.170Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5ed60a430fb5f3d93e7fef66264daef466b4d10c" }, { "url": "https://git.kernel.org/stable/c/e923bce31ffefe4f60edfc6b84f62d4a858f3676" }, { "url": "https://git.kernel.org/stable/c/9ab5d539bc975b8dcde86eca1b58d836b657732e" }, { "url": "https://git.kernel.org/stable/c/9d89e287116796bf987cc48f5c8632ef3048f8eb" }, { "url": "https://git.kernel.org/stable/c/ff9249aab39820be11b6975a10d94253b7d426fc" }, { "url": "https://git.kernel.org/stable/c/c2115b2b16421d93d4993f3fe4c520e91d6fe801" } ], "title": "usb: musb: dsps: Fix the probe error path", "x_generator": { "engine": "bippy-c8e10e5f6187" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47436", "datePublished": "2024-05-22T06:19:32.220Z", "dateReserved": "2024-05-21T14:58:30.830Z", "dateUpdated": "2024-11-04T11:41:15.170Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47448
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1a4554e94f0deff9fc1dc5addf93fa579cc29711" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/612f71d7328c14369924384ad2170aae2a6abd92" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47448", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:18.098656Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:26.764Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1a4554e94f0d", "status": "affected", "version": "7a6a6cbc3e59", "versionType": "git" }, { "lessThan": "612f71d7328c", "status": "affected", "version": "7a6a6cbc3e59", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix possible stall on recvmsg()\n\nrecvmsg() can enter an infinite loop if the caller provides the\nMSG_WAITALL, the data present in the receive queue is not sufficient to\nfulfill the request, and no more data is received by the peer.\n\nWhen the above happens, mptcp_wait_data() will always return with\nno wait, as the MPTCP_DATA_READY flag checked by such function is\nset and never cleared in such code path.\n\nLeveraging the above syzbot was able to trigger an RCU stall:\n\nrcu: INFO: rcu_preempt self-detected stall on CPU\nrcu: 0-...!: (10499 ticks this GP) idle=0af/1/0x4000000000000000 softirq=10678/10678 fqs=1\n (t=10500 jiffies g=13089 q=109)\nrcu: rcu_preempt kthread starved for 10497 jiffies! g13089 f0x0 RCU_GP_WAIT_FQS(5) -\u003estate=0x0 -\u003ecpu=1\nrcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.\nrcu: RCU grace-period kthread stack dump:\ntask:rcu_preempt state:R running task stack:28696 pid: 14 ppid: 2 flags:0x00004000\nCall Trace:\n context_switch kernel/sched/core.c:4955 [inline]\n __schedule+0x940/0x26f0 kernel/sched/core.c:6236\n schedule+0xd3/0x270 kernel/sched/core.c:6315\n schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881\n rcu_gp_fqs_loop+0x186/0x810 kernel/rcu/tree.c:1955\n rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2128\n kthread+0x405/0x4f0 kernel/kthread.c:327\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\nrcu: Stack dump where RCU GP kthread last ran:\nSending NMI from CPU 0 to CPUs 1:\nNMI backtrace for cpu 1\nCPU: 1 PID: 8510 Comm: syz-executor827 Not tainted 5.15.0-rc2-next-20210920-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:bytes_is_nonzero mm/kasan/generic.c:84 [inline]\nRIP: 0010:memory_is_nonzero mm/kasan/generic.c:102 [inline]\nRIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:128 [inline]\nRIP: 0010:memory_is_poisoned mm/kasan/generic.c:159 [inline]\nRIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]\nRIP: 0010:kasan_check_range+0xc8/0x180 mm/kasan/generic.c:189\nCode: 38 00 74 ed 48 8d 50 08 eb 09 48 83 c0 01 48 39 d0 74 7a 80 38 00 74 f2 48 89 c2 b8 01 00 00 00 48 85 d2 75 56 5b 5d 41 5c c3 \u003c48\u003e 85 d2 74 5e 48 01 ea eb 09 48 83 c0 01 48 39 d0 74 50 80 38 00\nRSP: 0018:ffffc9000cd676c8 EFLAGS: 00000283\nRAX: ffffed100e9a110e RBX: ffffed100e9a110f RCX: ffffffff88ea062a\nRDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888074d08870\nRBP: ffffed100e9a110e R08: 0000000000000001 R09: ffff888074d08877\nR10: ffffed100e9a110e R11: 0000000000000000 R12: ffff888074d08000\nR13: ffff888074d08000 R14: ffff888074d08088 R15: ffff888074d08000\nFS: 0000555556d8e300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000180 CR3: 0000000068909000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n instrument_atomic_read_write include/linux/instrumented.h:101 [inline]\n test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:83 [inline]\n mptcp_release_cb+0x14a/0x210 net/mptcp/protocol.c:3016\n release_sock+0xb4/0x1b0 net/core/sock.c:3204\n mptcp_wait_data net/mptcp/protocol.c:1770 [inline]\n mptcp_recvmsg+0xfd1/0x27b0 net/mptcp/protocol.c:2080\n inet6_recvmsg+0x11b/0x5e0 net/ipv6/af_inet6.c:659\n sock_recvmsg_nosec net/socket.c:944 [inline]\n ____sys_recvmsg+0x527/0x600 net/socket.c:2626\n ___sys_recvmsg+0x127/0x200 net/socket.c:2670\n do_recvmmsg+0x24d/0x6d0 net/socket.c:2764\n __sys_recvmmsg net/socket.c:2843 [inline]\n __do_sys_recvmmsg net/socket.c:2866 [inline]\n __se_sys_recvmmsg net/socket.c:2859 [inline]\n __x64_sys_recvmmsg+0x20b/0x260 net/socket.c:2859\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fc200d2\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:06.340Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1a4554e94f0deff9fc1dc5addf93fa579cc29711" }, { "url": "https://git.kernel.org/stable/c/612f71d7328c14369924384ad2170aae2a6abd92" } ], "title": "mptcp: fix possible stall on recvmsg()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47448", "datePublished": "2024-05-22T06:19:40.141Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:06.340Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52779
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52779", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:48:07.766160Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T14:23:53.810Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.013Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3fb0fa08641903304b9d81d52a379ff031dc41d4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ecryptfs/inode.c", "fs/overlayfs/inode.c", "fs/overlayfs/overlayfs.h", "fs/stat.c", "include/uapi/linux/fcntl.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3fb0fa086419", "status": "affected", "version": "db1d1e8b9867", "versionType": "git" }, { "lessThan": "8a924db2d7b5", "status": "affected", "version": "db1d1e8b9867", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ecryptfs/inode.c", "fs/overlayfs/inode.c", "fs/overlayfs/overlayfs.h", "fs/stat.c", "include/uapi/linux/fcntl.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Pass AT_GETATTR_NOSEC flag to getattr interface function\n\nWhen vfs_getattr_nosec() calls a filesystem\u0027s getattr interface function\nthen the \u0027nosec\u0027 should propagate into this function so that\nvfs_getattr_nosec() can again be called from the filesystem\u0027s gettattr\nrather than vfs_getattr(). The latter would add unnecessary security\nchecks that the initial vfs_getattr_nosec() call wanted to avoid.\nTherefore, introduce the getattr flag GETATTR_NOSEC and allow to pass\nwith the new getattr_flags parameter to the getattr interface function.\nIn overlayfs and ecryptfs use this flag to determine which one of the\ntwo functions to call.\n\nIn a recent code change introduced to IMA vfs_getattr_nosec() ended up\ncalling vfs_getattr() in overlayfs, which in turn called\nsecurity_inode_getattr() on an exiting process that did not have\ncurrent-\u003efs set anymore, which then caused a kernel NULL pointer\ndereference. With this change the call to security_inode_getattr() can\nbe avoided, thus avoiding the NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:33.962Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3fb0fa08641903304b9d81d52a379ff031dc41d4" }, { "url": "https://git.kernel.org/stable/c/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf" } ], "title": "fs: Pass AT_GETATTR_NOSEC flag to getattr interface function", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52779", "datePublished": "2024-05-21T15:30:58.899Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-06T14:23:53.810Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52781
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52781", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:27:41.275139Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:33.254Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.495Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/core/config.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9ef94ec8e52e", "status": "affected", "version": "3dd550a2d365", "versionType": "git" }, { "lessThan": "64c27b7b2357", "status": "affected", "version": "3dd550a2d365", "versionType": "git" }, { "lessThan": "f89fef7710b2", "status": "affected", "version": "3dd550a2d365", "versionType": "git" }, { "lessThan": "7c0244cc311a", "status": "affected", "version": "3dd550a2d365", "versionType": "git" }, { "lessThan": "974bba5c118f", "status": "affected", "version": "3dd550a2d365", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/core/config.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.203", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.142", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.66", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:36.483Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9ef94ec8e52eaf7b9abc5b5f8f5b911751112223" }, { "url": "https://git.kernel.org/stable/c/64c27b7b2357ddb38b6afebaf46d5bff4d250702" }, { "url": "https://git.kernel.org/stable/c/f89fef7710b2ba0f7a1e46594e530dcf2f77be91" }, { "url": "https://git.kernel.org/stable/c/7c0244cc311a4038505b73682b7c8ceaa5c7a8c8" }, { "url": "https://git.kernel.org/stable/c/974bba5c118f4c2baf00de0356e3e4f7928b4cbc" } ], "title": "usb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52781", "datePublished": "2024-05-21T15:31:00.242Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:36.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47416
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47416", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:32:44.904318Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:14.542Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.091Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/phy/mdio_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "25e9f88c7e3c", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "2250392d930b", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "f4f502a04ee1", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "2397b9e11872", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "414bb4ead136", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "0d2dd40a7be6", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "064c2616234a", "status": "affected", "version": "46abc02175b3", "versionType": "git" }, { "lessThan": "ca6e11c337da", "status": "affected", "version": "46abc02175b3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/phy/mdio_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.28" }, { "lessThan": "2.6.28", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.289", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.287", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.251", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.211", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: mdio: fix memory leak\n\nSyzbot reported memory leak in MDIO bus interface, the problem was in\nwrong state logic.\n\nMDIOBUS_ALLOCATED indicates 2 states:\n\t1. Bus is only allocated\n\t2. Bus allocated and __mdiobus_register() fails, but\n\t device_register() was called\n\nIn case of device_register() has been called we should call put_device()\nto correctly free the memory allocated for this device, but mdiobus_free()\ncalls just kfree(dev) in case of MDIOBUS_ALLOCATED state\n\nTo avoid this behaviour we need to set bus-\u003estate to MDIOBUS_UNREGISTERED\n_before_ calling device_register(), because put_device() should be\ncalled even in case of device_register() failure." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:29.449Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639" }, { "url": "https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7" }, { "url": "https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6" }, { "url": "https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f" }, { "url": "https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988" }, { "url": "https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a" }, { "url": "https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d" }, { "url": "https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905" } ], "title": "phy: mdio: fix memory leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47416", "datePublished": "2024-05-21T15:04:06.042Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:29.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47432
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47432", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:47:48.909736Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T15:31:57.716Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.326Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/linux/generic-radix-tree.h", "lib/generic-radix-tree.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "784d01f9bbc2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ec298b958cb0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "aa7f18279531", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9492261ff246", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/linux/generic-radix-tree.h", "lib/generic-radix-tree.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Don\u0027t overflow in peek()\n\nWhen we started spreading new inode numbers throughout most of the 64\nbit inode space, that triggered some corner case bugs, in particular\nsome integer overflows related to the radix tree code. Oops." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:48.114Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac" }, { "url": "https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c" }, { "url": "https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437" }, { "url": "https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0" } ], "title": "lib/generic-radix-tree.c: Don\u0027t overflow in peek()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47432", "datePublished": "2024-05-21T15:30:36.904Z", "dateReserved": "2024-05-21T14:58:30.829Z", "dateUpdated": "2024-11-04T12:05:48.114Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47492
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47492", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:45:29.189112Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:55.710Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.622Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/khugepaged.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "69a7fa5cb0de", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" }, { "lessThan": "5e669d8ab30a", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" }, { "lessThan": "74c42e1baacf", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/khugepaged.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, thp: bail out early in collapse_file for writeback page\n\nCurrently collapse_file does not explicitly check PG_writeback, instead,\npage_has_private and try_to_release_page are used to filter writeback\npages. This does not work for xfs with blocksize equal to or larger\nthan pagesize, because in such case xfs has no page-\u003eprivate.\n\nThis makes collapse_file bail out early for writeback page. Otherwise,\nxfs end_page_writeback will panic as follows.\n\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:ffff0003f88c86a8 index:0x0 pfn:0x84ef32\n aops:xfs_address_space_operations [xfs] ino:30000b7 dentry name:\"libtest.so\"\n flags: 0x57fffe0000008027(locked|referenced|uptodate|active|writeback)\n raw: 57fffe0000008027 ffff80001b48bc28 ffff80001b48bc28 ffff0003f88c86a8\n raw: 0000000000000000 0000000000000000 00000000ffffffff ffff0000c3e9a000\n page dumped because: VM_BUG_ON_PAGE(((unsigned int) page_ref_count(page) + 127u \u003c= 127u))\n page-\u003emem_cgroup:ffff0000c3e9a000\n ------------[ cut here ]------------\n kernel BUG at include/linux/mm.h:1212!\n Internal error: Oops - BUG: 0 [#1] SMP\n Modules linked in:\n BUG: Bad page state in process khugepaged pfn:84ef32\n xfs(E)\n page:fffffe00201bcc80 refcount:0 mapcount:0 mapping:0 index:0x0 pfn:0x84ef32\n libcrc32c(E) rfkill(E) aes_ce_blk(E) crypto_simd(E) ...\n CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Tainted: ...\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n Call trace:\n end_page_writeback+0x1c0/0x214\n iomap_finish_page_writeback+0x13c/0x204\n iomap_finish_ioend+0xe8/0x19c\n iomap_writepage_end_bio+0x38/0x50\n bio_endio+0x168/0x1ec\n blk_update_request+0x278/0x3f0\n blk_mq_end_request+0x34/0x15c\n virtblk_request_done+0x38/0x74 [virtio_blk]\n blk_done_softirq+0xc4/0x110\n __do_softirq+0x128/0x38c\n __irq_exit_rcu+0x118/0x150\n irq_exit+0x1c/0x30\n __handle_domain_irq+0x8c/0xf0\n gic_handle_irq+0x84/0x108\n el1_irq+0xcc/0x180\n arch_cpu_idle+0x18/0x40\n default_idle_call+0x4c/0x1a0\n cpuidle_idle_call+0x168/0x1e0\n do_idle+0xb4/0x104\n cpu_startup_entry+0x30/0x9c\n secondary_start_kernel+0x104/0x180\n Code: d4210000 b0006161 910c8021 94013f4d (d4210000)\n ---[ end trace 4a88c6a074082f8c ]---\n Kernel panic - not syncing: Oops - BUG: Fatal exception in interrupt" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:57.842Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/69a7fa5cb0de06c8956b040f19a7248c8c8308ca" }, { "url": "https://git.kernel.org/stable/c/5e669d8ab30ab61dec3c36e27b4711f07611e6fc" }, { "url": "https://git.kernel.org/stable/c/74c42e1baacf206338b1dd6b6199ac964512b5bb" } ], "title": "mm, thp: bail out early in collapse_file for writeback page", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47492", "datePublished": "2024-05-22T08:19:40.759Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:57.842Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47375
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47375", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:23.607827Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-27T13:59:18.148Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.654Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/488da313edf3abea7f7733efe011c96b23740ab5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dacfd5e4d1142bfb3809aab3634a375f6f373269" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d56171d9360c0170c5c5f8f7e2362a2e999eca40" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/677e362ba807f3aafe6f405c07e0b37244da5222" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ebb8d26d93c3ec3c7576c52a8373a2309423c069" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3815fe7371d2411ce164281cef40d9fc7b323dee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a5f8e86192612d0183047448d8bbe7918b3f1a26" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/trace/blktrace.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "488da313edf3", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "dacfd5e4d114", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "d56171d9360c", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "677e362ba807", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "ebb8d26d93c3", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "3815fe7371d2", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "a5f8e8619261", "status": "affected", "version": "c71a89615411", "versionType": "git" }, { "lessThan": "5afedf670caf", "status": "affected", "version": "c71a89615411", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/trace/blktrace.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.30" }, { "lessThan": "2.6.30", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.286", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.285", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.249", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.209", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.150", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.70", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.9", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblktrace: Fix uaf in blk_trace access after removing by sysfs\n\nThere is an use-after-free problem triggered by following process:\n\n P1(sda)\t\t\t\tP2(sdb)\n\t\t\techo 0 \u003e /sys/block/sdb/trace/enable\n\t\t\t blk_trace_remove_queue\n\t\t\t synchronize_rcu\n\t\t\t blk_trace_free\n\t\t\t relay_close\nrcu_read_lock\n__blk_add_trace\n trace_note_tsk\n (Iterate running_trace_list)\n\t\t\t relay_close_buf\n\t\t\t\t relay_destroy_buf\n\t\t\t\t kfree(buf)\n trace_note(sdb\u0027s bt)\n relay_reserve\n buf-\u003eoffset \u003c- nullptr deference (use-after-free) !!!\nrcu_read_unlock\n\n[ 502.714379] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n[ 502.715260] #PF: supervisor read access in kernel mode\n[ 502.715903] #PF: error_code(0x0000) - not-present page\n[ 502.716546] PGD 103984067 P4D 103984067 PUD 17592b067 PMD 0\n[ 502.717252] Oops: 0000 [#1] SMP\n[ 502.720308] RIP: 0010:trace_note.isra.0+0x86/0x360\n[ 502.732872] Call Trace:\n[ 502.733193] __blk_add_trace.cold+0x137/0x1a3\n[ 502.733734] blk_add_trace_rq+0x7b/0xd0\n[ 502.734207] blk_add_trace_rq_issue+0x54/0xa0\n[ 502.734755] blk_mq_start_request+0xde/0x1b0\n[ 502.735287] scsi_queue_rq+0x528/0x1140\n...\n[ 502.742704] sg_new_write.isra.0+0x16e/0x3e0\n[ 502.747501] sg_ioctl+0x466/0x1100\n\nReproduce method:\n ioctl(/dev/sda, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sda, BLKTRACESTART)\n ioctl(/dev/sdb, BLKTRACESETUP, blk_user_trace_setup[buf_size=127])\n ioctl(/dev/sdb, BLKTRACESTART)\n\n echo 0 \u003e /sys/block/sdb/trace/enable \u0026\n // Add delay(mdelay/msleep) before kernel enters blk_trace_free()\n\n ioctl$SG_IO(/dev/sda, SG_IO, ...)\n // Enters trace_note_tsk() after blk_trace_free() returned\n // Use mdelay in rcu region rather than msleep(which may schedule out)\n\nRemove blk_trace from running_list before calling blk_trace_free() by\nsysfs if blk_trace is at Blktrace_running state." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:04:42.277Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/488da313edf3abea7f7733efe011c96b23740ab5" }, { "url": "https://git.kernel.org/stable/c/dacfd5e4d1142bfb3809aab3634a375f6f373269" }, { "url": "https://git.kernel.org/stable/c/d56171d9360c0170c5c5f8f7e2362a2e999eca40" }, { "url": "https://git.kernel.org/stable/c/677e362ba807f3aafe6f405c07e0b37244da5222" }, { "url": "https://git.kernel.org/stable/c/ebb8d26d93c3ec3c7576c52a8373a2309423c069" }, { "url": "https://git.kernel.org/stable/c/3815fe7371d2411ce164281cef40d9fc7b323dee" }, { "url": "https://git.kernel.org/stable/c/a5f8e86192612d0183047448d8bbe7918b3f1a26" }, { "url": "https://git.kernel.org/stable/c/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9" } ], "title": "blktrace: Fix uaf in blk_trace access after removing by sysfs", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47375", "datePublished": "2024-05-21T15:03:39.090Z", "dateReserved": "2024-05-21T14:58:30.811Z", "dateUpdated": "2024-11-04T12:04:42.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47487
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-28T18:59:27.726Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47487", "datePublished": "2024-05-22T08:19:37.473Z", "dateRejected": "2024-05-28T18:59:27.726Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-05-28T18:59:27.726Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47466
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.454Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47466", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:11.672378Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.631Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/slub.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4f5d1c29cfab", "status": "affected", "version": "210e7a43fa90", "versionType": "git" }, { "lessThan": "568f906340b4", "status": "affected", "version": "210e7a43fa90", "versionType": "git" }, { "lessThan": "42b81946e3ac", "status": "affected", "version": "210e7a43fa90", "versionType": "git" }, { "lessThan": "9037c57681d2", "status": "affected", "version": "210e7a43fa90", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/slub.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.8" }, { "lessThan": "4.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential memoryleak in kmem_cache_open()\n\nIn error path, the random_seq of slub cache might be leaked. Fix this\nby using __kmem_cache_release() to release all the relevant resources." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:29.452Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb" }, { "url": "https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930" }, { "url": "https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f" }, { "url": "https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461" } ], "title": "mm, slub: fix potential memoryleak in kmem_cache_open()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47466", "datePublished": "2024-05-22T06:23:25.674Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-04T12:06:29.452Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52794
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.955Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52794", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:53.470332Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:29.826Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/thermal/intel/intel_powerclamp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6a3866dbdcf3", "status": "affected", "version": "ebf519710218", "versionType": "git" }, { "lessThan": "0a8585281b11", "status": "affected", "version": "ebf519710218", "versionType": "git" }, { "lessThan": "fae633cfb729", "status": "affected", "version": "ebf519710218", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/thermal/intel/intel_powerclamp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: powerclamp: fix mismatch in get function for max_idle\n\nKASAN reported this\n\n [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90\n [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105\n ...\n [ 444.853442] The buggy address belongs to the variable:\n [ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp]\n\nThere is a mismatch between the param_get_int and the definition of\nmax_idle. Replacing param_get_int with param_get_byte resolves this\nissue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:51.268Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18" }, { "url": "https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c" }, { "url": "https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7" } ], "title": "thermal: intel: powerclamp: fix mismatch in get function for max_idle", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52794", "datePublished": "2024-05-21T15:31:08.970Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-04T14:52:51.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52845
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.894Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52845", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:31.255258Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.283Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/tipc/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6744008c354b", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "2426425d686b", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "2199260c42e6", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "b33d130f07f1", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "3907b89cd17f", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "4c731e98fe4d", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "abc1582119e8", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "560992f41c0c", "status": "affected", "version": "7be57fc69184", "versionType": "git" }, { "lessThan": "19b3f72a41a8", "status": "affected", "version": "7be57fc69184", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/tipc/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.19" }, { "lessThan": "3.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:44.618Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d" }, { "url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6" }, { "url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0" }, { "url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294" }, { "url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8" }, { "url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4" }, { "url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04" }, { "url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709" }, { "url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579" } ], "title": "tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52845", "datePublished": "2024-05-21T15:31:43.181Z", "dateReserved": "2024-05-21T15:19:24.254Z", "dateUpdated": "2024-11-04T14:53:44.618Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52828
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52828", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:18:00.561172Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T15:50:04.124Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.966Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/bpf/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6058e4829696", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "cf353904a828", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "aa42a7cb9264", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "327b92e8cb52", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "821a7e4143af", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "66d9111f3517", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/bpf/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Detect IP == ksym.end as part of BPF program\n\nNow that bpf_throw kfunc is the first such call instruction that has\nnoreturn semantics within the verifier, this also kicks in dead code\nelimination in unprecedented ways. For one, any instruction following\na bpf_throw call will never be marked as seen. Moreover, if a callchain\nends up throwing, any instructions after the call instruction to the\neventually throwing subprog in callers will also never be marked as\nseen.\n\nThe tempting way to fix this would be to emit extra \u0027int3\u0027 instructions\nwhich bump the jited_len of a program, and ensure that during runtime\nwhen a program throws, we can discover its boundaries even if the call\ninstruction to bpf_throw (or to subprogs that always throw) is emitted\nas the final instruction in the program.\n\nAn example of such a program would be this:\n\ndo_something():\n\t...\n\tr0 = 0\n\texit\n\nfoo():\n\tr1 = 0\n\tcall bpf_throw\n\tr0 = 0\n\texit\n\nbar(cond):\n\tif r1 != 0 goto pc+2\n\tcall do_something\n\texit\n\tcall foo\n\tr0 = 0 // Never seen by verifier\n\texit\t//\n\nmain(ctx):\n\tr1 = ...\n\tcall bar\n\tr0 = 0\n\texit\n\nHere, if we do end up throwing, the stacktrace would be the following:\n\nbpf_throw\nfoo\nbar\nmain\n\nIn bar, the final instruction emitted will be the call to foo, as such,\nthe return address will be the subsequent instruction (which the JIT\nemits as int3 on x86). This will end up lying outside the jited_len of\nthe program, thus, when unwinding, we will fail to discover the return\naddress as belonging to any program and end up in a panic due to the\nunreliable stack unwinding of BPF programs that we never expect.\n\nTo remedy this case, make bpf_prog_ksym_find treat IP == ksym.end as\npart of the BPF program, so that is_bpf_text_address returns true when\nsuch a case occurs, and we are able to unwind reliably when the final\ninstruction ends up being a call instruction." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:25.737Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18" }, { "url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1" }, { "url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f" }, { "url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5" }, { "url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922" }, { "url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21" } ], "title": "bpf: Detect IP == ksym.end as part of BPF program", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52828", "datePublished": "2024-05-21T15:31:31.501Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-11-05T15:50:04.124Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52812
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52812", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:42.933997Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:36:56.947Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.059Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2f2d48b6247a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5b4574b663d0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "09f617219fe9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "406e8845356d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.119", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: check num of link levels when update pcie param\n\nIn SR-IOV environment, the value of pcie_table-\u003enum_of_link_levels will\nbe 0, and num_of_levels - 1 will cause array index out of bounds" } ], "providerMetadata": { "dateUpdated": "2024-12-02T07:59:20.332Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2f2d48b6247ae3001f83c98730b3cce475cb2927" }, { "url": "https://git.kernel.org/stable/c/5b4574b663d0a1a0a62d5232429b7db9ae6d0670" }, { "url": "https://git.kernel.org/stable/c/09f617219fe9ccd8d7b65dc3e879b5889f663b5a" }, { "url": "https://git.kernel.org/stable/c/406e8845356d18bdf3d3a23b347faf67706472ec" } ], "title": "drm/amd: check num of link levels when update pcie param", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52812", "datePublished": "2024-05-21T15:31:20.940Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-12-02T07:59:20.332Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47430
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47430", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:16:26.363902Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T21:23:00.189Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.010Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/x86/kernel/cpu/common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f2447f6587b8", "status": "affected", "version": "3c73b81a9164", "versionType": "git" }, { "lessThan": "4e9ec1c65da9", "status": "affected", "version": "3c73b81a9164", "versionType": "git" }, { "lessThan": "3958b9c34c27", "status": "affected", "version": "3c73b81a9164", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/x86/kernel/cpu/common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n\n\nCommit\n\n 3c73b81a9164 (\"x86/entry, selftests: Further improve user entry sanity checks\")\n\nadded a warning if AC is set when in the kernel.\n\nCommit\n\n 662a0221893a3d (\"x86/entry: Fix AC assertion\")\n\nchanged the warning to only fire if the CPU supports SMAP.\n\nHowever, the warning can still trigger on a machine that supports SMAP\nbut where it\u0027s disabled in the kernel config and when running the\nsyscall_nt selftest, for example:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 49 at irqentry_enter_from_user_mode\n CPU: 0 PID: 49 Comm: init Tainted: G T 5.15.0-rc4+ #98 e6202628ee053b4f310759978284bd8bb0ce6905\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\n RIP: 0010:irqentry_enter_from_user_mode\n ...\n Call Trace:\n ? irqentry_enter\n ? exc_general_protection\n ? asm_exc_general_protection\n ? asm_exc_general_protectio\n\nIS_ENABLED(CONFIG_X86_SMAP) could be added to the warning condition, but\neven this would not be enough in case SMAP is disabled at boot time with\nthe \"nosmap\" parameter.\n\nTo be consistent with \"nosmap\" behaviour, clear X86_FEATURE_SMAP when\n!CONFIG_X86_SMAP.\n\nFound using entry-fuzz + satrandconfig.\n\n [ bp: Massage commit message. ]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:45.821Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e" }, { "url": "https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0" }, { "url": "https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c" } ], "title": "x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47430", "datePublished": "2024-05-21T15:04:15.352Z", "dateReserved": "2024-05-21T14:58:30.829Z", "dateUpdated": "2024-11-08T21:23:00.189Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47449
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.14.14", "status": "affected", "version": "5.14.4", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47449", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T15:57:08.649980Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-08T14:17:23.557Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_ptp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "61616be89997", "status": "affected", "version": "46720ac66c21", "versionType": "git" }, { "lessThan": "4d4a223a86af", "status": "affected", "version": "4dd0d5c33c3e", "versionType": "git" } ] }, { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_ptp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5.14.14", "status": "affected", "version": "5.14.4", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[ 715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[ 715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[ 715.435652] INFO: lockdep is turned off.\n[ 715.439591] Preemption disabled at:\n[ 715.439594] [\u003c0000000000000000\u003e] 0x0\n[ 715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G W OE 5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[ 715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[ 715.468483] Call Trace:\n[ 715.470940] dump_stack_lvl+0x6a/0x9a\n[ 715.474613] ___might_sleep.cold+0x224/0x26a\n[ 715.478895] __mutex_lock+0xb3/0x1440\n[ 715.482569] ? stack_depot_save+0x378/0x500\n[ 715.486763] ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.494979] ? kfree+0xc1/0x520\n[ 715.498128] ? mutex_lock_io_nested+0x12a0/0x12a0\n[ 715.502837] ? kasan_set_free_info+0x20/0x30\n[ 715.507110] ? __kasan_slab_free+0x10b/0x140\n[ 715.511385] ? slab_free_freelist_hook+0xc7/0x220\n[ 715.516092] ? kfree+0xc1/0x520\n[ 715.519235] ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.527359] ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.535133] ? pci_device_remove+0xab/0x1d0\n[ 715.539318] ? __device_release_driver+0x35b/0x690\n[ 715.544110] ? driver_detach+0x214/0x2f0\n[ 715.548035] ? bus_remove_driver+0x11d/0x2f0\n[ 715.552309] ? pci_unregister_driver+0x26/0x250\n[ 715.556840] ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.564799] ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[ 715.570554] ? do_syscall_64+0x3b/0x90\n[ 715.574303] ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 715.579529] ? start_flush_work+0x542/0x8f0\n[ 715.583719] ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.591923] ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.599960] ? wait_for_completion_io+0x250/0x250\n[ 715.604662] ? lock_acquire+0x196/0x200\n[ 715.608504] ? do_raw_spin_trylock+0xa5/0x160\n[ 715.612864] ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.620813] ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.628497] ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[ 715.633550] ? trace_hardirqs_on+0x1c/0x130\n[ 715.637748] ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.646220] ? do_raw_spin_trylock+0xa5/0x160\n[ 715.650581] ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.658797] ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.667013] ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.675403] ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.683440] ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[ 715.691037] ? _raw_spin_unlock_irqrestore+0x46/0x73\n[ 715.696005] pci_device_remove+0xab/0x1d0\n[ 715.700018] __device_release_driver+0x35b/0x690\n[ 715.704637] driver_detach+0x214/0x2f0\n[ 715.708389] bus_remove_driver+0x11d/0x2f0\n[ 715.712489] pci_unregister_driver+0x26/0x250\n[ 71\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:41:30.378Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7" }, { "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d" } ], "title": "ice: fix locking for Tx timestamp tracking flush", "x_generator": { "engine": "bippy-c8e10e5f6187" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47449", "datePublished": "2024-05-22T06:19:40.793Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T11:41:30.378Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52798
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52798", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:58:25.954317Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T17:59:26.946Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.920Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f882f51905517575c9f793a3dff567af90ef9a10" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/426e718ce9ba60013364a54233feee309356cb82" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca420ac4f9451f22347bae44b18ab47ba2c267ec" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1fd878e1750190a612b5de2af357cca422ec0822" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/21ebb0aba580d347e12f01ce5f6e75044427b3d5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3b6c14833165f689cc5928574ebafe52bbce5f1e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f882f5190551", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "426e718ce9ba", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "ca420ac4f945", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "1fd878e17501", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "21ebb0aba580", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "3b6c14833165", "status": "affected", "version": "d5c65159f289", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix dfs radar event locking\n\nThe ath11k active pdevs are protected by RCU but the DFS radar event\nhandling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:56.062Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f882f51905517575c9f793a3dff567af90ef9a10" }, { "url": "https://git.kernel.org/stable/c/426e718ce9ba60013364a54233feee309356cb82" }, { "url": "https://git.kernel.org/stable/c/ca420ac4f9451f22347bae44b18ab47ba2c267ec" }, { "url": "https://git.kernel.org/stable/c/1fd878e1750190a612b5de2af357cca422ec0822" }, { "url": "https://git.kernel.org/stable/c/21ebb0aba580d347e12f01ce5f6e75044427b3d5" }, { "url": "https://git.kernel.org/stable/c/3b6c14833165f689cc5928574ebafe52bbce5f1e" } ], "title": "wifi: ath11k: fix dfs radar event locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52798", "datePublished": "2024-05-21T15:31:11.628Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-13T17:59:26.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52837
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52837", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:01:48.631616Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:20.566Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.041Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/block/nbd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4e9b3ec84dc9", "status": "affected", "version": "4af5f2e03013", "versionType": "git" }, { "lessThan": "879947f4180b", "status": "affected", "version": "4af5f2e03013", "versionType": "git" }, { "lessThan": "56bd7901b5e9", "status": "affected", "version": "4af5f2e03013", "versionType": "git" }, { "lessThan": "327462725b0f", "status": "affected", "version": "4af5f2e03013", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/block/nbd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won\u0027t set\ndisk-\u003eprivate_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing -\u003efree_disk and free private data in it." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:35.084Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3" }, { "url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db" }, { "url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe" }, { "url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b" } ], "title": "nbd: fix uaf in nbd_open", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52837", "datePublished": "2024-05-21T15:31:37.859Z", "dateReserved": "2024-05-21T15:19:24.253Z", "dateUpdated": "2024-11-04T14:53:35.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52770
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52770", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:30:42.335957Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:27.194Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9de787139b0258a5dd1f498780c26d76b61d2958" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d83309e7e006cee8afca83523559017c824fbf7a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f803982190f0265fd36cf84670aa6daefc2b0768" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/f2fs/extent_cache.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9de787139b02", "status": "affected", "version": "72840cccc0a1", "versionType": "git" }, { "lessThan": "d83309e7e006", "status": "affected", "version": "72840cccc0a1", "versionType": "git" }, { "lessThan": "f803982190f0", "status": "affected", "version": "72840cccc0a1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/f2fs/extent_cache.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.2" }, { "lessThan": "6.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: split initial and dynamic conditions for extent_cache\n\nLet\u0027s allocate the extent_cache tree without dynamic conditions to avoid a\nmissing condition causing a panic as below.\n\n # create a file w/ a compressed flag\n # disable the compression\n # panic while updating extent_cache\n\nF2FS-fs (dm-64): Swapfile: last extent is not aligned to section\nF2FS-fs (dm-64): Swapfile (3) is not align to section: 1) creat(), 2) ioctl(F2FS_IOC_SET_PIN_FILE), 3) fallocate(2097152 * N)\nAdding 124996k swap on ./swap-file. Priority:0 extents:2 across:17179494468k\n==================================================================\nBUG: KASAN: null-ptr-deref in instrument_atomic_read_write out/common/include/linux/instrumented.h:101 [inline]\nBUG: KASAN: null-ptr-deref in atomic_try_cmpxchg_acquire out/common/include/asm-generic/atomic-instrumented.h:705 [inline]\nBUG: KASAN: null-ptr-deref in queued_write_lock out/common/include/asm-generic/qrwlock.h:92 [inline]\nBUG: KASAN: null-ptr-deref in __raw_write_lock out/common/include/linux/rwlock_api_smp.h:211 [inline]\nBUG: KASAN: null-ptr-deref in _raw_write_lock+0x5a/0x110 out/common/kernel/locking/spinlock.c:295\nWrite of size 4 at addr 0000000000000030 by task syz-executor154/3327\n\nCPU: 0 PID: 3327 Comm: syz-executor154 Tainted: G O 5.10.185 #1\nHardware name: emulation qemu-x86/qemu-x86, BIOS 2023.01-21885-gb3cc1cd24d 01/01/2023\nCall Trace:\n __dump_stack out/common/lib/dump_stack.c:77 [inline]\n dump_stack_lvl+0x17e/0x1c4 out/common/lib/dump_stack.c:118\n __kasan_report+0x16c/0x260 out/common/mm/kasan/report.c:415\n kasan_report+0x51/0x70 out/common/mm/kasan/report.c:428\n kasan_check_range+0x2f3/0x340 out/common/mm/kasan/generic.c:186\n __kasan_check_write+0x14/0x20 out/common/mm/kasan/shadow.c:37\n instrument_atomic_read_write out/common/include/linux/instrumented.h:101 [inline]\n atomic_try_cmpxchg_acquire out/common/include/asm-generic/atomic-instrumented.h:705 [inline]\n queued_write_lock out/common/include/asm-generic/qrwlock.h:92 [inline]\n __raw_write_lock out/common/include/linux/rwlock_api_smp.h:211 [inline]\n _raw_write_lock+0x5a/0x110 out/common/kernel/locking/spinlock.c:295\n __drop_extent_tree+0xdf/0x2f0 out/common/fs/f2fs/extent_cache.c:1155\n f2fs_drop_extent_tree+0x17/0x30 out/common/fs/f2fs/extent_cache.c:1172\n f2fs_insert_range out/common/fs/f2fs/file.c:1600 [inline]\n f2fs_fallocate+0x19fd/0x1f40 out/common/fs/f2fs/file.c:1764\n vfs_fallocate+0x514/0x9b0 out/common/fs/open.c:310\n ksys_fallocate out/common/fs/open.c:333 [inline]\n __do_sys_fallocate out/common/fs/open.c:341 [inline]\n __se_sys_fallocate out/common/fs/open.c:339 [inline]\n __x64_sys_fallocate+0xb8/0x100 out/common/fs/open.c:339\n do_syscall_64+0x35/0x50 out/common/arch/x86/entry/common.c:46" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:21.882Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9de787139b0258a5dd1f498780c26d76b61d2958" }, { "url": "https://git.kernel.org/stable/c/d83309e7e006cee8afca83523559017c824fbf7a" }, { "url": "https://git.kernel.org/stable/c/f803982190f0265fd36cf84670aa6daefc2b0768" } ], "title": "f2fs: split initial and dynamic conditions for extent_cache", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52770", "datePublished": "2024-05-21T15:30:52.970Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:21.882Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52818
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.956Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52818", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:40.825191Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:28.159Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/include/pptable.h", "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e52e324a2134", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "cfd8cd907fd9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c847379a5d00", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8af28ae3acb7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "acdb6830de02", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fc9ac0e8e0bc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6dffdddfca81", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "92a775e7c970", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "760efbca74a4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/include/pptable.h", "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7\n\nFor pptable structs that use flexible array sizes, use flexible arrays." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:18.745Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498" }, { "url": "https://git.kernel.org/stable/c/cfd8cd907fd94538561479a43aea455f5cf16928" }, { "url": "https://git.kernel.org/stable/c/c847379a5d00078ad6fcb1c24230e72c5609342f" }, { "url": "https://git.kernel.org/stable/c/8af28ae3acb736ada4ce3457662fa446cc913bb4" }, { "url": "https://git.kernel.org/stable/c/acdb6830de02cf2873aeaccdf2d9bca4aee50e47" }, { "url": "https://git.kernel.org/stable/c/fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b" }, { "url": "https://git.kernel.org/stable/c/6dffdddfca818c02a42b6caa1d9845995f0a1f94" }, { "url": "https://git.kernel.org/stable/c/92a775e7c9707aed28782bafe636bf87675f5a97" }, { "url": "https://git.kernel.org/stable/c/760efbca74a405dc439a013a5efaa9fadc95a8c3" } ], "title": "drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52818", "datePublished": "2024-05-21T15:31:24.915Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-11-04T14:53:18.745Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52825
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52825", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:19:26.593963Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T16:40:39.599Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.075Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_svm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7d43cdd22cd8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "50f35a907c4f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c772eacbd6d0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fc0210720127", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "709c34826161", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_svm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix a race condition of vram buffer unref in svm code\n\nprange-\u003esvm_bo unref can happen in both mmu callback and a callback after\nmigrate to system ram. Both are async call in different tasks. Sync svm_bo\nunref operation to avoid random \"use-after-free\"." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:22.297Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34" }, { "url": "https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e" }, { "url": "https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf" }, { "url": "https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659" }, { "url": "https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74" } ], "title": "drm/amdkfd: Fix a race condition of vram buffer unref in svm code", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52825", "datePublished": "2024-05-21T15:31:29.517Z", "dateReserved": "2024-05-21T15:19:24.250Z", "dateUpdated": "2024-11-05T16:40:39.599Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52799
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52799", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:20:55.514685Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:02.467Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.041Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "20f9310a18e3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "86df90f3fea7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ecfb47f13b08", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "81aa58cd8495", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "da3da5e1e6f7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a50b796d3671", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "88b7894a8f87", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "87c681ab49e9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "22cad8bc1d36", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbFindLeaf\n\nCurrently while searching for dmtree_t for sufficient free blocks there\nis an array out of bounds while getting element in tp-\u003edm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:57.316Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859" }, { "url": "https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046" }, { "url": "https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2" }, { "url": "https://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61" }, { "url": "https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9" }, { "url": "https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67" }, { "url": "https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514" }, { "url": "https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878" }, { "url": "https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147c" } ], "title": "jfs: fix array-index-out-of-bounds in dbFindLeaf", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52799", "datePublished": "2024-05-21T15:31:12.351Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-04T14:52:57.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52849
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52849", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T19:16:24.136793Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T19:16:37.413Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/cxl/core/memdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "20bd0198bebd", "status": "affected", "version": "9cc238c7a526", "versionType": "git" }, { "lessThan": "7c7371b41a14", "status": "affected", "version": "9cc238c7a526", "versionType": "git" }, { "lessThan": "cad22a757029", "status": "affected", "version": "9cc238c7a526", "versionType": "git" }, { "lessThan": "0ca074f7d788", "status": "affected", "version": "9cc238c7a526", "versionType": "git" }, { "lessThan": "88d3917f82ed", "status": "affected", "version": "9cc238c7a526", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/cxl/core/memdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix shutdown order\n\nIra reports that removing cxl_mock_mem causes a crash with the following\ntrace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000044\n [..]\n RIP: 0010:cxl_region_decode_reset+0x7f/0x180 [cxl_core]\n [..]\n Call Trace:\n \u003cTASK\u003e\n cxl_region_detach+0xe8/0x210 [cxl_core]\n cxl_decoder_kill_region+0x27/0x40 [cxl_core]\n cxld_unregister+0x29/0x40 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n bus_remove_device+0xd7/0x150\n device_del+0x155/0x3e0\n device_unregister+0x13/0x60\n devm_release_action+0x4d/0x90\n ? __pfx_unregister_port+0x10/0x10 [cxl_core]\n delete_endpoint+0x121/0x130 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n bus_remove_device+0xd7/0x150\n device_del+0x155/0x3e0\n ? lock_release+0x142/0x290\n cdev_device_del+0x15/0x50\n cxl_memdev_unregister+0x54/0x70 [cxl_core]\n\nThis crash is due to the clearing out the cxl_memdev\u0027s driver context\n(@cxlds) before the subsystem is done with it. This is ultimately due to\nthe region(s), that this memdev is a member, being torn down and expecting\nto be able to de-reference @cxlds, like here:\n\nstatic int cxl_region_decode_reset(struct cxl_region *cxlr, int count)\n...\n if (cxlds-\u003ercd)\n goto endpoint_reset;\n...\n\nFix it by keeping the driver context valid until memdev-device\nunregistration, and subsequently the entire stack of related\ndependencies, unwinds." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:49.363Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f" }, { "url": "https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b" }, { "url": "https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae" }, { "url": "https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c" }, { "url": "https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209" } ], "title": "cxl/mem: Fix shutdown order", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52849", "datePublished": "2024-05-21T15:31:45.884Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:49.363Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47406
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47406", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:09:07.067363Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T19:15:09.194Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.310Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a63474dbf692dd09b50fed592bc41f6de5f102fc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/27e10c5d31ff1d222c7f797f1ee96d422859ba67" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1fd95c05d8f742abfe906620780aee4dbe1a2db0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ext4/extents.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a63474dbf692", "status": "affected", "version": "8016e29f4362", "versionType": "git" }, { "lessThan": "27e10c5d31ff", "status": "affected", "version": "8016e29f4362", "versionType": "git" }, { "lessThan": "1fd95c05d8f7", "status": "affected", "version": "8016e29f4362", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ext4/extents.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.71", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add error checking to ext4_ext_replay_set_iblocks()\n\nIf the call to ext4_map_blocks() fails due to an corrupted file\nsystem, ext4_ext_replay_set_iblocks() can get stuck in an infinite\nloop. This could be reproduced by running generic/526 with a file\nsystem that has inline_data and fast_commit enabled. The system will\nrepeatedly log to the console:\n\nEXT4-fs warning (device dm-3): ext4_block_to_path:105: block 1074800922 \u003e max in inode 131076\n\nand the stack that it gets stuck in is:\n\n ext4_block_to_path+0xe3/0x130\n ext4_ind_map_blocks+0x93/0x690\n ext4_map_blocks+0x100/0x660\n skip_hole+0x47/0x70\n ext4_ext_replay_set_iblocks+0x223/0x440\n ext4_fc_replay_inode+0x29e/0x3b0\n ext4_fc_replay+0x278/0x550\n do_one_pass+0x646/0xc10\n jbd2_journal_recover+0x14a/0x270\n jbd2_journal_load+0xc4/0x150\n ext4_load_journal+0x1f3/0x490\n ext4_fill_super+0x22d4/0x2c00\n\nWith this patch, generic/526 still fails, but system is no longer\nlocking up in a tight loop. It\u0027s likely the root casue is that\nfast_commit replay is corrupting file systems with inline_data, and we\nprobably need to add better error handling in the fast commit replay\ncode path beyond what is done here, which essentially just breaks the\ninfinite loop without reporting the to the higher levels of the code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:18.966Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a63474dbf692dd09b50fed592bc41f6de5f102fc" }, { "url": "https://git.kernel.org/stable/c/27e10c5d31ff1d222c7f797f1ee96d422859ba67" }, { "url": "https://git.kernel.org/stable/c/1fd95c05d8f742abfe906620780aee4dbe1a2db0" } ], "title": "ext4: add error checking to ext4_ext_replay_set_iblocks()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47406", "datePublished": "2024-05-21T15:03:59.334Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:18.966Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52850
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52850", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:57:58.496286Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:55.563Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.232Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64f55cebb4339ae771e9e7f3f42bee2489e2fa00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66b4c5f980d741f3a47e4b65eeaf2797f2d59294" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/24c06295f28335ced3aad53dd4b0a0bae7b9b100" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88d4b23a629ebd34f682f770cb6c2116c851f7b8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/platform/verisilicon/hantro_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "64f55cebb433", "status": "affected", "version": "6971efb70ac3", "versionType": "git" }, { "lessThan": "66b4c5f980d7", "status": "affected", "version": "6971efb70ac3", "versionType": "git" }, { "lessThan": "24c06295f283", "status": "affected", "version": "6971efb70ac3", "versionType": "git" }, { "lessThan": "88d4b23a629e", "status": "affected", "version": "6971efb70ac3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/platform/verisilicon/hantro_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.18" }, { "lessThan": "5.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: hantro: Check whether reset op is defined before use\n\nThe i.MX8MM/N/P does not define the .reset op since reset of the VPU is\ndone by genpd. Check whether the .reset op is defined before calling it\nto avoid NULL pointer dereference.\n\nNote that the Fixes tag is set to the commit which removed the reset op\nfrom i.MX8M Hantro G2 implementation, this is because before this commit\nall the implementations did define the .reset op." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:50.599Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/64f55cebb4339ae771e9e7f3f42bee2489e2fa00" }, { "url": "https://git.kernel.org/stable/c/66b4c5f980d741f3a47e4b65eeaf2797f2d59294" }, { "url": "https://git.kernel.org/stable/c/24c06295f28335ced3aad53dd4b0a0bae7b9b100" }, { "url": "https://git.kernel.org/stable/c/88d4b23a629ebd34f682f770cb6c2116c851f7b8" } ], "title": "media: hantro: Check whether reset op is defined before use", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52850", "datePublished": "2024-05-21T15:31:46.545Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:50.599Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52835
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.062Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c504f615d7ed60ae035c51d0c789137ced6797f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/788c0b3442ead737008934947730a6d1ff703734" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1a2a4202c60fcdffbf04f259002ce9bff39edece" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fd0df3f8719201dbe61a4d39083d5aecd705399a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ce4e87a8efd37c85766ec08b15e885cab08553a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2424410f94a94d91230ced094062d859714c984a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e905e608e38cf7f8dcddcf8a6036e91a78444cb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/54aee5f15b83437f23b2b2469bcf21bdd9823916" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52835", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:37.546418Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.507Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/events/ring_buffer.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8c504f615d7e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "788c0b3442ea", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1a2a4202c60f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fd0df3f87192", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9ce4e87a8efd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2424410f94a9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2e905e608e38", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "54aee5f15b83", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/events/ring_buffer.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:32.668Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8c504f615d7ed60ae035c51d0c789137ced6797f" }, { "url": "https://git.kernel.org/stable/c/788c0b3442ead737008934947730a6d1ff703734" }, { "url": "https://git.kernel.org/stable/c/1a2a4202c60fcdffbf04f259002ce9bff39edece" }, { "url": "https://git.kernel.org/stable/c/fd0df3f8719201dbe61a4d39083d5aecd705399a" }, { "url": "https://git.kernel.org/stable/c/9ce4e87a8efd37c85766ec08b15e885cab08553a" }, { "url": "https://git.kernel.org/stable/c/2424410f94a94d91230ced094062d859714c984a" }, { "url": "https://git.kernel.org/stable/c/2e905e608e38cf7f8dcddcf8a6036e91a78444cb" }, { "url": "https://git.kernel.org/stable/c/54aee5f15b83437f23b2b2469bcf21bdd9823916" } ], "title": "perf/core: Bail out early if the request AUX area is out of bound", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52835", "datePublished": "2024-05-21T15:31:36.239Z", "dateReserved": "2024-05-21T15:19:24.252Z", "dateUpdated": "2024-11-04T14:53:32.668Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47482
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "kernel", "vendor": "linux", "versions": [ { "lessThan": "6f68cd634856", "status": "affected", "version": "c6c8fea29769", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47482", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T14:23:49.834451Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-544", "description": "CWE-544 Missing Standardized Error Handling Mechanism", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:18.900Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.554Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0c6b199f09be", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "07533f1a673c", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "e50f95765219", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "fbf150b16a36", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "6422e8471890", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "b0a2cd38553c", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "a8f7359259dd", "status": "affected", "version": "c6c8fea29769", "versionType": "git" }, { "lessThan": "6f68cd634856", "status": "affected", "version": "c6c8fea29769", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.38" }, { "lessThan": "2.6.38", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.293", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.289", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.254", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.215", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn\u0027t any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv-\u003enc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won\u0027t call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:47.202Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73" }, { "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20" }, { "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00" }, { "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51" }, { "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e" }, { "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8" }, { "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347" }, { "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68" } ], "title": "net: batman-adv: fix error handling", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47482", "datePublished": "2024-05-22T08:19:34.174Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:47.202Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47338
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47338", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T15:00:51.209603Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T15:01:02.502Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/359311b85ebec7c07c3a08ae2f3def946cad33fa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/087bff9acd2ec6db3f61aceb3224bde90fe0f7f8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f193509afc7ff37a46862610c93b896044d5b693" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d6e76469157d8f240e5dec6f8411aa8d306b1126" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0af778269a522c988ef0b4188556aba97fb420cc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/core/fbmem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "359311b85ebe", "status": "affected", "version": "13ff178ccd6d", "versionType": "git" }, { "lessThan": "087bff9acd2e", "status": "affected", "version": "13ff178ccd6d", "versionType": "git" }, { "lessThan": "f193509afc7f", "status": "affected", "version": "13ff178ccd6d", "versionType": "git" }, { "lessThan": "d6e76469157d", "status": "affected", "version": "13ff178ccd6d", "versionType": "git" }, { "lessThan": "0af778269a52", "status": "affected", "version": "13ff178ccd6d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/core/fbmem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.134", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.52", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.19", "versionType": "semver" }, { "lessThanOrEqual": "5.13.*", "status": "unaffected", "version": "5.13.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmem: Do not delete the mode that is still in use\n\nThe execution of fb_delete_videomode() is not based on the result of the\nprevious fbcon_mode_deleted(). As a result, the mode is directly deleted,\nregardless of whether it is still in use, which may cause UAF.\n\n==================================================================\nBUG: KASAN: use-after-free in fb_mode_is_equal+0x36e/0x5e0 \\\ndrivers/video/fbdev/core/modedb.c:924\nRead of size 4 at addr ffff88807e0ddb1c by task syz-executor.0/18962\n\nCPU: 2 PID: 18962 Comm: syz-executor.0 Not tainted 5.10.45-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x137/0x1be lib/dump_stack.c:118\n print_address_description+0x6c/0x640 mm/kasan/report.c:385\n __kasan_report mm/kasan/report.c:545 [inline]\n kasan_report+0x13d/0x1e0 mm/kasan/report.c:562\n fb_mode_is_equal+0x36e/0x5e0 drivers/video/fbdev/core/modedb.c:924\n fbcon_mode_deleted+0x16a/0x220 drivers/video/fbdev/core/fbcon.c:2746\n fb_set_var+0x1e1/0xdb0 drivers/video/fbdev/core/fbmem.c:975\n do_fb_ioctl+0x4d9/0x6e0 drivers/video/fbdev/core/fbmem.c:1108\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl+0xfb/0x170 fs/ioctl.c:739\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 18960:\n kasan_save_stack mm/kasan/common.c:48 [inline]\n kasan_set_track+0x3d/0x70 mm/kasan/common.c:56\n kasan_set_free_info+0x17/0x30 mm/kasan/generic.c:355\n __kasan_slab_free+0x108/0x140 mm/kasan/common.c:422\n slab_free_hook mm/slub.c:1541 [inline]\n slab_free_freelist_hook+0xd6/0x1a0 mm/slub.c:1574\n slab_free mm/slub.c:3139 [inline]\n kfree+0xca/0x3d0 mm/slub.c:4121\n fb_delete_videomode+0x56a/0x820 drivers/video/fbdev/core/modedb.c:1104\n fb_set_var+0x1f3/0xdb0 drivers/video/fbdev/core/fbmem.c:978\n do_fb_ioctl+0x4d9/0x6e0 drivers/video/fbdev/core/fbmem.c:1108\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl+0xfb/0x170 fs/ioctl.c:739\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xa9" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:03:58.258Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/359311b85ebec7c07c3a08ae2f3def946cad33fa" }, { "url": "https://git.kernel.org/stable/c/087bff9acd2ec6db3f61aceb3224bde90fe0f7f8" }, { "url": "https://git.kernel.org/stable/c/f193509afc7ff37a46862610c93b896044d5b693" }, { "url": "https://git.kernel.org/stable/c/d6e76469157d8f240e5dec6f8411aa8d306b1126" }, { "url": "https://git.kernel.org/stable/c/0af778269a522c988ef0b4188556aba97fb420cc" } ], "title": "fbmem: Do not delete the mode that is still in use", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47338", "datePublished": "2024-05-21T14:35:47.028Z", "dateReserved": "2024-05-21T14:28:16.978Z", "dateUpdated": "2024-11-04T12:03:58.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47455
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47455", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:55:42.625337Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:55:51.518Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.400Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/95c0a0c5ec8839f8f21672be786e87a100319ca8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4225fea1cb28370086e17e82c0f69bec2779dca0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/ptp/ptp_clock.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "95c0a0c5ec88", "status": "affected", "version": "a33121e5487b", "versionType": "git" }, { "lessThan": "4225fea1cb28", "status": "affected", "version": "a33121e5487b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/ptp/ptp_clock.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.5" }, { "lessThan": "5.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Fix possible memory leak in ptp_clock_register()\n\nI got memory leak as follows when doing fault injection test:\n\nunreferenced object 0xffff88800906c618 (size 8):\n comm \"i2c-idt82p33931\", pid 4421, jiffies 4294948083 (age 13.188s)\n hex dump (first 8 bytes):\n 70 74 70 30 00 00 00 00 ptp0....\n backtrace:\n [\u003c00000000312ed458\u003e] __kmalloc_track_caller+0x19f/0x3a0\n [\u003c0000000079f6e2ff\u003e] kvasprintf+0xb5/0x150\n [\u003c0000000026aae54f\u003e] kvasprintf_const+0x60/0x190\n [\u003c00000000f323a5f7\u003e] kobject_set_name_vargs+0x56/0x150\n [\u003c000000004e35abdd\u003e] dev_set_name+0xc0/0x100\n [\u003c00000000f20cfe25\u003e] ptp_clock_register+0x9f4/0xd30 [ptp]\n [\u003c000000008bb9f0de\u003e] idt82p33_probe.cold+0x8b6/0x1561 [ptp_idt82p33]\n\nWhen posix_clock_register() returns an error, the name allocated\nin dev_set_name() will be leaked, the put_device() should be used\nto give up the device reference, then the name will be freed in\nkobject_cleanup() and other memory will be freed in ptp_clock_release()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:16.711Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/95c0a0c5ec8839f8f21672be786e87a100319ca8" }, { "url": "https://git.kernel.org/stable/c/4225fea1cb28370086e17e82c0f69bec2779dca0" } ], "title": "ptp: Fix possible memory leak in ptp_clock_register()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47455", "datePublished": "2024-05-22T06:19:44.700Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:16.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47460
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47460", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-26T14:38:02.997186Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-26T14:38:12.616Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:58.992Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ocfs2/alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "560edd14de2b", "status": "affected", "version": "acef5107e2ea", "versionType": "git" }, { "lessThan": "8e6bfb4f7016", "status": "affected", "version": "7ed80e77c908", "versionType": "git" }, { "lessThan": "a3a089c241cd", "status": "affected", "version": "7ce2b16bad2c", "versionType": "git" }, { "lessThan": "b05caf023b14", "status": "affected", "version": "f8a6a2ed4b7d", "versionType": "git" }, { "lessThan": "f1b98569e81c", "status": "affected", "version": "6dbf7bb55598", "versionType": "git" }, { "lessThan": "fa9b6b6c953e", "status": "affected", "version": "6dbf7bb55598", "versionType": "git" }, { "lessThan": "5314454ea3ff", "status": "affected", "version": "6dbf7bb55598", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ocfs2/alloc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.253", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.214", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after conversion from inline format\n\nCommit 6dbf7bb55598 (\"fs: Don\u0027t invalidate page buffers in\nblock_write_full_page()\") uncovered a latent bug in ocfs2 conversion\nfrom inline inode format to a normal inode format.\n\nThe code in ocfs2_convert_inline_data_to_extents() attempts to zero out\nthe whole cluster allocated for file data by grabbing, zeroing, and\ndirtying all pages covering this cluster. However these pages are\nbeyond i_size, thus writeback code generally ignores these dirty pages\nand no blocks were ever actually zeroed on the disk.\n\nThis oversight was fixed by commit 693c241a5f6a (\"ocfs2: No need to zero\npages past i_size.\") for standard ocfs2 write path, inline conversion\npath was apparently forgotten; the commit log also has a reasoning why\nthe zeroing actually is not needed.\n\nAfter commit 6dbf7bb55598, things became worse as writeback code stopped\ninvalidating buffers on pages beyond i_size and thus these pages end up\nwith clean PageDirty bit but with buffers attached to these pages being\nstill dirty. So when a file is converted from inline format, then\nwriteback triggers, and then the file is grown so that these pages\nbecome valid, the invalid dirtiness state is preserved,\nmark_buffer_dirty() does nothing on these pages (buffers are already\ndirty) but page is never written back because it is clean. So data\nwritten to these pages is lost once pages are reclaimed.\n\nSimple reproducer for the problem is:\n\n xfs_io -f -c \"pwrite 0 2000\" -c \"pwrite 2000 2000\" -c \"fsync\" \\\n -c \"pwrite 4000 2000\" ocfs2_file\n\nAfter unmounting and mounting the fs again, you can observe that end of\n\u0027ocfs2_file\u0027 has lost its contents.\n\nFix the problem by not doing the pointless zeroing during conversion\nfrom inline format similarly as in the standard write path.\n\n[akpm@linux-foundation.org: fix whitespace, per Joseph]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:22.465Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f" }, { "url": "https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e" }, { "url": "https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a" }, { "url": "https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632" }, { "url": "https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360" }, { "url": "https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08" }, { "url": "https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa" } ], "title": "ocfs2: fix data corruption after conversion from inline format", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47460", "datePublished": "2024-05-22T06:23:21.724Z", "dateReserved": "2024-05-22T06:20:56.197Z", "dateUpdated": "2024-11-04T12:06:22.465Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52848
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52848", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:54:45.651350Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:06.214Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.923Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/f2fs/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "eb42e1862aa7", "status": "affected", "version": "20872584b8c0", "versionType": "git" }, { "lessThan": "10b2a6c0dade", "status": "affected", "version": "20872584b8c0", "versionType": "git" }, { "lessThan": "a4639380bbe6", "status": "affected", "version": "20872584b8c0", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/f2fs/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to drop meta_inode\u0027s page cache in f2fs_put_super()\n\nsyzbot reports a kernel bug as below:\n\nF2FS-fs (loop1): detect filesystem reference count leak during umount, type: 10, count: 1\nkernel BUG at fs/f2fs/super.c:1639!\nCPU: 0 PID: 15451 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-09338-ge0152e7481c6 #0\nRIP: 0010:f2fs_put_super+0xce1/0xed0 fs/f2fs/super.c:1639\nCall Trace:\n generic_shutdown_super+0x161/0x3c0 fs/super.c:693\n kill_block_super+0x3b/0x70 fs/super.c:1646\n kill_f2fs_super+0x2b7/0x3d0 fs/f2fs/super.c:4879\n deactivate_locked_super+0x9a/0x170 fs/super.c:481\n deactivate_super+0xde/0x100 fs/super.c:514\n cleanup_mnt+0x222/0x3d0 fs/namespace.c:1254\n task_work_run+0x14d/0x240 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:171 [inline]\n exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x1d/0x60 kernel/entry/common.c:296\n do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIn f2fs_put_super(), it tries to do sanity check on dirty and IO\nreference count of f2fs, once there is any reference count leak,\nit will trigger panic.\n\nThe root case is, during f2fs_put_super(), if there is any IO error\nin f2fs_wait_on_all_pages(), we missed to truncate meta_inode\u0027s page\ncache later, result in panic, fix this case." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:48.202Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192" }, { "url": "https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad" }, { "url": "https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64" } ], "title": "f2fs: fix to drop meta_inode\u0027s page cache in f2fs_put_super()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52848", "datePublished": "2024-05-21T15:31:45.196Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:48.202Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47370
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47370", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:22:09.218884Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:02.794Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f8ff625a8082db8c2b58dcb5229b27928943b94b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/977d293e23b48a1129830d7968605f61c4af71a0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f8ff625a8082", "status": "affected", "version": "e35820fb5641", "versionType": "git" }, { "lessThan": "977d293e23b4", "status": "affected", "version": "1094c6fe7280", "versionType": "git" } ] }, { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5.14.9", "status": "affected", "version": "5.14.7", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure tx skbs always have the MPTCP ext\n\nDue to signed/unsigned comparison, the expression:\n\n\tinfo-\u003esize_goal - skb-\u003elen \u003e 0\n\nevaluates to true when the size goal is smaller than the\nskb size. That results in lack of tx cache refill, so that\nthe skb allocated by the core TCP code lacks the required\nMPTCP skb extensions.\n\nDue to the above, syzbot is able to trigger the following WARN_ON():\n\nWARNING: CPU: 1 PID: 810 at net/mptcp/protocol.c:1366 mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nModules linked in:\nCPU: 1 PID: 810 Comm: syz-executor.4 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nCode: ff 4c 8b 74 24 50 48 8b 5c 24 58 e9 0f fb ff ff e8 13 44 8b f8 4c 89 e7 45 31 ed e8 98 57 2e fe e9 81 f4 ff ff e8 fe 43 8b f8 \u003c0f\u003e 0b 41 bd ea ff ff ff e9 6f f4 ff ff 4c 89 e7 e8 b9 8e d2 f8 e9\nRSP: 0018:ffffc9000531f6a0 EFLAGS: 00010216\nRAX: 000000000000697f RBX: 0000000000000000 RCX: ffffc90012107000\nRDX: 0000000000040000 RSI: ffffffff88eac9e2 RDI: 0000000000000003\nRBP: ffff888078b15780 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff88eac017 R11: 0000000000000000 R12: ffff88801de0a280\nR13: 0000000000006b58 R14: ffff888066278280 R15: ffff88803c2fe9c0\nFS: 00007fd9f866e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007faebcb2f718 CR3: 00000000267cb000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __mptcp_push_pending+0x1fb/0x6b0 net/mptcp/protocol.c:1547\n mptcp_release_cb+0xfe/0x210 net/mptcp/protocol.c:3003\n release_sock+0xb4/0x1b0 net/core/sock.c:3206\n sk_stream_wait_memory+0x604/0xed0 net/core/stream.c:145\n mptcp_sendmsg+0xc39/0x1bc0 net/mptcp/protocol.c:1749\n inet6_sendmsg+0x99/0xe0 net/ipv6/af_inet6.c:643\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n sock_write_iter+0x2a0/0x3e0 net/socket.c:1057\n call_write_iter include/linux/fs.h:2163 [inline]\n new_sync_write+0x40b/0x640 fs/read_write.c:507\n vfs_write+0x7cf/0xae0 fs/read_write.c:594\n ksys_write+0x1ee/0x250 fs/read_write.c:647\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd9f866e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9\nRDX: 00000000000e7b78 RSI: 0000000020000000 RDI: 0000000000000003\nRBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038\nR13: 0000000000a9fb1f R14: 00007fd9f866e300 R15: 0000000000022000\n\nFix the issue rewriting the relevant expression to avoid\nsign-related problems - note: size_goal is always \u003e= 0.\n\nAdditionally, ensure that the skb in the tx cache always carries\nthe relevant extension." } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:39:54.140Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f8ff625a8082db8c2b58dcb5229b27928943b94b" }, { "url": "https://git.kernel.org/stable/c/977d293e23b48a1129830d7968605f61c4af71a0" } ], "title": "mptcp: ensure tx skbs always have the MPTCP ext", "x_generator": { "engine": "bippy-c8e10e5f6187" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47370", "datePublished": "2024-05-21T15:03:35.810Z", "dateReserved": "2024-05-21T14:58:30.810Z", "dateUpdated": "2024-11-04T11:39:54.140Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52831
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52831", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:07:45.620666Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T20:44:55.485Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.073Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/cpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3410b7023547", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "335a47ed71e3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "3073f6df783d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "38685e2a0476", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/cpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:28.043Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908" }, { "url": "https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13" }, { "url": "https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63" }, { "url": "https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa" } ], "title": "cpu/hotplug: Don\u0027t offline the last non-isolated CPU", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52831", "datePublished": "2024-05-21T15:31:33.566Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-11-04T14:53:28.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52809
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52809", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:44.046464Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.752Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/libfc/fc_lport.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "930f0aaba482", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "77072ec41d6a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b549acf99982", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bb83f79f90e9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "56d78b5495eb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "442fd24d7b6b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f6fe7261b92b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6b9ecf4e1032", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4df105f0ce9f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/libfc/fc_lport.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:08.054Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e" }, { "url": "https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa" }, { "url": "https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00" }, { "url": "https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01" }, { "url": "https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b" }, { "url": "https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba" }, { "url": "https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34" }, { "url": "https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106" }, { "url": "https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f" } ], "title": "scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52809", "datePublished": "2024-05-21T15:31:18.982Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:08.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52763
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52763", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:40:16.388139Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:49.181Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.004Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/i3c/master/mipi-i3c-hci/dat_v1.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "39c71357e68e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e64d23dc6581", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "3cb79a365e7c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eed74230435c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b53e9758a31c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/i3c/master/mipi-i3c-hci/dat_v1.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.\n\nThe `i3c_master_bus_init` function may attach the I2C devices before the\nI3C bus initialization. In this flow, the DAT `alloc_entry`` will be used\nbefore the DAT `init`. Additionally, if the `i3c_master_bus_init` fails,\nthe DAT `cleanup` will execute before the device is detached, which will\nexecue DAT `free_entry` function. The above scenario can cause the driver\nto use DAT_data when it is NULL." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:13.211Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442" }, { "url": "https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9" }, { "url": "https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781" }, { "url": "https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02" }, { "url": "https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b" } ], "title": "i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52763", "datePublished": "2024-05-21T15:30:48.369Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:13.211Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52852
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52852", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:16:38.626939Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:10.682Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/f2fs/data.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8c4504cc0c64", "status": "affected", "version": "6ce19aff0b8c", "versionType": "git" }, { "lessThan": "9375ea7f2690", "status": "affected", "version": "6ce19aff0b8c", "versionType": "git" }, { "lessThan": "932ddb5c29e8", "status": "affected", "version": "6ce19aff0b8c", "versionType": "git" }, { "lessThan": "9d065aa52b6e", "status": "affected", "version": "6ce19aff0b8c", "versionType": "git" }, { "lessThan": "b0327c84e91a", "status": "affected", "version": "6ce19aff0b8c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/f2fs/data.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to avoid use-after-free on dic\n\nCall trace:\n __memcpy+0x128/0x250\n f2fs_read_multi_pages+0x940/0xf7c\n f2fs_mpage_readpages+0x5a8/0x624\n f2fs_readahead+0x5c/0x110\n page_cache_ra_unbounded+0x1b8/0x590\n do_sync_mmap_readahead+0x1dc/0x2e4\n filemap_fault+0x254/0xa8c\n f2fs_filemap_fault+0x2c/0x104\n __do_fault+0x7c/0x238\n do_handle_mm_fault+0x11bc/0x2d14\n do_mem_abort+0x3a8/0x1004\n el0_da+0x3c/0xa0\n el0t_64_sync_handler+0xc4/0xec\n el0t_64_sync+0x1b4/0x1b8\n\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\nbreak the loop rather than continuing it, in order to avoid accessing\ninvalid dic pointer." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:52.988Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5" }, { "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c" }, { "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401" }, { "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2" }, { "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086" } ], "title": "f2fs: compress: fix to avoid use-after-free on dic", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52852", "datePublished": "2024-05-21T15:31:47.889Z", "dateReserved": "2024-05-21T15:19:24.255Z", "dateUpdated": "2024-11-04T14:53:52.988Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52761
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52761", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T15:20:22.458093Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:20:32.175Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.808Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/riscv/include/asm/asm-prototypes.h", "arch/riscv/include/asm/asm.h", "arch/riscv/include/asm/thread_info.h", "arch/riscv/kernel/asm-offsets.c", "arch/riscv/kernel/entry.S", "arch/riscv/kernel/traps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1493baaf09e3", "status": "affected", "version": "76d2a0493a17", "versionType": "git" }, { "lessThan": "eff53aea3855", "status": "affected", "version": "76d2a0493a17", "versionType": "git" }, { "lessThan": "be97d0db5f44", "status": "affected", "version": "76d2a0493a17", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/riscv/include/asm/asm-prototypes.h", "arch/riscv/include/asm/asm.h", "arch/riscv/include/asm/thread_info.h", "arch/riscv/kernel/asm-offsets.c", "arch/riscv/kernel/entry.S", "arch/riscv/kernel/traps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: VMAP_STACK overflow detection thread-safe\n\ncommit 31da94c25aea (\"riscv: add VMAP_STACK overflow detection\") added\nsupport for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to\n`shadow_stack` temporarily before switching finally to per-cpu\n`overflow_stack`.\n\nIf two CPUs/harts are racing and end up in over flowing kernel stack, one\nor both will end up corrupting each other state because `shadow_stack` is\nnot per-cpu. This patch optimizes per-cpu overflow stack switch by\ndirectly picking per-cpu `overflow_stack` and gets rid of `shadow_stack`.\n\nFollowing are the changes in this patch\n\n - Defines an asm macro to obtain per-cpu symbols in destination\n register.\n - In entry.S, when overflow is detected, per-cpu overflow stack is\n located using per-cpu asm macro. Computing per-cpu symbol requires\n a temporary register. x31 is saved away into CSR_SCRATCH\n (CSR_SCRATCH is anyways zero since we\u0027re in kernel).\n\nPlease see Links for additional relevant disccussion and alternative\nsolution.\n\nTested by `echo EXHAUST_STACK \u003e /sys/kernel/debug/provoke-crash/DIRECT`\nKernel crash log below\n\n Insufficient stack space to handle exception!/debug/provoke-crash/DIRECT\n Task stack: [0xff20000010a98000..0xff20000010a9c000]\n Overflow stack: [0xff600001f7d98370..0xff600001f7d99370]\n CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34\n Hardware name: riscv-virtio,qemu (DT)\n epc : __memset+0x60/0xfc\n ra : recursive_loop+0x48/0xc6 [lkdtm]\n epc : ffffffff808de0e4 ra : ffffffff0163a752 sp : ff20000010a97e80\n gp : ffffffff815c0330 tp : ff600000820ea280 t0 : ff20000010a97e88\n t1 : 000000000000002e t2 : 3233206874706564 s0 : ff20000010a982b0\n s1 : 0000000000000012 a0 : ff20000010a97e88 a1 : 0000000000000000\n a2 : 0000000000000400 a3 : ff20000010a98288 a4 : 0000000000000000\n a5 : 0000000000000000 a6 : fffffffffffe43f0 a7 : 00007fffffffffff\n s2 : ff20000010a97e88 s3 : ffffffff01644680 s4 : ff20000010a9be90\n s5 : ff600000842ba6c0 s6 : 00aaaaaac29e42b0 s7 : 00fffffff0aa3684\n s8 : 00aaaaaac2978040 s9 : 0000000000000065 s10: 00ffffff8a7cad10\n s11: 00ffffff8a76a4e0 t3 : ffffffff815dbaf4 t4 : ffffffff815dbaf4\n t5 : ffffffff815dbab8 t6 : ff20000010a9bb48\n status: 0000000200000120 badaddr: ff20000010a97e88 cause: 000000000000000f\n Kernel panic - not syncing: Kernel stack overflow\n CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34\n Hardware name: riscv-virtio,qemu (DT)\n Call Trace:\n [\u003cffffffff80006754\u003e] dump_backtrace+0x30/0x38\n [\u003cffffffff808de798\u003e] show_stack+0x40/0x4c\n [\u003cffffffff808ea2a8\u003e] dump_stack_lvl+0x44/0x5c\n [\u003cffffffff808ea2d8\u003e] dump_stack+0x18/0x20\n [\u003cffffffff808dec06\u003e] panic+0x126/0x2fe\n [\u003cffffffff800065ea\u003e] walk_stackframe+0x0/0xf0\n [\u003cffffffff0163a752\u003e] recursive_loop+0x48/0xc6 [lkdtm]\n SMP: stopping secondary CPUs\n ---[ end Kernel panic - not syncing: Kernel stack overflow ]---" } ], "providerMetadata": { "dateUpdated": "2024-11-29T10:54:27.841Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788" }, { "url": "https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20" }, { "url": "https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76" } ], "title": "riscv: VMAP_STACK overflow detection thread-safe", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52761", "datePublished": "2024-05-21T15:30:47.086Z", "dateReserved": "2024-05-21T15:19:24.237Z", "dateUpdated": "2024-11-29T10:54:27.841Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47446
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47446", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:56:14.035808Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:56:22.575Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.012Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3962d626eb3e3b23ebb2e2a61537fa764acbfe11" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/980d74e7d03ccf2eaa11d133416946bd880c7c08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a4xx_gpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3962d626eb3e", "status": "affected", "version": "5785dd7a8ef0", "versionType": "git" }, { "lessThan": "980d74e7d03c", "status": "affected", "version": "5785dd7a8ef0", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a4xx_gpu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a4xx: fix error handling in a4xx_gpu_init()\n\nThis code returns 1 on error instead of a negative error. It leads to\nan Oops in the caller. A second problem is that the check for\n\"if (ret != -ENODATA)\" cannot be true because \"ret\" is set to 1." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:03.980Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3962d626eb3e3b23ebb2e2a61537fa764acbfe11" }, { "url": "https://git.kernel.org/stable/c/980d74e7d03ccf2eaa11d133416946bd880c7c08" } ], "title": "drm/msm/a4xx: fix error handling in a4xx_gpu_init()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47446", "datePublished": "2024-05-22T06:19:38.839Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:03.980Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47418
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.126Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47418", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:50.787552Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:56.839Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/sched/sch_fifo.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0dd7ddc462b9", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "08d7056e8e25", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "26af64d71b62", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "d07098f45be8", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "c951a3be5e88", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "acff2d182c07", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "fb58cd799174", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" }, { "lessThan": "560ee196fe9e", "status": "affected", "version": "fb0305ce1b03", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/sched/sch_fifo.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.27" }, { "lessThan": "2.6.27", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.289", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.287", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.251", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.211", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: fix NULL deref in fifo_set_limit()\n\nsyzbot reported another NULL deref in fifo_set_limit() [1]\n\nI could repro the issue with :\n\nunshare -n\ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit\ntc qd replace dev lo parent 1:0 pfifo_fast\ntc qd change dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit\n\npfifo_fast does not have a change() operation.\nMake fifo_set_limit() more robust about this.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0\nOops: 0010 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 14443 Comm: syz-executor959 Not tainted 5.15.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\nRSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff888024c27910 RDI: ffff888071e34000\nRBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888024c27910\nR13: ffff888071e34018 R14: 0000000000000000 R15: ffff88801ef74800\nFS: 00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n fifo_set_limit net/sched/sch_fifo.c:242 [inline]\n fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227\n tbf_change+0x6ec/0x16d0 net/sched/sch_tbf.c:418\n qdisc_change net/sched/sch_api.c:1332 [inline]\n tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:31.803Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0dd7ddc462b9c2d31eb5a9926a2cc63eaa3e9f52" }, { "url": "https://git.kernel.org/stable/c/08d7056e8e250fd2e67dbea5be5fdecdd75bf6b4" }, { "url": "https://git.kernel.org/stable/c/26af64d71b6277841285fa40e3f7164a378dfda9" }, { "url": "https://git.kernel.org/stable/c/d07098f45be868a9cdce6c616563c36c64dbbd87" }, { "url": "https://git.kernel.org/stable/c/c951a3be5e8803e93bb49a0aca0d30457d3c1b67" }, { "url": "https://git.kernel.org/stable/c/acff2d182c0768a713cee77442caeb07668bd68f" }, { "url": "https://git.kernel.org/stable/c/fb58cd7991747b5e0b110c98c922d7b0e47a1f14" }, { "url": "https://git.kernel.org/stable/c/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc" } ], "title": "net_sched: fix NULL deref in fifo_set_limit()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47418", "datePublished": "2024-05-21T15:04:07.333Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:31.803Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47456
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "e6d9c80b7ca1" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "3.4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.4.290" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.9.288" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.14.253" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "4.19.214" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.4.156" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.76" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.14.15" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47456", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T14:47:53.013850Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-467", "description": "CWE-467 Use of sizeof() on a Pointer Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:08.225Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.411Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c616528ba4aeb1125a06b407572ab7b56acae38" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/447d44cd2f67a20b596ede3ca3cd67086dfd9ca9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/34914971bb3244db4ce2be44e9438a9b30c56250" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/adbda14730aacce41c0d3596415aa39ad63eafd9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1248582e47a9f7ce0ecd156c39fc61f8b6aa3699" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/28f28e4bc3a5e0051faa963f10b778ab38c1db69" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e5afdc2315b0737edcf55bede4ee1640d2d464d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/949fe9b35570361bc6ee2652f89a0561b26eec98" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/can/sja1000/peak_pci.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1c616528ba4a", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "447d44cd2f67", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "34914971bb32", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "adbda14730aa", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "1248582e47a9", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "28f28e4bc3a5", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "0e5afdc2315b", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" }, { "lessThan": "949fe9b35570", "status": "affected", "version": "e6d9c80b7ca1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/can/sja1000/peak_pci.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.4" }, { "lessThan": "3.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.253", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.214", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_pci: peak_pci_remove(): fix UAF\n\nWhen remove the module peek_pci, referencing \u0027chan\u0027 again after\nreleasing \u0027dev\u0027 will cause UAF.\n\nFix this by releasing \u0027dev\u0027 later.\n\nThe following log reveals it:\n\n[ 35.961814 ] BUG: KASAN: use-after-free in peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537\n[ 35.965513 ] Call Trace:\n[ 35.965718 ] dump_stack_lvl+0xa8/0xd1\n[ 35.966028 ] print_address_description+0x87/0x3b0\n[ 35.966420 ] kasan_report+0x172/0x1c0\n[ 35.966725 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967137 ] ? trace_irq_enable_rcuidle+0x10/0x170\n[ 35.967529 ] ? peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.967945 ] __asan_report_load8_noabort+0x14/0x20\n[ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci]\n[ 35.968752 ] pci_device_remove+0xa9/0x250" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:17.867Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1c616528ba4aeb1125a06b407572ab7b56acae38" }, { "url": "https://git.kernel.org/stable/c/447d44cd2f67a20b596ede3ca3cd67086dfd9ca9" }, { "url": "https://git.kernel.org/stable/c/34914971bb3244db4ce2be44e9438a9b30c56250" }, { "url": "https://git.kernel.org/stable/c/adbda14730aacce41c0d3596415aa39ad63eafd9" }, { "url": "https://git.kernel.org/stable/c/1248582e47a9f7ce0ecd156c39fc61f8b6aa3699" }, { "url": "https://git.kernel.org/stable/c/28f28e4bc3a5e0051faa963f10b778ab38c1db69" }, { "url": "https://git.kernel.org/stable/c/0e5afdc2315b0737edcf55bede4ee1640d2d464d" }, { "url": "https://git.kernel.org/stable/c/949fe9b35570361bc6ee2652f89a0561b26eec98" } ], "title": "can: peak_pci: peak_pci_remove(): fix UAF", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47456", "datePublished": "2024-05-22T06:19:45.363Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:17.867Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47470
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.395Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47470", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:05.363526Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.419Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/slub.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "159d8cfbd042", "status": "affected", "version": "64dd68497be7", "versionType": "git" }, { "lessThan": "67823a544414", "status": "affected", "version": "64dd68497be7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/slub.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: fix potential use-after-free in slab_debugfs_fops\n\nWhen sysfs_slab_add failed, we shouldn\u0027t call debugfs_slab_add() for s\nbecause s will be freed soon. And slab_debugfs_fops will use s later\nleading to a use-after-free." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:34.296Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83" }, { "url": "https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c" } ], "title": "mm, slub: fix potential use-after-free in slab_debugfs_fops", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47470", "datePublished": "2024-05-22T06:23:28.263Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-04T12:06:34.296Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47478
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47478", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:36:21.366364Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T15:12:42.793Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.618Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/isofs/inode.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "156ce5bb6cc4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9ec33a9b8790", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "afbd40f42522", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b0ddff8d68f2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6e80e9314f8b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "86d4aedcbc69", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b2fa1f52d22c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e7fb722586a2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e96a1866b405", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/isofs/inode.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.217", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.159", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Fix out of bound access for corrupted isofs image\n\nWhen isofs image is suitably corrupted isofs_read_inode() can read data\nbeyond the end of buffer. Sanity-check the directory entry length before\nusing it." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:42.521Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f" }, { "url": "https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e" }, { "url": "https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f" }, { "url": "https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1" }, { "url": "https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5" }, { "url": "https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7" }, { "url": "https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945" }, { "url": "https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d" }, { "url": "https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48" } ], "title": "isofs: Fix out of bound access for corrupted isofs image", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47478", "datePublished": "2024-05-22T08:19:31.521Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-07T15:12:42.793Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47475
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47475", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:52:35.271810Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:48.725Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.742Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/vmk80xx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5229159f1d05", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "ec85bcff4ed0", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "40d2a7e278e2", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "7a2021b896de", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "199acd8c110e", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "33d7a470730d", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "278484ae9329", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "06ac746d57e6", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "a23461c47482", "status": "affected", "version": "985cafccbf9b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/vmk80xx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.31" }, { "lessThan": "2.6.31", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.217", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.159", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix transfer-buffer overflows\n\nThe driver uses endpoint-sized USB transfer buffers but up until\nrecently had no sanity checks on the sizes.\n\nCommit e1f13c879a7c (\"staging: comedi: check validity of wMaxPacketSize\nof usb endpoints found\") inadvertently fixed NULL-pointer dereferences\nwhen accessing the transfer buffers in case a malicious device has a\nzero wMaxPacketSize.\n\nMake sure to allocate buffers large enough to handle also the other\naccesses that are done without a size check (e.g. byte 18 in\nvmk80xx_cnt_insn_read() for the VMK8061_MODEL) to avoid writing beyond\nthe buffers, for example, when doing descriptor fuzzing.\n\nThe original driver was for a low-speed device with 8-byte buffers.\nSupport was later added for a device that uses bulk transfers and is\npresumably a full-speed device with a maximum 64-byte wMaxPacketSize." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:38.963Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5229159f1d052821007aff1a1beb7873eacf1a9f" }, { "url": "https://git.kernel.org/stable/c/ec85bcff4ed09260243d8f39faba99e1041718ba" }, { "url": "https://git.kernel.org/stable/c/40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7" }, { "url": "https://git.kernel.org/stable/c/7a2021b896de1ad559d33b5c5cdd20b982242088" }, { "url": "https://git.kernel.org/stable/c/199acd8c110e3ae62833c24f632b0bb1c9f012a9" }, { "url": "https://git.kernel.org/stable/c/33d7a470730dfe7c9bfc8da84575cf2cedd60d00" }, { "url": "https://git.kernel.org/stable/c/278484ae93297b1bb1ce755f9d3b6d95a48c7d47" }, { "url": "https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50" }, { "url": "https://git.kernel.org/stable/c/a23461c47482fc232ffc9b819539d1f837adf2b1" } ], "title": "comedi: vmk80xx: fix transfer-buffer overflows", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47475", "datePublished": "2024-05-22T08:19:29.423Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:38.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52738
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52738", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:15:49.184533Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T20:21:18.445Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.070Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e557c8ca2c585bdef591b8503ba83b85f5d0afd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2bcbbef9cace772f5b7128b11401c515982de34b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5ad7bbf3dba5c4a684338df1f285080f2588b535" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2e557c8ca2c5", "status": "affected", "version": "067f44c8b459", "versionType": "git" }, { "lessThan": "2bcbbef9cace", "status": "affected", "version": "067f44c8b459", "versionType": "git" }, { "lessThan": "5ad7bbf3dba5", "status": "affected", "version": "067f44c8b459", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini\n\nCurrently amdgpu calls drm_sched_fini() from the fence driver sw fini\nroutine - such function is expected to be called only after the\nrespective init function - drm_sched_init() - was executed successfully.\n\nHappens that we faced a driver probe failure in the Steam Deck\nrecently, and the function drm_sched_fini() was called even without\nits counter-part had been previously called, causing the following oops:\n\namdgpu: probe of 0000:04:00.0 failed with error -110\nBUG: kernel NULL pointer dereference, address: 0000000000000090\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 609 Comm: systemd-udevd Not tainted 6.2.0-rc3-gpiccoli #338\nHardware name: Valve Jupiter/Jupiter, BIOS F7A0113 11/04/2022\nRIP: 0010:drm_sched_fini+0x84/0xa0 [gpu_sched]\n[...]\nCall Trace:\n \u003cTASK\u003e\n amdgpu_fence_driver_sw_fini+0xc8/0xd0 [amdgpu]\n amdgpu_device_fini_sw+0x2b/0x3b0 [amdgpu]\n amdgpu_driver_release_kms+0x16/0x30 [amdgpu]\n devm_drm_dev_init_release+0x49/0x70\n [...]\n\nTo prevent that, check if the drm_sched was properly initialized for a\ngiven ring before calling its fini counter-part.\n\nNotice ideally we\u0027d use sched.ready for that; such field is set as the latest\nthing on drm_sched_init(). But amdgpu seems to \"override\" the meaning of such\nfield - in the above oops for example, it was a GFX ring causing the crash, and\nthe sched.ready field was set to true in the ring init routine, regardless of\nthe state of the DRM scheduler. Hence, we ended-up using sched.ops as per\nChristian\u0027s suggestion [0], and also removed the no_scheduler check [1].\n\n[0] https://lore.kernel.org/amd-gfx/984ee981-2906-0eaf-ccec-9f80975cb136@amd.com/\n[1] https://lore.kernel.org/amd-gfx/cd0e2994-f85f-d837-609f-7056d5fb7231@amd.com/" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:45.135Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2e557c8ca2c585bdef591b8503ba83b85f5d0afd" }, { "url": "https://git.kernel.org/stable/c/2bcbbef9cace772f5b7128b11401c515982de34b" }, { "url": "https://git.kernel.org/stable/c/5ad7bbf3dba5c4a684338df1f285080f2588b535" } ], "title": "drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52738", "datePublished": "2024-05-21T15:23:01.903Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-06T20:21:18.445Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52864
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52864", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:21:10.578430Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:07.966Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.054Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835eecbb6a3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eba9ac7abab91c8f6d351460239108bef5e7a0b6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/platform/x86/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cf098e937dd1", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "9fb0eed09e14", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "d426a2955e45", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "e0bf076b734a", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "44a96796d258", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "36d85fa7ae0d", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "fb7b06b59c68", "status": "affected", "version": "44b6b7661132", "versionType": "git" }, { "lessThan": "eba9ac7abab9", "status": "affected", "version": "44b6b7661132", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/platform/x86/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:08.126Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6" }, { "url": "https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203" }, { "url": "https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453" }, { "url": "https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097" }, { "url": "https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e" }, { "url": "https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e" }, { "url": "https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835eecbb6a3" }, { "url": "https://git.kernel.org/stable/c/eba9ac7abab91c8f6d351460239108bef5e7a0b6" } ], "title": "platform/x86: wmi: Fix opening of char device", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52864", "datePublished": "2024-05-21T15:31:55.875Z", "dateReserved": "2024-05-21T15:19:24.261Z", "dateUpdated": "2024-11-04T14:54:08.126Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52748
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.561Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52748", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:22.209174Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:33.570Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/f2fs/compress.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c041f5ddef00", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e4088d7d8f11", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "526dd7540a09", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6fca08fd3085", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "3eebe636cac5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e0d4e8acb378", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/f2fs/compress.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: avoid format-overflow warning\n\nWith gcc and W=1 option, there\u0027s a warning like this:\n\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n 1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\n\t\tMINOR(dev));\n | ^~\n\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name\u0027s size should be 35 rather than 32." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:56.919Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f" }, { "url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9" }, { "url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79" }, { "url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00" }, { "url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f" }, { "url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063" } ], "title": "f2fs: avoid format-overflow warning", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52748", "datePublished": "2024-05-21T15:30:38.229Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:51:56.919Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47441
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "ae0993739e14", "status": "affected", "version": "a50c1e35650b", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "4.10" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "4.10", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.5", "status": "unaffected", "version": "5.4.155", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.11", "status": "unaffected", "version": "5.10.75", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.15", "status": "unaffected", "version": "5.14.14", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "custom" }, { "lessThan": "e59d839743b5", "status": "affected", "version": "a50c1e35650b", "versionType": "custom" }, { "lessThan": "df8e58716afb", "status": "affected", "version": "a50c1e35650b", "versionType": "custom" }, { "lessThan": "332fdf951df8", "status": "affected", "version": "a50c1e35650b", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47441", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:01:53.700681Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-22T18:05:13.999Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.326Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ae0993739e14a102d506aa09e11b0065f3144f10" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e59d839743b50cb1d3f42a786bea48cc5621d254" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df8e58716afb3bee2b59de66b1ba1033f2e26303" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/332fdf951df8b870e3da86b122ae304e2aabe88c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/core_thermal.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ae0993739e14", "status": "affected", "version": "a50c1e35650b", "versionType": "git" }, { "lessThan": "e59d839743b5", "status": "affected", "version": "a50c1e35650b", "versionType": "git" }, { "lessThan": "df8e58716afb", "status": "affected", "version": "a50c1e35650b", "versionType": "git" }, { "lessThan": "332fdf951df8", "status": "affected", "version": "a50c1e35650b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/core_thermal.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.10" }, { "lessThan": "4.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: thermal: Fix out-of-bounds memory accesses\n\nCurrently, mlxsw allows cooling states to be set above the maximum\ncooling state supported by the driver:\n\n # cat /sys/class/thermal/thermal_zone2/cdev0/type\n mlxsw_fan\n # cat /sys/class/thermal/thermal_zone2/cdev0/max_state\n 10\n # echo 18 \u003e /sys/class/thermal/thermal_zone2/cdev0/cur_state\n # echo $?\n 0\n\nThis results in out-of-bounds memory accesses when thermal state\ntransition statistics are enabled (CONFIG_THERMAL_STATISTICS=y), as the\ntransition table is accessed with a too large index (state) [1].\n\nAccording to the thermal maintainer, it is the responsibility of the\ndriver to reject such operations [2].\n\nTherefore, return an error when the state to be set exceeds the maximum\ncooling state supported by the driver.\n\nTo avoid dead code, as suggested by the thermal maintainer [3],\npartially revert commit a421ce088ac8 (\"mlxsw: core: Extend cooling\ndevice with cooling levels\") that tried to interpret these invalid\ncooling states (above the maximum) in a special way. The cooling levels\narray is not removed in order to prevent the fans going below 20% PWM,\nwhich would cause them to get stuck at 0% PWM.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x271/0x290\nRead of size 4 at addr ffff8881052f7bf8 by task kworker/0:0/5\n\nCPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.15.0-rc3-custom-45935-gce1adf704b14 #122\nHardware name: Mellanox Technologies Ltd. \"MSN2410-CB2FO\"/\"SA000874\", BIOS 4.6.5 03/08/2016\nWorkqueue: events_freezable_power_ thermal_zone_device_check\nCall Trace:\n dump_stack_lvl+0x8b/0xb3\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n thermal_cooling_device_stats_update+0x271/0x290\n __thermal_cdev_update+0x15e/0x4e0\n thermal_cdev_update+0x9f/0xe0\n step_wise_throttle+0x770/0xee0\n thermal_zone_device_update+0x3f6/0xdf0\n process_one_work+0xa42/0x1770\n worker_thread+0x62f/0x13e0\n kthread+0x3ee/0x4e0\n ret_from_fork+0x1f/0x30\n\nAllocated by task 1:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0x7c/0x90\n thermal_cooling_device_setup_sysfs+0x153/0x2c0\n __thermal_cooling_device_register.part.0+0x25b/0x9c0\n thermal_cooling_device_register+0xb3/0x100\n mlxsw_thermal_init+0x5c5/0x7e0\n __mlxsw_core_bus_device_register+0xcb3/0x19c0\n mlxsw_core_bus_device_register+0x56/0xb0\n mlxsw_pci_probe+0x54f/0x710\n local_pci_probe+0xc6/0x170\n pci_device_probe+0x2b2/0x4d0\n really_probe+0x293/0xd10\n __driver_probe_device+0x2af/0x440\n driver_probe_device+0x51/0x1e0\n __driver_attach+0x21b/0x530\n bus_for_each_dev+0x14c/0x1d0\n bus_add_driver+0x3ac/0x650\n driver_register+0x241/0x3d0\n mlxsw_sp_module_init+0xa2/0x174\n do_one_initcall+0xee/0x5f0\n kernel_init_freeable+0x45a/0x4de\n kernel_init+0x1f/0x210\n ret_from_fork+0x1f/0x30\n\nThe buggy address belongs to the object at ffff8881052f7800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 1016 bytes inside of\n 1024-byte region [ffff8881052f7800, ffff8881052f7c00)\nThe buggy address belongs to the page:\npage:0000000052355272 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1052f0\nhead:0000000052355272 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0x200000000010200(slab|head|node=0|zone=2)\nraw: 0200000000010200 ffffea0005034800 0000000300000003 ffff888100041dc0\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff8881052f7a80: 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc fc\n ffff8881052f7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff8881052f7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ^\n ffff8881052f7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff8881052f7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\n[2] https://lore.kernel.org/linux-pm/9aca37cb-1629-5c67-\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:57.598Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ae0993739e14a102d506aa09e11b0065f3144f10" }, { "url": "https://git.kernel.org/stable/c/e59d839743b50cb1d3f42a786bea48cc5621d254" }, { "url": "https://git.kernel.org/stable/c/df8e58716afb3bee2b59de66b1ba1033f2e26303" }, { "url": "https://git.kernel.org/stable/c/332fdf951df8b870e3da86b122ae304e2aabe88c" } ], "title": "mlxsw: thermal: Fix out-of-bounds memory accesses", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47441", "datePublished": "2024-05-22T06:19:35.562Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:57.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47428
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47428", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:45:14.633880Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:19.775Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.228Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/411b38fe68ba20a8bbe724b0939762c3f16e16ca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c835b3d1d6362b4a4ebb192da7e7fd27a0a45d01" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e607dc4df180b72a38e75030cb0f94d12808712" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/exceptions-64s.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "411b38fe68ba", "status": "affected", "version": "0a882e28468f", "versionType": "git" }, { "lessThan": "c835b3d1d636", "status": "affected", "version": "0a882e28468f", "versionType": "git" }, { "lessThan": "3e607dc4df18", "status": "affected", "version": "0a882e28468f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/exceptions-64s.S" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: fix program check interrupt emergency stack path\n\nEmergency stack path was jumping into a 3: label inside the\n__GEN_COMMON_BODY macro for the normal path after it had finished,\nrather than jumping over it. By a small miracle this is the correct\nplace to build up a new interrupt frame with the existing stack\npointer, so things basically worked okay with an added weird looking\n700 trap frame on top (which had the wrong -\u003enip so it didn\u0027t decode\nbug messages either).\n\nFix this by avoiding using numeric labels when jumping over non-trivial\nmacros.\n\nBefore:\n\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: sh Not tainted 5.15.0-rc2-00034-ge057cdade6e5 #2637\n NIP: 7265677368657265 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3a50 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 00000700 XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 c0000000fffb3cf0 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [7265677368657265] 0x7265677368657265\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n Call Trace:\n [c0000000fffb3cf0] [c00000000000bdac] soft_nmi_common+0x13c/0x1d0 (unreliable)\n --- interrupt: 700 at decrementer_common_virt+0xb8/0x230\n NIP: c0000000000098b8 LR: c00000000006c0c8 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 22424282 XER: 20040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006c964 0000000000002400 c000000001513800 0000000000000000\n GPR04: 0000000048ab0778 0000000042000000 0000000000000000 0000000000001299\n GPR08: 000001e447c718ec 0000000022424282 0000000000002710 c00000000006bee8\n GPR12: 9000000000009033 c0000000016b0000 00000000000000b0 0000000000000001\n GPR16: 0000000000000000 0000000000000002 0000000000000000 0000000000000ff8\n GPR20: 0000000000001fff 0000000000000007 0000000000000080 00007fff89d90158\n GPR24: 0000000002000000 0000000002000000 0000000000000255 0000000000000300\n GPR28: c000000001270000 0000000042000000 0000000048ab0778 c000000080647e80\n NIP [c0000000000098b8] decrementer_common_virt+0xb8/0x230\n LR [c00000000006c0c8] ___do_page_fault+0x3f8/0xb10\n --- interrupt: 700\n Instruction dump:\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX\n ---[ end trace 6d28218e0cc3c949 ]---\n\nAfter:\n\n ------------[ cut here ]------------\n kernel BUG at arch/powerpc/kernel/exceptions-64s.S:491!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA PowerNV\n Modules linked in:\n CPU: 0 PID: 88 Comm: login Not tainted 5.15.0-rc2-00034-ge057cdade6e5-dirty #2638\n NIP: c0000000000098b8 LR: c00000000006bf04 CTR: c0000000000097f0\n REGS: c0000000fffb3d60 TRAP: 0700 Not tainted\n MSR: 9000000000021031 \u003cSF,HV,ME,IR,DR,LE\u003e CR: 24482227 XER: 00040000\n CFAR: c0000000000098b0 IRQMASK: 0\n GPR00: c00000000006bf04 0000000000002400 c000000001513800 c000000001271868\n GPR04: 00000000100f0d29 0000000042000000 0000000000000007 0000000000000009\n GPR08: 00000000100f0d29 0000000024482227 0000000000002710 c000000000181b3c\n GPR12: 9000000000009033 c0000000016b0000 00000000100f0d29 c000000005b22f00\n GPR16: 00000000ffff0000 0000000000000001 0000000000000009 00000000100eed90\n GPR20: 00000000100eed90 00000\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:43.521Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/411b38fe68ba20a8bbe724b0939762c3f16e16ca" }, { "url": "https://git.kernel.org/stable/c/c835b3d1d6362b4a4ebb192da7e7fd27a0a45d01" }, { "url": "https://git.kernel.org/stable/c/3e607dc4df180b72a38e75030cb0f94d12808712" } ], "title": "powerpc/64s: fix program check interrupt emergency stack path", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47428", "datePublished": "2024-05-21T15:04:13.910Z", "dateReserved": "2024-05-21T14:58:30.828Z", "dateUpdated": "2024-11-04T12:05:43.521Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47471
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47471", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:40:54.294735Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T15:35:16.391Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.405Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/mxsfb/mxsfb_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f40c2281d2c0", "status": "affected", "version": "ae1ed0093281", "versionType": "git" }, { "lessThan": "b0e6db0656dd", "status": "affected", "version": "ae1ed0093281", "versionType": "git" }, { "lessThan": "3cfc183052c3", "status": "affected", "version": "ae1ed0093281", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/mxsfb/mxsfb_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: mxsfb: Fix NULL pointer dereference crash on unload\n\nThe mxsfb-\u003ecrtc.funcs may already be NULL when unloading the driver,\nin which case calling mxsfb_irq_disable() via drm_irq_uninstall() from\nmxsfb_unload() leads to NULL pointer dereference.\n\nSince all we care about is masking the IRQ and mxsfb-\u003ebase is still\nvalid, just use that to clear and mask the IRQ." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:35.470Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472" }, { "url": "https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8" }, { "url": "https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a" } ], "title": "drm: mxsfb: Fix NULL pointer dereference crash on unload", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47471", "datePublished": "2024-05-22T06:23:28.903Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-04T12:06:35.470Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47468
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47468", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:08.496744Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.524Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/isdn/hardware/mISDN/netjet.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6f95c97e0f9d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ef269a8808cb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "37e4f57b22cc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a5b34409d3fc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4054b869dc26", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9f591cbdbed3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f5966ba53013", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6510e80a0b81", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/isdn/hardware/mISDN/netjet.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.253", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.214", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card-\u003eisac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[ 44.169574 ] INFO: lockdep is turned off.\n[ 44.169899 ] irq event stamp: 0\n[ 44.170160 ] hardirqs last enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.170627 ] hardirqs last disabled at (0): [\u003cffffffff814209ed\u003e] copy_process+0x132d/0x3e00\n[ 44.171240 ] softirqs last enabled at (0): [\u003cffffffff81420a1a\u003e] copy_process+0x135a/0x3e00\n[ 44.171852 ] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.172318 ] Preemption disabled at:\n[ 44.172320 ] [\u003cffffffffa009b0a9\u003e] nj_release+0x69/0x500 [netjet]\n[ 44.174441 ] Call Trace:\n[ 44.174630 ] dump_stack_lvl+0xa8/0xd1\n[ 44.174912 ] dump_stack+0x15/0x17\n[ 44.175166 ] ___might_sleep+0x3a2/0x510\n[ 44.175459 ] ? nj_release+0x69/0x500 [netjet]\n[ 44.175791 ] __might_sleep+0x82/0xe0\n[ 44.176063 ] ? start_flush_work+0x20/0x7b0\n[ 44.176375 ] start_flush_work+0x33/0x7b0\n[ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170\n[ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177711 ] __flush_work+0x11a/0x1a0\n[ 44.177991 ] ? flush_work+0x20/0x20\n[ 44.178257 ] ? lock_release+0x13c/0x8f0\n[ 44.178550 ] ? __kasan_check_write+0x14/0x20\n[ 44.178872 ] ? do_raw_spin_lock+0x148/0x360\n[ 44.179187 ] ? read_lock_is_recursive+0x20/0x20\n[ 44.179530 ] ? __kasan_check_read+0x11/0x20\n[ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900\n[ 44.180168 ] ? ____kasan_slab_free+0x116/0x140\n[ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60\n[ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0\n[ 44.181189 ] ? kfree+0x13e/0x290\n[ 44.181438 ] flush_work+0x17/0x20\n[ 44.181695 ] mISDN_freedchannel+0xe8/0x100\n[ 44.182006 ] isac_release+0x210/0x260 [mISDNipac]\n[ 44.182366 ] nj_release+0xf6/0x500 [netjet]\n[ 44.182685 ] nj_remove+0x48/0x70 [netjet]\n[ 44.182989 ] pci_device_remove+0xa9/0x250" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:31.999Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b" }, { "url": "https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c" }, { "url": "https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367" }, { "url": "https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b" }, { "url": "https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89" }, { "url": "https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d" }, { "url": "https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026" }, { "url": "https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c" } ], "title": "isdn: mISDN: Fix sleeping function called from invalid context", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47468", "datePublished": "2024-05-22T06:23:26.982Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-04T12:06:31.999Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47427
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.381Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47427", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:44.486165Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:37.669Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/libiscsi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1642f51ac0d4", "status": "affected", "version": "d39df158518c", "versionType": "git" }, { "lessThan": "258aad75c621", "status": "affected", "version": "d39df158518c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/libiscsi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix iscsi_task use after free\n\nCommit d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\")\nadded iscsi_get_conn()/iscsi_put_conn() calls during abort handling but\nthen also changed the handling of the case where we detect an already\ncompleted task where we now end up doing a goto to the common put/cleanup\ncode. This results in a iscsi_task use after free, because the common\ncleanup code will do a put on the iscsi_task.\n\nThis reverts the goto and moves the iscsi_get_conn() to after we\u0027ve checked\nif the iscsi_task is valid." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:42.361Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1642f51ac0d4f2b55d5748094c49ff8f7191b93c" }, { "url": "https://git.kernel.org/stable/c/258aad75c62146453d03028a44f2f1590d58e1f6" } ], "title": "scsi: iscsi: Fix iscsi_task use after free", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47427", "datePublished": "2024-05-21T15:04:13.244Z", "dateReserved": "2024-05-21T14:58:30.828Z", "dateUpdated": "2024-11-04T12:05:42.361Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52764
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.774Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52764", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:06.356182Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:31.755Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/usb/gspca/cpia1.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "69bba62600bd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2eee8edfff90", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8f83c85ee882", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c6b6b8692218", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "09cd8b561aa9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a647f27a7426", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "93bddd6529f1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e2d7149b913d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "099be1822d1f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/usb/gspca/cpia1.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:14.544Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/69bba62600bd91d6b7c1e8ca181faf8ac64f7060" }, { "url": "https://git.kernel.org/stable/c/2eee8edfff90e22980a6b22079d238c3c9d323bb" }, { "url": "https://git.kernel.org/stable/c/8f83c85ee88225319c52680792320c02158c2a9b" }, { "url": "https://git.kernel.org/stable/c/c6b6b8692218da73b33b310d7c1df90f115bdd9a" }, { "url": "https://git.kernel.org/stable/c/09cd8b561aa9796903710a1046957f2b112c8f26" }, { "url": "https://git.kernel.org/stable/c/a647f27a7426d2fe1b40da7c8fa2b81354a51177" }, { "url": "https://git.kernel.org/stable/c/93bddd6529f187f510eec759f37d0569243c9809" }, { "url": "https://git.kernel.org/stable/c/e2d7149b913d14352c82624e723ce1c211ca06d3" }, { "url": "https://git.kernel.org/stable/c/099be1822d1f095433f4b08af9cc9d6308ec1953" } ], "title": "media: gspca: cpia1: shift-out-of-bounds in set_flicker", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52764", "datePublished": "2024-05-21T15:30:49.032Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:14.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52822
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T15:25:25.145Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52822", "datePublished": "2024-05-21T15:31:27.548Z", "dateRejected": "2024-05-24T15:25:25.145Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-05-24T15:25:25.145Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52838
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52838", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:42.645076Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-04T17:59:31.482Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.061Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/imsttfb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "382e1931e0c9", "status": "affected", "version": "7f683f286a21", "versionType": "git" }, { "lessThan": "6c66d737b272", "status": "affected", "version": "815c95d82b79", "versionType": "git" }, { "lessThan": "a4dfebec32ec", "status": "affected", "version": "2bf70b88cc35", "versionType": "git" }, { "lessThan": "8e4b510fe917", "status": "affected", "version": "ad3de274e065", "versionType": "git" }, { "lessThan": "7bc7b82fb219", "status": "affected", "version": "c6c0a9f61958", "versionType": "git" }, { "lessThan": "18d26f9baca7", "status": "affected", "version": "c75f5a550610", "versionType": "git" }, { "lessThan": "b346a531159d", "status": "affected", "version": "c75f5a550610", "versionType": "git" }, { "lessThan": "aba6ab57a910", "status": "affected", "version": "c75f5a550610", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/imsttfb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.4" }, { "lessThan": "6.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI\u0027ve re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par-\u003ecmap_regs)." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:36.329Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485" }, { "url": "https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d" }, { "url": "https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4" }, { "url": "https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513" }, { "url": "https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d" }, { "url": "https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a" }, { "url": "https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00" }, { "url": "https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b" } ], "title": "fbdev: imsttfb: fix a resource leak in probe", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52838", "datePublished": "2024-05-21T15:31:38.539Z", "dateReserved": "2024-05-21T15:19:24.253Z", "dateUpdated": "2024-12-04T17:59:31.482Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47438
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47438", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:33.416738Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:04:18.552Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.306Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4f7bddf8c5c01cac74373443b13a68e1c6723a94" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ed8aafea4fec9c654e63445236e0b505e27ed3a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/94b960b9deffc02fc0747afc01f72cc62ab099e3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx5/core/cq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4f7bddf8c5c0", "status": "affected", "version": "e126ba97dba9", "versionType": "git" }, { "lessThan": "ed8aafea4fec", "status": "affected", "version": "e126ba97dba9", "versionType": "git" }, { "lessThan": "94b960b9deff", "status": "affected", "version": "e126ba97dba9", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx5/core/cq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.11" }, { "lessThan": "3.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path\n\nPrior to this patch in case mlx5_core_destroy_cq() failed it returns\nwithout completing all destroy operations and that leads to memory leak.\nInstead, complete the destroy flow before return error.\n\nAlso move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq()\nto be symmetrical with mlx5_core_create_cq().\n\nkmemleak complains on:\n\nunreferenced object 0xc000000038625100 (size 64):\n comm \"ethtool\", pid 28301, jiffies 4298062946 (age 785.380s)\n hex dump (first 32 bytes):\n 60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0 `.H.......4.....\n 02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0 ..........}.....\n backtrace:\n [\u003c000000009e8643cb\u003e] add_res_tree+0xd0/0x270 [mlx5_core]\n [\u003c00000000e7cb8e6c\u003e] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core]\n [\u003c000000002a12918f\u003e] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core]\n [\u003c00000000cef0a696\u003e] mlx5e_create_cq+0x210/0x3f0 [mlx5_core]\n [\u003c000000009c642c26\u003e] mlx5e_open_cq+0xb4/0x130 [mlx5_core]\n [\u003c0000000058dfa578\u003e] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core]\n [\u003c0000000081839561\u003e] mlx5e_open_channels+0x9cc/0x13e0 [mlx5_core]\n [\u003c0000000009cf05d4\u003e] mlx5e_switch_priv_channels+0xa4/0x230\n[mlx5_core]\n [\u003c0000000042bbedd8\u003e] mlx5e_safe_switch_params+0x14c/0x300\n[mlx5_core]\n [\u003c0000000004bc9db8\u003e] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core]\n [\u003c00000000a0553443\u003e] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core]\n [\u003c00000000a8f3d84b\u003e] ethnl_set_privflags+0x234/0x2d0\n [\u003c00000000fd27f27c\u003e] genl_family_rcv_msg_doit+0x108/0x1d0\n [\u003c00000000f495e2bb\u003e] genl_family_rcv_msg+0xe4/0x1f0\n [\u003c00000000646c5c2c\u003e] genl_rcv_msg+0x78/0x120\n [\u003c00000000d53e384e\u003e] netlink_rcv_skb+0x74/0x1a0" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:54.101Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4f7bddf8c5c01cac74373443b13a68e1c6723a94" }, { "url": "https://git.kernel.org/stable/c/ed8aafea4fec9c654e63445236e0b505e27ed3a7" }, { "url": "https://git.kernel.org/stable/c/94b960b9deffc02fc0747afc01f72cc62ab099e3" } ], "title": "net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47438", "datePublished": "2024-05-22T06:19:33.537Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:54.101Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52785
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52785", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:33:28.174568Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:35.194Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.024Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/ufs/core/ufs-mcq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8f15a7e3c054", "status": "affected", "version": "f1304d442077", "versionType": "git" }, { "lessThan": "f84d461f33a6", "status": "affected", "version": "f1304d442077", "versionType": "git" }, { "lessThan": "27900d7119c4", "status": "affected", "version": "f1304d442077", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/ufs/core/ufs-mcq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR\n\nIf command timeout happens and cq complete IRQ is raised at the same time,\nufshcd_mcq_abort clears lprb-\u003ecmd and a NULL pointer deref happens in the\nISR. Error log:\n\nufshcd_abort: Device abort task at tag 18\nUnable to handle kernel NULL pointer dereference at virtual address\n0000000000000108\npc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44\nlr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:41.606Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1" }, { "url": "https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7" }, { "url": "https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240" } ], "title": "scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52785", "datePublished": "2024-05-21T15:31:03.040Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:41.606Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52758
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T15:27:25.169Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52758", "datePublished": "2024-05-21T15:30:45.122Z", "dateRejected": "2024-05-24T15:27:25.169Z", "dateReserved": "2024-05-21T15:19:24.237Z", "dateUpdated": "2024-05-24T15:27:25.169Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52827
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52827", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:23:07.677346Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:45.297Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.061Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "79527c21a3ce", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "c9e44111da22", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "1bc44a505a22", "status": "affected", "version": "d889913205cf", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()\n\nlen is extracted from HTT message and could be an unexpected value in\ncase errors happen, so add validation before using to avoid possible\nout-of-bound read in the following message iteration and parsing.\n\nThe same issue also applies to ppdu_info-\u003eppdu_stats.common.num_users,\nso validate it before using too.\n\nThese are found during code review.\n\nCompile test only." } ], "providerMetadata": { "dateUpdated": "2024-11-29T10:54:29.423Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/79527c21a3ce04cffc35ea54f74ee087e532be57" }, { "url": "https://git.kernel.org/stable/c/c9e44111da221246efb2e623ae1be40a5cf6542c" }, { "url": "https://git.kernel.org/stable/c/1bc44a505a229bb1dd4957e11aa594edeea3690e" } ], "title": "wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52827", "datePublished": "2024-05-21T15:31:30.837Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-11-29T10:54:29.423Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52807
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52807", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:46.627147Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:02.706Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.914Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "07f5b8c47152", "status": "affected", "version": "c99fead7cb07", "versionType": "git" }, { "lessThan": "be1f703f39ef", "status": "affected", "version": "c99fead7cb07", "versionType": "git" }, { "lessThan": "f79d985c6906", "status": "affected", "version": "c99fead7cb07", "versionType": "git" }, { "lessThan": "53aba458f238", "status": "affected", "version": "c99fead7cb07", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/hisilicon/hns3/hns3_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.16" }, { "lessThan": "5.16", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs\n\nThe hns3 driver define an array of string to show the coalesce\ninfo, but if the kernel adds a new mode or a new state,\nout-of-bounds access may occur when coalesce info is read via\ndebugfs, this patch fix the problem." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:05.729Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09" }, { "url": "https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792" }, { "url": "https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4" }, { "url": "https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3" } ], "title": "net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52807", "datePublished": "2024-05-21T15:31:17.686Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:05.729Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52757
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.824Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52757", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:12.677779Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:56.199Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/smb/client/cifsproto.h", "fs/smb/client/smb2misc.c", "fs/smb/client/transport.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9eb44db68c5b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b9bb9607b1fc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c1a5962f1462", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e6322fd177c6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/smb/client/cifsproto.h", "fs/smb/client/smb2misc.c", "fs/smb/client/transport.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock. If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0 CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread() cifs_debug_data_proc_show()\n release_mid()\n spin_lock(\u0026server-\u003emid_lock);\n spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t spin_lock(\u0026server-\u003emid_lock)\n __release_mid()\n smb2_find_smb_tcon()\n spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:06.995Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29" }, { "url": "https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf" }, { "url": "https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26" }, { "url": "https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7" } ], "title": "smb: client: fix potential deadlock when releasing mids", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52757", "datePublished": "2024-05-21T15:30:44.248Z", "dateReserved": "2024-05-21T15:19:24.237Z", "dateUpdated": "2024-11-04T14:52:06.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52878
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52878", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:05:12.659416Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:41.925Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.163Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/can/dev/skb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "826120c9ba68", "status": "affected", "version": "a6e4bc530403", "versionType": "git" }, { "lessThan": "0d30931f1fa0", "status": "affected", "version": "a6e4bc530403", "versionType": "git" }, { "lessThan": "53c468008a7c", "status": "affected", "version": "a6e4bc530403", "versionType": "git" }, { "lessThan": "8ab67da06015", "status": "affected", "version": "a6e4bc530403", "versionType": "git" }, { "lessThan": "6411959c10fe", "status": "affected", "version": "a6e4bc530403", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/can/dev/skb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.33" }, { "lessThan": "2.6.33", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:26.015Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444" }, { "url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4" }, { "url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc" }, { "url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f" }, { "url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057" } ], "title": "can: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52878", "datePublished": "2024-05-21T15:32:10.616Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:26.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47442
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47442", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:47:55.982704Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:27.486Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/nfc/digital_technology.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "74569c78aa84", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "88c890b0b9a1", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "fcce6e525547", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "071bdef36391", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "2bde4aca56db", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "50cb95487c26", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "6432d7f1d1c3", "status": "affected", "version": "2c66daecc409", "versionType": "git" }, { "lessThan": "291c932fc369", "status": "affected", "version": "2c66daecc409", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/nfc/digital_technology.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.13" }, { "lessThan": "3.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_in_send_sdd_req()\n\n\u0027skb\u0027 is allocated in digital_in_send_sdd_req(), but not free when\ndigital_in_send_cmd() failed, which will cause memory leak. Fix it\nby freeing \u0027skb\u0027 if digital_in_send_cmd() return failed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:58.761Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a" }, { "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9" }, { "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873" }, { "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212" }, { "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db" }, { "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329" }, { "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86" }, { "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7" } ], "title": "NFC: digital: fix possible memory leak in digital_in_send_sdd_req()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47442", "datePublished": "2024-05-22T06:19:36.228Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:58.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52737
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.060Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/519b7e13b5ae8dd38da1e52275705343be6bb508" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52737", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:35.005166Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:35.821Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/btrfs/extent_io.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d8c594da79bc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "519b7e13b5ae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/btrfs/extent_io.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: lock the inode in shared mode before starting fiemap\n\nCurrently fiemap does not take the inode\u0027s lock (VFS lock), it only locks\na file range in the inode\u0027s io tree. This however can lead to a deadlock\nif we have a concurrent fsync on the file and fiemap code triggers a fault\nwhen accessing the user space buffer with fiemap_fill_next_extent(). The\ndeadlock happens on the inode\u0027s i_mmap_lock semaphore, which is taken both\nby fsync and btrfs_page_mkwrite(). This deadlock was recently reported by\nsyzbot and triggers a trace like the following:\n\n task:syz-executor361 state:D stack:20264 pid:5668 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n wait_on_state fs/btrfs/extent-io-tree.c:707 [inline]\n wait_extent_bit+0x577/0x6f0 fs/btrfs/extent-io-tree.c:751\n lock_extent+0x1c2/0x280 fs/btrfs/extent-io-tree.c:1742\n find_lock_delalloc_range+0x4e6/0x9c0 fs/btrfs/extent_io.c:488\n writepage_delalloc+0x1ef/0x540 fs/btrfs/extent_io.c:1863\n __extent_writepage+0x736/0x14e0 fs/btrfs/extent_io.c:2174\n extent_write_cache_pages+0x983/0x1220 fs/btrfs/extent_io.c:3091\n extent_writepages+0x219/0x540 fs/btrfs/extent_io.c:3211\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2581\n filemap_fdatawrite_wbc+0x11e/0x170 mm/filemap.c:388\n __filemap_fdatawrite_range mm/filemap.c:421 [inline]\n filemap_fdatawrite_range+0x175/0x200 mm/filemap.c:439\n btrfs_fdatawrite_range fs/btrfs/file.c:3850 [inline]\n start_ordered_ops fs/btrfs/file.c:1737 [inline]\n btrfs_sync_file+0x4ff/0x1190 fs/btrfs/file.c:1839\n generic_write_sync include/linux/fs.h:2885 [inline]\n btrfs_do_write_iter+0xcd3/0x1280 fs/btrfs/file.c:1684\n call_write_iter include/linux/fs.h:2189 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f7d4054e9b9\n RSP: 002b:00007f7d404fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n RAX: ffffffffffffffda RBX: 00007f7d405d87a0 RCX: 00007f7d4054e9b9\n RDX: 0000000000000090 RSI: 0000000020000000 RDI: 0000000000000006\n RBP: 00007f7d405a51d0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 61635f65646f6e69\n R13: 65646f7475616f6e R14: 7261637369646f6e R15: 00007f7d405d87a8\n \u003c/TASK\u003e\n INFO: task syz-executor361:5697 blocked for more than 145 seconds.\n Not tainted 6.2.0-rc3-syzkaller-00376-g7c6984405241 #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:syz-executor361 state:D stack:21216 pid:5697 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n rwsem_down_read_slowpath+0x5f9/0x930 kernel/locking/rwsem.c:1095\n __down_read_common+0x54/0x2a0 kernel/locking/rwsem.c:1260\n btrfs_page_mkwrite+0x417/0xc80 fs/btrfs/inode.c:8526\n do_page_mkwrite+0x19e/0x5e0 mm/memory.c:2947\n wp_page_shared+0x15e/0x380 mm/memory.c:3295\n handle_pte_fault mm/memory.c:4949 [inline]\n __handle_mm_fault mm/memory.c:5073 [inline]\n handle_mm_fault+0x1b79/0x26b0 mm/memory.c:5219\n do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428\n handle_page_fault arch/x86/mm/fault.c:1519 [inline]\n exc_page_fault+0x7a/0x110 arch/x86/mm/fault.c:1575\n asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570\n RIP: 0010:copy_user_short_string+0xd/0x40 arch/x86/lib/copy_user_64.S:233\n Code: 74 0a 89 (...)\n RSP: 0018:ffffc9000570f330 EFLAGS: 000502\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:43.851Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1" }, { "url": "https://git.kernel.org/stable/c/519b7e13b5ae8dd38da1e52275705343be6bb508" } ], "title": "btrfs: lock the inode in shared mode before starting fiemap", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52737", "datePublished": "2024-05-21T15:23:01.202Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:43.851Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47435
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47435", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:48:43.435062Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:25.705Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.225Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/md/dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9fb7cd5c7fef", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d35aef9c60d3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9e07272cca2e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ad1393b92e50", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d29c78d3f9c5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6e506f07c5b5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d208b89401e0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/md/dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.313", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.278", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.242", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.193", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.113", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:51.756Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed" }, { "url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c" }, { "url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87" }, { "url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4" }, { "url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61" }, { "url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb" }, { "url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95" } ], "title": "dm: fix mempool NULL pointer race when completing IO", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47435", "datePublished": "2024-05-22T06:19:31.562Z", "dateReserved": "2024-05-21T14:58:30.830Z", "dateUpdated": "2024-11-04T12:05:51.756Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52865
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52865", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:32:41.804264Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:00.743Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.063Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa715746a5235" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/122ac6496e4975ddd7ec1edba4f6fc1e15e39478" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/606f6366a35a3329545e38129804d65ef26ed7d2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6797.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c26feedbc561", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "4c79cbfb8e9e", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "2705c5b97f50", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "81b162861107", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "3aefc6fcfbad", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "357df1c2f6ac", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "be3f12f16038", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "122ac6496e49", "status": "affected", "version": "96596aa06628", "versionType": "git" }, { "lessThan": "606f6366a35a", "status": "affected", "version": "96596aa06628", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt6797.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.12" }, { "lessThan": "4.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:09.326Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92" }, { "url": "https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836" }, { "url": "https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3" }, { "url": "https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf" }, { "url": "https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4" }, { "url": "https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c" }, { "url": "https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa715746a5235" }, { "url": "https://git.kernel.org/stable/c/122ac6496e4975ddd7ec1edba4f6fc1e15e39478" }, { "url": "https://git.kernel.org/stable/c/606f6366a35a3329545e38129804d65ef26ed7d2" } ], "title": "clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52865", "datePublished": "2024-05-21T15:31:56.527Z", "dateReserved": "2024-05-21T15:19:24.262Z", "dateUpdated": "2024-11-04T14:54:09.326Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52744
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52744", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:02.408361Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:32.925Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.755Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f5fe1cd8e6a97f94840b55f59ed08cbc397086f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/360682fe7df262d94fae54f737c487bec0f9190d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5d9745cead1f121974322b94ceadfb4d1e67960e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/irdma/cm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8f5fe1cd8e6a", "status": "affected", "version": "146b9756f14c", "versionType": "git" }, { "lessThan": "360682fe7df2", "status": "affected", "version": "146b9756f14c", "versionType": "git" }, { "lessThan": "5d9745cead1f", "status": "affected", "version": "146b9756f14c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/irdma/cm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix potential NULL-ptr-dereference\n\nin_dev_get() can return NULL which will cause a failure once idev is\ndereferenced in in_dev_for_each_ifa_rtnl(). This patch adds a\ncheck for NULL value in idev beforehand.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:52.232Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8f5fe1cd8e6a97f94840b55f59ed08cbc397086f" }, { "url": "https://git.kernel.org/stable/c/360682fe7df262d94fae54f737c487bec0f9190d" }, { "url": "https://git.kernel.org/stable/c/5d9745cead1f121974322b94ceadfb4d1e67960e" } ], "title": "RDMA/irdma: Fix potential NULL-ptr-dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52744", "datePublished": "2024-05-21T15:23:05.937Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:52.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47489
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47489", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:36.462454Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:36:44.982Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.769Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9eb4bdd554fc", "status": "affected", "version": "918698d5c2b5", "versionType": "git" }, { "lessThan": "3f4e54bd312d", "status": "affected", "version": "918698d5c2b5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams \u003ctdwilliamsiv@gmail.com\u003e\nDate: Wed Oct 13 16:04:13 2021 -0400\n\n drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:54.358Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9eb4bdd554fc31a5ef6bf645a20ff21618ce45a9" }, { "url": "https://git.kernel.org/stable/c/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5" } ], "title": "drm/amdgpu: Fix even more out of bound writes from debugfs", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47489", "datePublished": "2024-05-22T08:19:38.771Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:54.358Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52869
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "563ca40ddf40" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.8" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.201" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.139" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.63" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.12" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.2" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52869", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:43:39.605894Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:51.147Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.061Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/pstore/platform.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bb166bdae1a7", "status": "affected", "version": "563ca40ddf40", "versionType": "git" }, { "lessThan": "379b120e4f27", "status": "affected", "version": "563ca40ddf40", "versionType": "git" }, { "lessThan": "63f637309baa", "status": "affected", "version": "563ca40ddf40", "versionType": "git" }, { "lessThan": "1c426da79f9f", "status": "affected", "version": "563ca40ddf40", "versionType": "git" }, { "lessThan": "ad5cb6deb414", "status": "affected", "version": "563ca40ddf40", "versionType": "git" }, { "lessThan": "a19d48f7c5d5", "status": "affected", "version": "563ca40ddf40", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/pstore/platform.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/platform: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:14.499Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bb166bdae1a7d7db30e9be7e6ccaba606debc05f" }, { "url": "https://git.kernel.org/stable/c/379b120e4f27fd1cf636a5f85570c4d240a3f688" }, { "url": "https://git.kernel.org/stable/c/63f637309baadf81a095f2653e3b807d4b5814b9" }, { "url": "https://git.kernel.org/stable/c/1c426da79f9fc7b761021b5eb44185ba119cd44a" }, { "url": "https://git.kernel.org/stable/c/ad5cb6deb41417ef41b9d6ff54f789212108606f" }, { "url": "https://git.kernel.org/stable/c/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c" } ], "title": "pstore/platform: Add check for kstrdup", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52869", "datePublished": "2024-05-21T15:31:59.168Z", "dateReserved": "2024-05-21T15:19:24.263Z", "dateUpdated": "2024-11-04T14:54:14.499Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52854
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52854", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:22:41.019729Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:36.501Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.064Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/padata.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "41aad9d69539", "status": "affected", "version": "07928d9bfc81", "versionType": "git" }, { "lessThan": "0dd34a7ad395", "status": "affected", "version": "07928d9bfc81", "versionType": "git" }, { "lessThan": "c7c26d0ef5d2", "status": "affected", "version": "07928d9bfc81", "versionType": "git" }, { "lessThan": "1e901bcb8af1", "status": "affected", "version": "07928d9bfc81", "versionType": "git" }, { "lessThan": "1734a79e9519", "status": "affected", "version": "07928d9bfc81", "versionType": "git" }, { "lessThan": "7ddc21e317b3", "status": "affected", "version": "07928d9bfc81", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/padata.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix refcnt handling in padata_free_shell()\n\nIn a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead\nto system UAF (Use-After-Free) issues. Due to the lengthy analysis of\nthe pcrypt_aead01 function call, I\u0027ll describe the problem scenario\nusing a simplified model:\n\nSuppose there\u0027s a user of padata named `user_function` that adheres to\nthe padata requirement of calling `padata_free_shell` after `serial()`\nhas been invoked, as demonstrated in the following code:\n\n```c\nstruct request {\n struct padata_priv padata;\n struct completion *done;\n};\n\nvoid parallel(struct padata_priv *padata) {\n do_something();\n}\n\nvoid serial(struct padata_priv *padata) {\n struct request *request = container_of(padata,\n \t\t\t\tstruct request,\n\t\t\t\tpadata);\n complete(request-\u003edone);\n}\n\nvoid user_function() {\n DECLARE_COMPLETION(done)\n padata-\u003eparallel = parallel;\n padata-\u003eserial = serial;\n padata_do_parallel();\n wait_for_completion(\u0026done);\n padata_free_shell();\n}\n```\n\nIn the corresponding padata.c file, there\u0027s the following code:\n\n```c\nstatic void padata_serial_worker(struct work_struct *serial_work) {\n ...\n cnt = 0;\n\n while (!list_empty(\u0026local_list)) {\n ...\n padata-\u003eserial(padata);\n cnt++;\n }\n\n local_bh_enable();\n\n if (refcount_sub_and_test(cnt, \u0026pd-\u003erefcnt))\n padata_free_pd(pd);\n}\n```\n\nBecause of the high system load and the accumulation of unexecuted\nsoftirq at this moment, `local_bh_enable()` in padata takes longer\nto execute than usual. Subsequently, when accessing `pd-\u003erefcnt`,\n`pd` has already been released by `padata_free_shell()`, resulting\nin a UAF issue with `pd-\u003erefcnt`.\n\nThe fix is straightforward: add `refcount_dec_and_test` before calling\n`padata_free_pd` in `padata_free_shell`." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:55.312Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d" }, { "url": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5" }, { "url": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275" }, { "url": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f" }, { "url": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b" }, { "url": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f" } ], "title": "padata: Fix refcnt handling in padata_free_shell()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52854", "datePublished": "2024-05-21T15:31:49.235Z", "dateReserved": "2024-05-21T15:19:24.256Z", "dateUpdated": "2024-11-04T14:53:55.312Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47452
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47452", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:55:58.283625Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:56:06.393Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:58.991Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/netfilter/nft_chain_filter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "90c7c58aa2bd", "status": "affected", "version": "767d1216bff8", "versionType": "git" }, { "lessThan": "68a3765c659f", "status": "affected", "version": "767d1216bff8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/netfilter/nft_chain_filter.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: skip netdev events generated on netns removal\n\nsyzbot reported following (harmless) WARN:\n\n WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468\n nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230 [inline]\n nf_tables_unregister_hook include/net/netfilter/nf_tables.h:1090 [inline]\n __nft_release_basechain+0x138/0x640 net/netfilter/nf_tables_api.c:9524\n nft_netdev_event net/netfilter/nft_chain_filter.c:351 [inline]\n nf_tables_netdev_event+0x521/0x8a0 net/netfilter/nft_chain_filter.c:382\n\nreproducer:\nunshare -n bash -c \u0027ip link add br0 type bridge; nft add table netdev t ; \\\n nft add chain netdev t ingress \\{ type filter hook ingress device \"br0\" \\\n priority 0\\; policy drop\\; \\}\u0027\n\nProblem is that when netns device exit hooks create the UNREGISTER\nevent, the .pre_exit hook for nf_tables core has already removed the\nbase hook. Notifier attempts to do this again.\n\nThe need to do base hook unregister unconditionally was needed in the past,\nbecause notifier was last stage where reg-\u003edev dereference was safe.\n\nNow that nf_tables does the hook removal in .pre_exit, this isn\u0027t\nneeded anymore." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:13.123Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f" }, { "url": "https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739" } ], "title": "netfilter: nf_tables: skip netdev events generated on netns removal", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47452", "datePublished": "2024-05-22T06:19:42.721Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:13.123Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52876
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52876", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:20:33.699635Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:18.864Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.122Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt7629-eth.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cfa68e0ac5dc", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "96e9544a0c4f", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "c4070ada5d51", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "a540ca0aeae8", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "b20cfe007a46", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "1639072f6260", "status": "affected", "version": "3b5e748615e7", "versionType": "git" }, { "lessThan": "0884393c63cc", "status": "affected", "version": "3b5e748615e7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt7629-eth.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.0" }, { "lessThan": "5.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:23.535Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68" }, { "url": "https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22" }, { "url": "https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b" }, { "url": "https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783" }, { "url": "https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592" }, { "url": "https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7" }, { "url": "https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd76feeb9" } ], "title": "clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52876", "datePublished": "2024-05-21T15:32:09.269Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:23.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52731
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.499Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87b9802ca824fcee7915e717e9a60471af62e8e9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1d91f0e9d5a240a809698d7d9c5a538e7dcc149" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3efc61d95259956db25347e2a9562c3e54546e20" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52731", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:38.155499Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:36.311Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/core/fb_defio.c", "drivers/video/fbdev/core/fbmem.c", "include/linux/fb.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "87b9802ca824", "status": "affected", "version": "186b89659c4c", "versionType": "git" }, { "lessThan": "f1d91f0e9d5a", "status": "affected", "version": "56c134f7f1b5", "versionType": "git" }, { "lessThan": "3efc61d95259", "status": "affected", "version": "56c134f7f1b5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/video/fbdev/core/fb_defio.c", "drivers/video/fbdev/core/fbmem.c", "include/linux/fb.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix invalid page access after closing deferred I/O devices\n\nWhen a fbdev with deferred I/O is once opened and closed, the dirty\npages still remain queued in the pageref list, and eventually later\nthose may be processed in the delayed work. This may lead to a\ncorruption of pages, hitting an Oops.\n\nThis patch makes sure to cancel the delayed work and clean up the\npageref list at closing the device for addressing the bug. A part of\nthe cleanup code is factored out as a new helper function that is\ncalled from the common fb_release()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:37.911Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/87b9802ca824fcee7915e717e9a60471af62e8e9" }, { "url": "https://git.kernel.org/stable/c/f1d91f0e9d5a240a809698d7d9c5a538e7dcc149" }, { "url": "https://git.kernel.org/stable/c/3efc61d95259956db25347e2a9562c3e54546e20" } ], "title": "fbdev: Fix invalid page access after closing deferred I/O devices", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52731", "datePublished": "2024-05-21T15:22:57.282Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:37.911Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47223
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47223", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T18:10:14.404752Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:02.341Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:07.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/bridge/br_private.h", "net/bridge/br_vlan_tunnel.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ad7feefe7164", "status": "affected", "version": "11538d039ac6", "versionType": "git" }, { "lessThan": "24a6e55f17aa", "status": "affected", "version": "11538d039ac6", "versionType": "git" }, { "lessThan": "a2241e62f6b4", "status": "affected", "version": "11538d039ac6", "versionType": "git" }, { "lessThan": "fe0448a3fad3", "status": "affected", "version": "11538d039ac6", "versionType": "git" }, { "lessThan": "abb02e05cb1c", "status": "affected", "version": "11538d039ac6", "versionType": "git" }, { "lessThan": "58e2071742e3", "status": "affected", "version": "11538d039ac6", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/bridge/br_private.h", "net/bridge/br_vlan_tunnel.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.11" }, { "lessThan": "4.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.238", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.196", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.128", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.46", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix vlan tunnel dst null pointer dereference\n\nThis patch fixes a tunnel_dst null pointer dereference due to lockless\naccess in the tunnel egress path. When deleting a vlan tunnel the\ntunnel_dst pointer is set to NULL without waiting a grace period (i.e.\nwhile it\u0027s still usable) and packets egressing are dereferencing it\nwithout checking. Use READ/WRITE_ONCE to annotate the lockless use of\ntunnel_id, use RCU for accessing tunnel_dst and make sure it is read\nonly once and checked in the egress path. The dst is already properly RCU\nprotected so we don\u0027t need to do anything fancy than to make sure\ntunnel_id and tunnel_dst are read only once and checked in the egress path." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:01:47.587Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79" }, { "url": "https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530" }, { "url": "https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c" }, { "url": "https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7" }, { "url": "https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d" }, { "url": "https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f" } ], "title": "net: bridge: fix vlan tunnel dst null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47223", "datePublished": "2024-05-21T14:19:28.882Z", "dateReserved": "2024-04-10T18:59:19.529Z", "dateUpdated": "2024-11-04T12:01:47.587Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47454
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47454", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:49:10.356521Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:30.604Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.627Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53770a411559cf7bc0906d1df319cc533d2f4f58" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3ea0b497a7a2fff6a4b7090310c9f52c91975934" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/787252a10d9422f3058df9a4821f389e5326c440" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/smp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "53770a411559", "status": "affected", "version": "bdf4d33e8342", "versionType": "git" }, { "lessThan": "3ea0b497a7a2", "status": "affected", "version": "2c669ef6979c", "versionType": "git" }, { "lessThan": "787252a10d94", "status": "affected", "version": "2c669ef6979c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/smp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/smp: do not decrement idle task preempt count in CPU offline\n\nWith PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we\nget:\n\nBUG: scheduling while atomic: swapper/1/0/0x00000000\nno locks held by swapper/1/0.\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100\nCall Trace:\n dump_stack_lvl+0xac/0x108\n __schedule_bug+0xac/0xe0\n __schedule+0xcf8/0x10d0\n schedule_idle+0x3c/0x70\n do_idle+0x2d8/0x4a0\n cpu_startup_entry+0x38/0x40\n start_secondary+0x2ec/0x3a0\n start_secondary_prolog+0x10/0x14\n\nThis is because powerpc\u0027s arch_cpu_idle_dead() decrements the idle task\u0027s\npreempt count, for reasons explained in commit a7c2bb8279d2 (\"powerpc:\nRe-enable preemption before cpu_die()\"), specifically \"start_secondary()\nexpects a preempt_count() of 0.\"\n\nHowever, since commit 2c669ef6979c (\"powerpc/preempt: Don\u0027t touch the idle\ntask\u0027s preempt_count during hotplug\") and commit f1a0a376ca0c (\"sched/core:\nInitialize the idle task with preemption disabled\"), that justification no\nlonger holds.\n\nThe idle task isn\u0027t supposed to re-enable preemption, so remove the\nvestigial preempt_enable() from the CPU offline path.\n\nTested with pseries and powernv in qemu, and pseries on PowerVM." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:15.558Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/53770a411559cf7bc0906d1df319cc533d2f4f58" }, { "url": "https://git.kernel.org/stable/c/3ea0b497a7a2fff6a4b7090310c9f52c91975934" }, { "url": "https://git.kernel.org/stable/c/787252a10d9422f3058df9a4821f389e5326c440" } ], "title": "powerpc/smp: do not decrement idle task preempt count in CPU offline", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47454", "datePublished": "2024-05-22T06:19:44.040Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:15.558Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47413
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47413", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:27:34.761405Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:27:45.884Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.295Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b3265b88e83b16c7be762fa5fb7e0632bce0002c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66dd03b10e1c0b2fae006c6e34c18ea8ee033e7b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8253a34bfae3278baca52fc1209b7c29270486ca" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/chipidea/ci_hdrc_imx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b3265b88e83b", "status": "affected", "version": "746f316b753a", "versionType": "git" }, { "lessThan": "66dd03b10e1c", "status": "affected", "version": "746f316b753a", "versionType": "git" }, { "lessThan": "8253a34bfae3", "status": "affected", "version": "746f316b753a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/chipidea/ci_hdrc_imx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: Also search for \u0027phys\u0027 phandle\n\nWhen passing \u0027phys\u0027 in the devicetree to describe the USB PHY phandle\n(which is the recommended way according to\nDocumentation/devicetree/bindings/usb/ci-hdrc-usb2.txt) the\nfollowing NULL pointer dereference is observed on i.MX7 and i.MX8MM:\n\n[ 1.489344] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000098\n[ 1.498170] Mem abort info:\n[ 1.500966] ESR = 0x96000044\n[ 1.504030] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 1.509356] SET = 0, FnV = 0\n[ 1.512416] EA = 0, S1PTW = 0\n[ 1.515569] FSC = 0x04: level 0 translation fault\n[ 1.520458] Data abort info:\n[ 1.523349] ISV = 0, ISS = 0x00000044\n[ 1.527196] CM = 0, WnR = 1\n[ 1.530176] [0000000000000098] user address but active_mm is swapper\n[ 1.536544] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 1.542125] Modules linked in:\n[ 1.545190] CPU: 3 PID: 7 Comm: kworker/u8:0 Not tainted 5.14.0-dirty #3\n[ 1.551901] Hardware name: Kontron i.MX8MM N801X S (DT)\n[ 1.557133] Workqueue: events_unbound deferred_probe_work_func\n[ 1.562984] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO BTYPE=--)\n[ 1.568998] pc : imx7d_charger_detection+0x3f0/0x510\n[ 1.573973] lr : imx7d_charger_detection+0x22c/0x510\n\nThis happens because the charger functions check for the phy presence\ninside the imx_usbmisc_data structure (data-\u003eusb_phy), but the chipidea\ncore populates the usb_phy passed via \u0027phys\u0027 inside \u0027struct ci_hdrc\u0027\n(ci-\u003eusb_phy) instead.\n\nThis causes the NULL pointer dereference inside imx7d_charger_detection().\n\nFix it by also searching for \u0027phys\u0027 in case \u0027fsl,usbphy\u0027 is not found.\n\nTested on a imx7s-warp board." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:25.978Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b3265b88e83b16c7be762fa5fb7e0632bce0002c" }, { "url": "https://git.kernel.org/stable/c/66dd03b10e1c0b2fae006c6e34c18ea8ee033e7b" }, { "url": "https://git.kernel.org/stable/c/8253a34bfae3278baca52fc1209b7c29270486ca" } ], "title": "usb: chipidea: ci_hdrc_imx: Also search for \u0027phys\u0027 phandle", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47413", "datePublished": "2024-05-21T15:04:04.060Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:25.978Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52750
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.774Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/936c9c10efaefaf1ab3ef020e1f8aaaaff1ad2f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef0224ee5399ea8a46bc07dc6c6494961ed5fdd2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bd31e534721ab95ef237020fe6995c899ffdf21a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69e619d2fd056fe1f5d0adf01584f2da669e0d28" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/146a15b873353f8ac28dc281c139ff611a3c4848" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52750", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:19.073827Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:33.056Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/arm64/Kconfig" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d08a1e75253b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "936c9c10efae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ef0224ee5399", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bd31e534721a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "69e619d2fd05", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "146a15b87335", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/arm64/Kconfig" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM\u0027s integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n 34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xec/0x108\n| show_stack+0x18/0x2c\n| dump_stack_lvl+0x50/0x68\n| dump_stack+0x18/0x24\n| panic+0x13c/0x340\n| el1t_64_irq_handler+0x0/0x1c\n| el1_abort+0x0/0x5c\n| el1h_64_sync+0x64/0x68\n| __pi_strcmp+0x1c/0x150\n| unflatten_dt_nodes+0x1e8/0x2d8\n| __unflatten_device_tree+0x5c/0x15c\n| unflatten_device_tree+0x38/0x50\n| setup_arch+0x164/0x1e0\n| start_kernel+0x64/0x38c\n| __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM\u0027s IAS 15.0.0 and newer, which contains the linked\ncommit." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:59.293Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a" }, { "url": "https://git.kernel.org/stable/c/936c9c10efaefaf1ab3ef020e1f8aaaaff1ad2f9" }, { "url": "https://git.kernel.org/stable/c/ef0224ee5399ea8a46bc07dc6c6494961ed5fdd2" }, { "url": "https://git.kernel.org/stable/c/bd31e534721ab95ef237020fe6995c899ffdf21a" }, { "url": "https://git.kernel.org/stable/c/69e619d2fd056fe1f5d0adf01584f2da669e0d28" }, { "url": "https://git.kernel.org/stable/c/146a15b873353f8ac28dc281c139ff611a3c4848" } ], "title": "arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52750", "datePublished": "2024-05-21T15:30:39.564Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:51:59.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52861
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "e0fd83dbe924" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.19" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.63" } ] }, { "cpes": [ "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.12" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.2" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52861", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:51:01.322814Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:59.483Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.979Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/bridge/ite-it66121.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2c80c4f0d284", "status": "affected", "version": "e0fd83dbe924", "versionType": "git" }, { "lessThan": "1669d7b21a66", "status": "affected", "version": "e0fd83dbe924", "versionType": "git" }, { "lessThan": "1374561a7cbc", "status": "affected", "version": "e0fd83dbe924", "versionType": "git" }, { "lessThan": "d0375f6858c4", "status": "affected", "version": "e0fd83dbe924", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/bridge/ite-it66121.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: it66121: Fix invalid connector dereference\n\nFix the NULL pointer dereference when no monitor is connected, and the\nsound card is opened from userspace.\n\nInstead return an empty buffer (of zeroes) as the EDID information to\nthe sound framework if there is no connector attached." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:04.183Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331" }, { "url": "https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc" }, { "url": "https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86" }, { "url": "https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd" } ], "title": "drm: bridge: it66121: Fix invalid connector dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52861", "datePublished": "2024-05-21T15:31:53.904Z", "dateReserved": "2024-05-21T15:19:24.261Z", "dateUpdated": "2024-11-04T14:54:04.183Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-36010
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-36010", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:07:27.450256Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:47:56.678Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T03:30:12.517Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/igb/igb.h", "drivers/net/ethernet/intel/igb/igb_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c56d055893cb", "status": "affected", "version": "1978d3ead82c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/igb/igb.h", "drivers/net/ethernet/intel/igb/igb_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.7" }, { "lessThan": "6.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix string truncation warnings in igb_set_fw_version\n\nCommit 1978d3ead82c (\"intel: fix string truncation warnings\")\nfixes \u0027-Wformat-truncation=\u0027 warnings in igb_main.c by using kasprintf.\n\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning\uff1a\u2018%d\u2019 directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\ndrivers/net/ethernet/intel/igb/igb_main.c:3090:25: note\uff1a\u2018snprintf\u2019 output between 23 and 43 bytes into a destination of size 32\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\n\nFix this warning by using a larger space for adapter-\u003efw_version,\nand then fall back and continue to use snprintf." } ], "providerMetadata": { "dateUpdated": "2024-11-05T09:26:43.679Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc" } ], "title": "igb: Fix string truncation warnings in igb_set_fw_version", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-36010", "datePublished": "2024-05-22T11:46:32.984Z", "dateReserved": "2024-05-17T13:50:33.152Z", "dateUpdated": "2024-11-05T09:26:43.679Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52777
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52777", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T19:02:33.104865Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T19:03:07.955Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.014Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0cf7577b6b31", "status": "affected", "version": "a16d9b50cfba", "versionType": "git" }, { "lessThan": "cf9c7d783a2b", "status": "affected", "version": "a16d9b50cfba", "versionType": "git" }, { "lessThan": "e83246ecd3b1", "status": "affected", "version": "a16d9b50cfba", "versionType": "git" }, { "lessThan": "1dea3c0720a1", "status": "affected", "version": "a16d9b50cfba", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:30.957Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0cf7577b6b3153b4b49deea9719fe43f96469c6d" }, { "url": "https://git.kernel.org/stable/c/cf9c7d783a2bf9305df4ef5b93d9063a52e18fca" }, { "url": "https://git.kernel.org/stable/c/e83246ecd3b193f8d91fce778e8a5ba747fc7d8a" }, { "url": "https://git.kernel.org/stable/c/1dea3c0720a146bd7193969f2847ccfed5be2221" } ], "title": "wifi: ath11k: fix gtk offload status event locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52777", "datePublished": "2024-05-21T15:30:57.598Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:30.957Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47498
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47498", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:07:40.388393Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T13:48:59.332Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.748Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/md/dm-rq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8ca9745efe35", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b4459b11e840", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/md/dm-rq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm rq: don\u0027t queue request to blk-mq during DM suspend\n\nDM uses blk-mq\u0027s quiesce/unquiesce to stop/start device mapper queue.\n\nBut blk-mq\u0027s unquiesce may come from outside events, such as elevator\nswitch, updating nr_requests or others, and request may come during\nsuspend, so simply ask for blk-mq to requeue it.\n\nFixes one kernel panic issue when running updating nr_requests and\ndm-mpath suspend/resume stress test." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:05.512Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351" }, { "url": "https://git.kernel.org/stable/c/b4459b11e84092658fa195a2587aff3b9637f0e7" } ], "title": "dm rq: don\u0027t queue request to blk-mq during DM suspend", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47498", "datePublished": "2024-05-22T08:19:44.803Z", "dateReserved": "2024-05-22T06:20:56.204Z", "dateUpdated": "2024-11-04T12:07:05.512Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52805
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52805", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:20:14.067853Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:11.929Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.055Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cf7e3e84df36a9953796c737f080712f631d7083" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7467ca10a5ff09b0e87edf6c4d2a4bfdee69cf2c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1ba7df5457dc1c1071c5f92ac11323533a6430e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64f062baf202b82f54987a3f614a6c8f3e466641" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c68af2af697ba2ba3b138be0c6d72e2ce3a3d6d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/665b44e55c2767a4f899c3b18f49e9e1c9983777" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1708d0a9917fea579cc9da3d87b154285abd2cd8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/05d9ea1ceb62a55af6727a69269a4fd310edf483" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_imap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2308d0fb0dc3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "cf7e3e84df36", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7467ca10a5ff", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1ba7df5457dc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "64f062baf202", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8c68af2af697", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "665b44e55c27", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1708d0a9917f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "05d9ea1ceb62", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_imap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diAlloc\n\nCurrently there is not check against the agno of the iag while\nallocating new inodes to avoid fragmentation problem. Added the check\nwhich is required." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:03.363Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9" }, { "url": "https://git.kernel.org/stable/c/cf7e3e84df36a9953796c737f080712f631d7083" }, { "url": "https://git.kernel.org/stable/c/7467ca10a5ff09b0e87edf6c4d2a4bfdee69cf2c" }, { "url": "https://git.kernel.org/stable/c/1ba7df5457dc1c1071c5f92ac11323533a6430e1" }, { "url": "https://git.kernel.org/stable/c/64f062baf202b82f54987a3f614a6c8f3e466641" }, { "url": "https://git.kernel.org/stable/c/8c68af2af697ba2ba3b138be0c6d72e2ce3a3d6d" }, { "url": "https://git.kernel.org/stable/c/665b44e55c2767a4f899c3b18f49e9e1c9983777" }, { "url": "https://git.kernel.org/stable/c/1708d0a9917fea579cc9da3d87b154285abd2cd8" }, { "url": "https://git.kernel.org/stable/c/05d9ea1ceb62a55af6727a69269a4fd310edf483" } ], "title": "jfs: fix array-index-out-of-bounds in diAlloc", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52805", "datePublished": "2024-05-21T15:31:16.374Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-04T14:53:03.363Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52811
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52811", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:41:58.046532Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T14:23:46.948Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.895Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/ibmvscsi/ibmvfc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e1d1f79b1929", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "88984ec47927", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d2af4ef80601", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8bbe784c2ff2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b39f2d10b86d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/ibmvscsi/ibmvfc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:10.556Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0" }, { "url": "https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4" }, { "url": "https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8" }, { "url": "https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d" }, { "url": "https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f" } ], "title": "scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52811", "datePublished": "2024-05-21T15:31:20.282Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:10.556Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47461
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47461", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:15:05.306200Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:25.867Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/userfaultfd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3cda4bfffd4f", "status": "affected", "version": "63b2d4174c4a", "versionType": "git" }, { "lessThan": "149958ecd062", "status": "affected", "version": "63b2d4174c4a", "versionType": "git" }, { "lessThan": "cb185d5f1ebf", "status": "affected", "version": "63b2d4174c4a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/userfaultfd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix a race between writeprotect and exit_mmap()\n\nA race is possible when a process exits, its VMAs are removed by\nexit_mmap() and at the same time userfaultfd_writeprotect() is called.\n\nThe race was detected by KASAN on a development kernel, but it appears\nto be possible on vanilla kernels as well.\n\nUse mmget_not_zero() to prevent the race as done in other userfaultfd\noperations." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:23.637Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525" }, { "url": "https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a" }, { "url": "https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca" } ], "title": "userfaultfd: fix a race between writeprotect and exit_mmap()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47461", "datePublished": "2024-05-22T06:23:22.373Z", "dateReserved": "2024-05-22T06:20:56.197Z", "dateUpdated": "2024-11-04T12:06:23.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47445
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47445", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:26:01.524522Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:23.742Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.369Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f175b9a83e5c252d7c74acddc792840016caae0a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bacac7d26849c8e903ceb7466d9ce8dc3c2797eb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0cd063aa0a09822cc1620fc59a67fe2f9f6338ac" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7f642b93710b6b1119bdff90be01e6b5a2a5d669" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f302be08e3de94db8863a0b2958b2bb3e8e998e6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/91a340768b012f5b910a203a805b97a345b3db37" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/46c8ddede0273d1d132beefa9de8b820326982be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2133c4fc8e1348dcb752f267a143fe2254613b34" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/edp/edp_ctrl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f175b9a83e5c", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "bacac7d26849", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "0cd063aa0a09", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "7f642b93710b", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "f302be08e3de", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "91a340768b01", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "46c8ddede027", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" }, { "lessThan": "2133c4fc8e13", "status": "affected", "version": "ab5b0107ccf3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/edp/edp_ctrl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.0" }, { "lessThan": "4.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null pointer dereference on pointer edp\n\nThe initialization of pointer dev dereferences pointer edp before\nedp is null checked, so there is a potential null pointer deference\nissue. Fix this by only dereferencing edp after edp has been null\nchecked.\n\nAddresses-Coverity: (\"Dereference before null check\")" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:02.743Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f175b9a83e5c252d7c74acddc792840016caae0a" }, { "url": "https://git.kernel.org/stable/c/bacac7d26849c8e903ceb7466d9ce8dc3c2797eb" }, { "url": "https://git.kernel.org/stable/c/0cd063aa0a09822cc1620fc59a67fe2f9f6338ac" }, { "url": "https://git.kernel.org/stable/c/7f642b93710b6b1119bdff90be01e6b5a2a5d669" }, { "url": "https://git.kernel.org/stable/c/f302be08e3de94db8863a0b2958b2bb3e8e998e6" }, { "url": "https://git.kernel.org/stable/c/91a340768b012f5b910a203a805b97a345b3db37" }, { "url": "https://git.kernel.org/stable/c/46c8ddede0273d1d132beefa9de8b820326982be" }, { "url": "https://git.kernel.org/stable/c/2133c4fc8e1348dcb752f267a143fe2254613b34" } ], "title": "drm/msm: Fix null pointer dereference on pointer edp", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47445", "datePublished": "2024-05-22T06:19:38.184Z", "dateReserved": "2024-05-21T14:58:30.832Z", "dateUpdated": "2024-11-04T12:06:02.743Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52841
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52841", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:57:18.576854Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:05.969Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.231Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/test-drivers/vidtv/vidtv_mux.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "64863ba8e6b7", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" }, { "lessThan": "980be4c3b0d5", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" }, { "lessThan": "a254ee1ddc59", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" }, { "lessThan": "cb1300141199", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" }, { "lessThan": "aae7598aff29", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" }, { "lessThan": "1fd6eb12642e", "status": "affected", "version": "c2f78f0cb294", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/test-drivers/vidtv/vidtv_mux.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: mux: Add check and kfree for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.\nMoreover, use kfree() in the later error handling in order to avoid\nmemory leak." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:39.761Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/64863ba8e6b7651d994c6e6d506cc8aa2ac45edb" }, { "url": "https://git.kernel.org/stable/c/980be4c3b0d51c0f873fd750117774561c66cf68" }, { "url": "https://git.kernel.org/stable/c/a254ee1ddc592ae1efcce96b8c014e1bd2d5a2b4" }, { "url": "https://git.kernel.org/stable/c/cb13001411999adb158b39e76d94705eb2da100d" }, { "url": "https://git.kernel.org/stable/c/aae7598aff291d4d140be1355aa20930af948785" }, { "url": "https://git.kernel.org/stable/c/1fd6eb12642e0c32692924ff359c07de4b781d78" } ], "title": "media: vidtv: mux: Add check and kfree for kstrdup", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52841", "datePublished": "2024-05-21T15:31:40.529Z", "dateReserved": "2024-05-21T15:19:24.253Z", "dateUpdated": "2024-11-04T14:53:39.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52833
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52833", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T20:52:00.965162Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:07.090Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.958Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/bluetooth/btusb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9f8e4d1a4ca1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f9de14bde56d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a556f2ef556a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0048ddf045bd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "13b1ebad4c17", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "624820f7c882", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/bluetooth/btusb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: Add date-\u003eevt_skb is NULL check\n\nfix crash because of null pointers\n\n[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8\n[ 6104.969667] #PF: supervisor read access in kernel mode\n[ 6104.969668] #PF: error_code(0x0000) - not-present page\n[ 6104.969670] PGD 0 P4D 0\n[ 6104.969673] Oops: 0000 [#1] SMP NOPTI\n[ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]\n[ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246\n[ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006\n[ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000\n[ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001\n[ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0\n[ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90\n[ 6104.969697] FS: 00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000\n[ 6104.969699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0\n[ 6104.969701] PKRU: 55555554\n[ 6104.969702] Call Trace:\n[ 6104.969708] btusb_mtk_shutdown+0x44/0x80 [btusb]\n[ 6104.969732] hci_dev_do_close+0x470/0x5c0 [bluetooth]\n[ 6104.969748] hci_rfkill_set_block+0x56/0xa0 [bluetooth]\n[ 6104.969753] rfkill_set_block+0x92/0x160\n[ 6104.969755] rfkill_fop_write+0x136/0x1e0\n[ 6104.969759] __vfs_write+0x18/0x40\n[ 6104.969761] vfs_write+0xdf/0x1c0\n[ 6104.969763] ksys_write+0xb1/0xe0\n[ 6104.969765] __x64_sys_write+0x1a/0x20\n[ 6104.969769] do_syscall_64+0x51/0x180\n[ 6104.969771] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[ 6104.969773] RIP: 0033:0x7f5a21f18fef\n[ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\n[ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef\n[ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012\n[ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017\n[ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002\n[ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:30.276Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3" }, { "url": "https://git.kernel.org/stable/c/f9de14bde56dcbb0765284c6dfc35842b021733c" }, { "url": "https://git.kernel.org/stable/c/a556f2ef556a04790f67f2fa272f1a77336d15a0" }, { "url": "https://git.kernel.org/stable/c/0048ddf045bddc4dacb3e783fd869a2f8fb5be30" }, { "url": "https://git.kernel.org/stable/c/13b1ebad4c175e6a9b0748acbf133c21a15d282a" }, { "url": "https://git.kernel.org/stable/c/624820f7c8826dd010e8b1963303c145f99816e9" } ], "title": "Bluetooth: btusb: Add date-\u003eevt_skb is NULL check", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52833", "datePublished": "2024-05-21T15:31:34.915Z", "dateReserved": "2024-05-21T15:19:24.252Z", "dateUpdated": "2024-11-04T14:53:30.276Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47496
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.752Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47496", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:52.280096Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:23.659Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/net/tls.h", "net/tls/tls_sw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e0cfd5159f31", "status": "affected", "version": "c46234ebb4d1", "versionType": "git" }, { "lessThan": "f3dec7e7ace3", "status": "affected", "version": "c46234ebb4d1", "versionType": "git" }, { "lessThan": "e41473543f75", "status": "affected", "version": "c46234ebb4d1", "versionType": "git" }, { "lessThan": "da353fac65fe", "status": "affected", "version": "c46234ebb4d1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/net/tls.h", "net/tls/tls_sw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.17" }, { "lessThan": "4.17", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix flipped sign in tls_err_abort() calls\n\nsk-\u003esk_err appears to expect a positive value, a convention that ktls\ndoesn\u0027t always follow and that leads to memory corruption in other code.\nFor instance,\n\n [kworker]\n tls_encrypt_done(..., err=\u003cnegative error from crypto request\u003e)\n tls_err_abort(.., err)\n sk-\u003esk_err = err;\n\n [task]\n splice_from_pipe_feed\n ...\n tls_sw_do_sendpage\n if (sk-\u003esk_err) {\n ret = -sk-\u003esk_err; // ret is positive\n\n splice_from_pipe_feed (continued)\n ret = actor(...) // ret is still positive and interpreted as bytes\n // written, resulting in underflow of buf-\u003elen and\n // sd-\u003elen, leading to huge buf-\u003eoffset and bogus\n // addresses computed in later calls to actor()\n\nFix all tls_err_abort() callers to pass a negative error code\nconsistently and centralize the error-prone sign flip there, throwing in\na warning to catch future misuse and uninlining the function so it\nreally does only warn once." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:03.180Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e0cfd5159f314d6b304d030363650b06a2299cbb" }, { "url": "https://git.kernel.org/stable/c/f3dec7e7ace38224f82cf83f0049159d067c2e19" }, { "url": "https://git.kernel.org/stable/c/e41473543f75f7dbc5d605007e6f883f1bd13b9a" }, { "url": "https://git.kernel.org/stable/c/da353fac65fede6b8b4cfe207f0d9408e3121105" } ], "title": "net/tls: Fix flipped sign in tls_err_abort() calls", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47496", "datePublished": "2024-05-22T08:19:43.489Z", "dateReserved": "2024-05-22T06:20:56.202Z", "dateUpdated": "2024-11-04T12:07:03.180Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47259
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:4.13:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "4.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "476bdb04c501", "status": "affected", "version": "8dcbec6d20eb", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47259", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T16:41:04.603993Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:09.514Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:07.994Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/nfs/nfs4client.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c7eab9e2d7b4", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" }, { "lessThan": "42c10b0db064", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" }, { "lessThan": "3e3c7ebbfac1", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" }, { "lessThan": "c3b6cf64dfe4", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" }, { "lessThan": "72651c6579a2", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" }, { "lessThan": "476bdb04c501", "status": "affected", "version": "8dcbec6d20eb", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/nfs/nfs4client.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.13" }, { "lessThan": "4.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.237", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.195", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.126", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.44", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.11", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix use-after-free in nfs4_init_client()\n\nKASAN reports a use-after-free when attempting to mount two different\nexports through two different NICs that belong to the same server.\n\nOlga was able to hit this with kernels starting somewhere between 5.7\nand 5.10, but I traced the patch that introduced the clear_bit() call to\n4.13. So something must have changed in the refcounting of the clp\npointer to make this call to nfs_put_client() the very last one." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:02:28.785Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897" }, { "url": "https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c" }, { "url": "https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15" }, { "url": "https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7" }, { "url": "https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab" }, { "url": "https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577" } ], "title": "NFS: Fix use-after-free in nfs4_init_client()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47259", "datePublished": "2024-05-21T14:19:52.738Z", "dateReserved": "2024-05-21T13:27:52.125Z", "dateUpdated": "2024-11-04T12:02:28.785Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47433
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47433", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:56:43.265826Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:57:31.785Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.455Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/btrfs/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0e32a2b85c7d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0e309e1152fc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4afb912f439c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/btrfs/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix abort logic in btrfs_replace_file_extents\n\nError injection testing uncovered a case where we\u0027d end up with a\ncorrupt file system with a missing extent in the middle of a file. This\noccurs because the if statement to decide if we should abort is wrong.\n\nThe only way we would abort in this case is if we got a ret !=\n-EOPNOTSUPP and we called from the file clone code. However the\nprealloc code uses this path too. Instead we need to abort if there is\nan error, and the only error we _don\u0027t_ abort on is -EOPNOTSUPP and only\nif we came from the clone file code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:49.359Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378" }, { "url": "https://git.kernel.org/stable/c/0e309e1152fc34ef75991d9d69b165dbf75bf26c" }, { "url": "https://git.kernel.org/stable/c/4afb912f439c4bc4e6a4f3e7547f2e69e354108f" } ], "title": "btrfs: fix abort logic in btrfs_replace_file_extents", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47433", "datePublished": "2024-05-22T06:19:30.244Z", "dateReserved": "2024-05-21T14:58:30.830Z", "dateUpdated": "2024-11-04T12:05:49.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52765
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "e9c11c6e3a0e" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "6.0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.64" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "\t6.6.3" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52765", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:48:20.655650Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:23.227Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.927Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/db98de0809f12b0edb9cd1be78e1ec1bfeba8f40" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4ce77b023d42a9f1062eecf438df1af4b4072eb2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/affae18838db5e6b463ee30c821385695af56dc2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b439aaa62fee474a0d84d67a25f4984467e7b95" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/mfd/qcom-spmi-pmic.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "db98de0809f1", "status": "affected", "version": "e9c11c6e3a0e", "versionType": "git" }, { "lessThan": "4ce77b023d42", "status": "affected", "version": "e9c11c6e3a0e", "versionType": "git" }, { "lessThan": "affae18838db", "status": "affected", "version": "e9c11c6e3a0e", "versionType": "git" }, { "lessThan": "7b439aaa62fe", "status": "affected", "version": "e9c11c6e3a0e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/mfd/qcom-spmi-pmic.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: qcom-spmi-pmic: Fix revid implementation\n\nThe Qualcomm SPMI PMIC revid implementation is broken in multiple ways.\n\nFirst, it assumes that just because the sibling base device has been\nregistered that means that it is also bound to a driver, which may not\nbe the case (e.g. due to probe deferral or asynchronous probe). This\ncould trigger a NULL-pointer dereference when attempting to access the\ndriver data of the unbound device.\n\nSecond, it accesses driver data of a sibling device directly and without\nany locking, which means that the driver data may be freed while it is\nbeing accessed (e.g. on driver unbind).\n\nThird, it leaks a struct device reference to the sibling device which is\nlooked up using the spmi_device_from_of() every time a function (child)\ndevice is calling the revid function (e.g. on probe).\n\nFix this mess by reimplementing the revid lookup so that it is done only\nat probe of the PMIC device; the base device fetches the revid info from\nthe hardware, while any secondary SPMI device fetches the information\nfrom the base device and caches it so that it can be accessed safely\nfrom its children. If the base device has not been probed yet then probe\nof a secondary device is deferred." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:15.795Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/db98de0809f12b0edb9cd1be78e1ec1bfeba8f40" }, { "url": "https://git.kernel.org/stable/c/4ce77b023d42a9f1062eecf438df1af4b4072eb2" }, { "url": "https://git.kernel.org/stable/c/affae18838db5e6b463ee30c821385695af56dc2" }, { "url": "https://git.kernel.org/stable/c/7b439aaa62fee474a0d84d67a25f4984467e7b95" } ], "title": "mfd: qcom-spmi-pmic: Fix revid implementation", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52765", "datePublished": "2024-05-21T15:30:49.690Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:15.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47467
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47467", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:53:40.956714Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T15:29:17.938Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "lib/kunit/executor_test.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bbdd158b40b6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f62314b1ced2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "lib/kunit/executor_test.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit: fix reference count leak in kfree_at_end\n\nThe reference counting issue happens in the normal path of\nkfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the\nfunction forgets to handle the returned resource object, whose refcount\nincreased inside, causing a refcount leak.\n\nFix this issue by calling kunit_alloc_resource() instead of\nkunit_alloc_and_get_resource().\n\nFixed the following when applying:\nShuah Khan \u003cskhan@linuxfoundation.org\u003e\n\nCHECK: Alignment should match open parenthesis\n+\tkunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL,\n \t\t\t\t (void *)to_free);" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:30.762Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446" }, { "url": "https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf" } ], "title": "kunit: fix reference count leak in kfree_at_end", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47467", "datePublished": "2024-05-22T06:23:26.324Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-05T15:29:17.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52866
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52866", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:53:04.832614Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:47.041Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.045Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/hid-uclogic-params-test.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "64da1f6147da", "status": "affected", "version": "a251d6576d2a", "versionType": "git" }, { "lessThan": "6c8f953728d7", "status": "affected", "version": "a251d6576d2a", "versionType": "git" }, { "lessThan": "91cfe0bbaa1c", "status": "affected", "version": "a251d6576d2a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/hid-uclogic-params-test.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()\n\nWhen CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and\nthen the below user-memory-access bug occurs.\n\nIn hid_test_uclogic_params_cleanup_event_hooks(),it call\nuclogic_params_ugee_v2_init_event_hooks() with the first arg=NULL, so\nwhen it calls uclogic_params_ugee_v2_has_battery(), the hid_get_drvdata()\nwill access hdev-\u003edev with hdev=NULL, which will cause below\nuser-memory-access.\n\nSo add a fake_device with quirks member and call hid_set_drvdata()\nto assign hdev-\u003edev-\u003edriver_data which avoids the null-ptr-def bug\nfor drvdata-\u003equirks in uclogic_params_ugee_v2_has_battery(). After applying\nthis patch, the below user-memory-access bug never occurs.\n\n general protection fault, probably for non-canonical address 0xdffffc0000000329: 0000 [#1] PREEMPT SMP KASAN\n KASAN: probably user-memory-access in range [0x0000000000001948-0x000000000000194f]\n CPU: 5 PID: 2189 Comm: kunit_try_catch Tainted: G B W N 6.6.0-rc2+ #30\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS: 0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: ffffffff8fdd6cf5 DR2: ffffffff8fdd6cf6\n DR3: ffffffff8fdd6cf7 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n ? sched_clock_cpu+0x69/0x550\n ? uclogic_parse_ugee_v2_desc_gen_params+0x70/0x70\n ? load_balance+0x2950/0x2950\n ? rcu_trc_cmpxchg_need_qs+0x67/0xa0\n hid_test_uclogic_params_cleanup_event_hooks+0x9e/0x1a0\n ? uclogic_params_ugee_v2_init_event_hooks+0x600/0x600\n ? __switch_to+0x5cf/0xe60\n ? migrate_enable+0x260/0x260\n ? __kthread_parkme+0x83/0x150\n ? kunit_try_run_case_cleanup+0xe0/0xe0\n kunit_generic_run_threadfn_adapter+0x4a/0x90\n ? kunit_try_catch_throw+0x80/0x80\n kthread+0x2b5/0x380\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n Modules linked in:\n Dumping ftrace buffer:\n (ftrace buffer empty)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS: 0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: \n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:10.609Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8" }, { "url": "https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a" }, { "url": "https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6" } ], "title": "HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52866", "datePublished": "2024-05-21T15:31:57.191Z", "dateReserved": "2024-05-21T15:19:24.262Z", "dateUpdated": "2024-11-04T14:54:10.609Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52772
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.836Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52772", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:59.720971Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:30.543Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/unix/af_unix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "75bcfc188abf", "status": "affected", "version": "876c14ad014d", "versionType": "git" }, { "lessThan": "d179189eec42", "status": "affected", "version": "876c14ad014d", "versionType": "git" }, { "lessThan": "eae0b295ce16", "status": "affected", "version": "876c14ad014d", "versionType": "git" }, { "lessThan": "069a3ec329ff", "status": "affected", "version": "876c14ad014d", "versionType": "git" }, { "lessThan": "4b7b492615cf", "status": "affected", "version": "876c14ad014d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/unix/af_unix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u-\u003eoob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n\u003c/TASK\u003e\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:24.307Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/75bcfc188abf4fae9c1d5f5dc0a03540be602eef" }, { "url": "https://git.kernel.org/stable/c/d179189eec426fe4801e4b91efa1889faed12700" }, { "url": "https://git.kernel.org/stable/c/eae0b295ce16d8c8b4114c3037993191b4bb92f0" }, { "url": "https://git.kernel.org/stable/c/069a3ec329ff43e7869a3d94c62cd03203016bce" }, { "url": "https://git.kernel.org/stable/c/4b7b492615cf3017190f55444f7016812b66611d" } ], "title": "af_unix: fix use-after-free in unix_stream_read_actor()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52772", "datePublished": "2024-05-21T15:30:54.292Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:24.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52860
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52860", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:33:12.246594Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:19.278Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.033Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/perf/hisilicon/hns3_pmu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4589403a343b", "status": "affected", "version": "66637ab137b4", "versionType": "git" }, { "lessThan": "3f5827371763", "status": "affected", "version": "66637ab137b4", "versionType": "git" }, { "lessThan": "d04ff5437a45", "status": "affected", "version": "66637ab137b4", "versionType": "git" }, { "lessThan": "50b560783f7f", "status": "affected", "version": "66637ab137b4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/perf/hisilicon/hns3_pmu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process\n\nWhen tearing down a \u0027hisi_hns3\u0027 PMU, we mistakenly run the CPU hotplug\ncallbacks after the device has been unregistered, leading to fireworks\nwhen we try to execute empty function callbacks within the driver:\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-rc4+ #1\n | Hardware name: , BIOS KpxxxFPGA 1P B600 V143 04/22/2021\n | pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n | pc : perf_pmu_migrate_context+0x98/0x38c\n | lr : perf_pmu_migrate_context+0x94/0x38c\n |\n | Call trace:\n | perf_pmu_migrate_context+0x98/0x38c\n | hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu]\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been unregistered.\n\n[will: Rewrote commit message]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:02.941Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a" }, { "url": "https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0" }, { "url": "https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f" }, { "url": "https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1" } ], "title": "drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52860", "datePublished": "2024-05-21T15:31:53.194Z", "dateReserved": "2024-05-21T15:19:24.261Z", "dateUpdated": "2024-11-04T14:54:02.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52815
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52815", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:24:04.849816Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:38.588Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.678Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "eaa03ea366c8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "33fb1a555354", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8c6c85a07376", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "70f831f21155", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "cd90511557fd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vkms: fix a possible null pointer dereference\n\nIn amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_cvt_mode(). Add a check to avoid null pointer\ndereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:15.223Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27" }, { "url": "https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f" }, { "url": "https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34" }, { "url": "https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a" }, { "url": "https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c" } ], "title": "drm/amdgpu/vkms: fix a possible null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52815", "datePublished": "2024-05-21T15:31:22.918Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:15.223Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47480
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.500Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47480", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:02.036772Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.299Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/scsi.c", "drivers/scsi/scsi_sysfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1105573d964f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8e4814a46178", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "61a0faa89f21", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c2df161f69fb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1ce287eff9f2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7b57c38d12ae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f30822c0b4c3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f2b85040acec", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/scsi.c", "drivers/scsi/scsi_sysfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.216", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.158", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.78", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.17", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:44.875Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813" }, { "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428" }, { "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee" }, { "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0" }, { "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b" }, { "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f" }, { "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836" }, { "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f" } ], "title": "scsi: core: Put LLD module refcnt after SCSI device is released", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47480", "datePublished": "2024-05-22T08:19:32.839Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:44.875Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52780
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52780", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:55.897084Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:20.654Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.011Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/00768b3e90e648227eaa959d9d279f5e32823df1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/230dc06e2495487d88b3410da055bb618febb19b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2b0e99072654edd601d05c0061a20337af5008ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/mvneta.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "00768b3e90e6", "status": "affected", "version": "b3fc79225f05", "versionType": "git" }, { "lessThan": "230dc06e2495", "status": "affected", "version": "b3fc79225f05", "versionType": "git" }, { "lessThan": "2b0e99072654", "status": "affected", "version": "b3fc79225f05", "versionType": "git" }, { "lessThan": "ca8add922f9c", "status": "affected", "version": "b3fc79225f05", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/mvneta.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvneta: fix calls to page_pool_get_stats\n\nCalling page_pool_get_stats in the mvneta driver without checks\nleads to kernel crashes.\nFirst the page pool is only available if the bm is not used.\nThe page pool is also not allocated when the port is stopped.\nIt can also be not allocated in case of errors.\n\nThe current implementation leads to the following crash calling\nethstats on a port that is down or when calling it at the wrong moment:\n\nble to handle kernel NULL pointer dereference at virtual address 00000070\n[00000070] *pgd=00000000\nInternal error: Oops: 5 [#1] SMP ARM\nHardware name: Marvell Armada 380/385 (Device Tree)\nPC is at page_pool_get_stats+0x18/0x1cc\nLR is at mvneta_ethtool_get_stats+0xa0/0xe0 [mvneta]\npc : [\u003cc0b413cc\u003e] lr : [\u003cbf0a98d8\u003e] psr: a0000013\nsp : f1439d48 ip : f1439dc0 fp : 0000001d\nr10: 00000100 r9 : c4816b80 r8 : f0d75150\nr7 : bf0b400c r6 : c238f000 r5 : 00000000 r4 : f1439d68\nr3 : c2091040 r2 : ffffffd8 r1 : f1439d68 r0 : 00000000\nFlags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 10c5387d Table: 066b004a DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r2 information: non-paged memory\nRegister r3 information: slab kmalloc-2k start c2091000 pointer offset 64 size 2048\nRegister r4 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r5 information: NULL pointer\nRegister r6 information: slab kmalloc-cg-4k start c238f000 pointer offset 0 size 4096\nRegister r7 information: 15-page vmalloc region starting at 0xbf0a8000 allocated at load_module+0xa30/0x219c\nRegister r8 information: 1-page vmalloc region starting at 0xf0d75000 allocated at ethtool_get_stats+0x138/0x208\nRegister r9 information: slab task_struct start c4816b80 pointer offset 0\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nProcess snmpd (pid: 733, stack limit = 0x38de3a88)\nStack: (0xf1439d48 to 0xf143a000)\n9d40: 000000c0 00000001 c238f000 bf0b400c f0d75150 c4816b80\n9d60: 00000100 bf0a98d8 00000000 00000000 00000000 00000000 00000000 00000000\n9d80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9da0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9dc0: 00000dc0 5335509c 00000035 c238f000 bf0b2214 01067f50 f0d75000 c0b9b9c8\n9de0: 0000001d 00000035 c2212094 5335509c c4816b80 c238f000 c5ad6e00 01067f50\n9e00: c1b0be80 c4816b80 00014813 c0b9d7f0 00000000 00000000 0000001d 0000001d\n9e20: 00000000 00001200 00000000 00000000 c216ed90 c73943b8 00000000 00000000\n9e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9e60: 00000000 c0ad9034 00000000 00000000 00000000 00000000 00000000 00000000\n9e80: 00000000 00000000 00000000 5335509c c1b0be80 f1439ee4 00008946 c1b0be80\n9ea0: 01067f50 f1439ee3 00000000 00000046 b6d77ae0 c0b383f0 00008946 becc83e8\n9ec0: c1b0be80 00000051 0000000b c68ca480 c7172d00 c0ad8ff0 f1439ee3 cf600e40\n9ee0: 01600e40 32687465 00000000 00000000 00000000 01067f50 00000000 00000000\n9f00: 00000000 5335509c 00008946 00008946 00000000 c68ca480 becc83e8 c05e2de0\n9f20: f1439fb0 c03002f0 00000006 5ac3c35a c4816b80 00000006 b6d77ae0 c030caf0\n9f40: c4817350 00000014 f1439e1c 0000000c 00000000 00000051 01000000 00000014\n9f60: 00003fec f1439edc 00000001 c0372abc b6d77ae0 c0372abc cf600e40 5335509c\n9f80: c21e6800 01015c9c 0000000b 00008946 00000036 c03002f0 c4816b80 00000036\n9fa0: b6d77ae0 c03000c0 01015c9c 0000000b 0000000b 00008946 becc83e8 00000000\n9fc0: 01015c9c 0000000b 00008946 00000036 00000035 010678a0 b6d797ec b6d77ae0\n9fe0: b6dbf738 becc838c b6d186d7 b6baa858 40000030 0000000b 00000000 00000000\n page_pool_get_s\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:35.316Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/00768b3e90e648227eaa959d9d279f5e32823df1" }, { "url": "https://git.kernel.org/stable/c/230dc06e2495487d88b3410da055bb618febb19b" }, { "url": "https://git.kernel.org/stable/c/2b0e99072654edd601d05c0061a20337af5008ba" }, { "url": "https://git.kernel.org/stable/c/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed" } ], "title": "net: mvneta: fix calls to page_pool_get_stats", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52780", "datePublished": "2024-05-21T15:30:59.557Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:35.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47335
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47335", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:39:39.785256Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:03.198Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/86786603014e0a22d0d6af8e80ae4b8687927048" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79fa5d944c875711253a23b8155b36883c696409" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e472b276a0d2180808009be38105e12754432e2a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cad83c968c2ebe97905f900326988ed37146c347" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/f2fs/f2fs.h", "fs/f2fs/recovery.c", "fs/f2fs/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "86786603014e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "79fa5d944c87", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e472b276a0d2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "cad83c968c2e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/f2fs/f2fs.h", "fs/f2fs/recovery.c", "fs/f2fs/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.51", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.18", "versionType": "semver" }, { "lessThanOrEqual": "5.13.*", "status": "unaffected", "version": "5.13.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances\n\nAs syzbot reported, there is an use-after-free issue during f2fs recovery:\n\nUse-after-free write at 0xffff88823bc16040 (in kfence-#10):\n kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486\n f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869\n f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945\n mount_bdev+0x26c/0x3a0 fs/super.c:1367\n legacy_get_tree+0xea/0x180 fs/fs_context.c:592\n vfs_get_tree+0x86/0x270 fs/super.c:1497\n do_new_mount fs/namespace.c:2905 [inline]\n path_mount+0x196f/0x2be0 fs/namespace.c:3235\n do_mount fs/namespace.c:3248 [inline]\n __do_sys_mount fs/namespace.c:3456 [inline]\n __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3433\n do_syscall_64+0x3f/0xb0 arch/x86/entry/common.c:47\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe root cause is multi f2fs filesystem instances can race on accessing\nglobal fsync_entry_slab pointer, result in use-after-free issue of slab\ncache, fixes to init/destroy this slab cache only once during module\ninit/destroy procedure to avoid this issue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:03:54.513Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/86786603014e0a22d0d6af8e80ae4b8687927048" }, { "url": "https://git.kernel.org/stable/c/79fa5d944c875711253a23b8155b36883c696409" }, { "url": "https://git.kernel.org/stable/c/e472b276a0d2180808009be38105e12754432e2a" }, { "url": "https://git.kernel.org/stable/c/cad83c968c2ebe97905f900326988ed37146c347" } ], "title": "f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47335", "datePublished": "2024-05-21T14:35:45.093Z", "dateReserved": "2024-05-21T14:28:16.977Z", "dateUpdated": "2024-11-04T12:03:54.513Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47477
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47477", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:50:06.158354Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T19:35:17.051Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.539Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/dt9812.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a6af69768d5c", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "365a346cda82", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "8a52bc480992", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "39ea61037ae7", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "3efb7af8ac43", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "786f5b034504", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "3ac273d154d6", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "20cebb8b620d", "status": "affected", "version": "63274cd7d38a", "versionType": "git" }, { "lessThan": "536de747bc48", "status": "affected", "version": "63274cd7d38a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/dt9812.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.29" }, { "lessThan": "2.6.29", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.217", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.159", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: dt9812: fix DMA buffers on stack\n\nUSB transfer buffers are typically mapped for DMA and must not be\nallocated on the stack or transfers will fail.\n\nAllocate proper transfer buffers in the various command helpers and\nreturn an error on short transfers instead of acting on random stack\ndata.\n\nNote that this also fixes a stack info leak on systems where DMA is not\nused as 32 bytes are always sent to the device regardless of how short\nthe command is." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:41.342Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723" }, { "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2" }, { "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97" }, { "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3" }, { "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe" }, { "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6" }, { "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed" }, { "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e" }, { "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3" } ], "title": "comedi: dt9812: fix DMA buffers on stack", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47477", "datePublished": "2024-05-22T08:19:30.860Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-06T19:35:17.051Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52821
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52821", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:23:25.064464Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:17.869Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.064Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/panel/panel-arm-versatile.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c7dc0aca5962", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2381f6b628b3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "79813cd59398", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4fa930ba046d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8a9dd36fcb4f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "924e5814d1f8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/panel/panel-arm-versatile.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:21.146Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1" }, { "url": "https://git.kernel.org/stable/c/2381f6b628b3214f07375e0adf5ce17093c31190" }, { "url": "https://git.kernel.org/stable/c/79813cd59398015867d51e6d7dcc14d287d4c402" }, { "url": "https://git.kernel.org/stable/c/4fa930ba046d20fc1899770396ee11e905fa96e4" }, { "url": "https://git.kernel.org/stable/c/8a9dd36fcb4f3906982b82593393578db4479992" }, { "url": "https://git.kernel.org/stable/c/924e5814d1f84e6fa5cb19c6eceb69f066225229" } ], "title": "drm/panel: fix a possible null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52821", "datePublished": "2024-05-21T15:31:26.888Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-11-04T14:53:21.146Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47481
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47481", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:54:35.854704Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:54:46.226Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.754Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/mlx5/mr.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5f6995295f65", "status": "affected", "version": "a639e66703ee", "versionType": "git" }, { "lessThan": "5508546631a0", "status": "affected", "version": "a639e66703ee", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/mlx5/mr.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize the ODP xarray when creating an ODP MR\n\nNormally the zero fill would hide the missing initialization, but an\nerrant set to desc_size in reg_create() causes a crash:\n\n BUG: unable to handle page fault for address: 0000000800000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP PTI\n CPU: 5 PID: 890 Comm: ib_write_bw Not tainted 5.15.0-rc4+ #47\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5_ib_dereg_mr+0x14/0x3b0 [mlx5_ib]\n Code: 48 63 cd 4c 89 f7 48 89 0c 24 e8 37 30 03 e1 48 8b 0c 24 eb a0 90 0f 1f 44 00 00 41 56 41 55 41 54 55 53 48 89 fb 48 83 ec 30 \u003c48\u003e 8b 2f 65 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 8b 87 c8\n RSP: 0018:ffff88811afa3a60 EFLAGS: 00010286\n RAX: 000000000000001c RBX: 0000000800000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000800000000\n RBP: 0000000800000000 R08: 0000000000000000 R09: c0000000fffff7ff\n R10: ffff88811afa38f8 R11: ffff88811afa38f0 R12: ffffffffa02c7ac0\n R13: 0000000000000000 R14: ffff88811afa3cd8 R15: ffff88810772fa00\n FS: 00007f47b9080740(0000) GS:ffff88852cd40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000800000000 CR3: 000000010761e003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n mlx5_ib_free_odp_mr+0x95/0xc0 [mlx5_ib]\n mlx5_ib_dereg_mr+0x128/0x3b0 [mlx5_ib]\n ib_dereg_mr_user+0x45/0xb0 [ib_core]\n ? xas_load+0x8/0x80\n destroy_hw_idr_uobject+0x1a/0x50 [ib_uverbs]\n uverbs_destroy_uobject+0x2f/0x150 [ib_uverbs]\n uobj_destroy+0x3c/0x70 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x467/0xb00 [ib_uverbs]\n ? uverbs_finalize_object+0x60/0x60 [ib_uverbs]\n ? ttwu_queue_wakelist+0xa9/0xe0\n ? pty_write+0x85/0x90\n ? file_tty_write.isra.33+0x214/0x330\n ? process_echoes+0x60/0x60\n ib_uverbs_ioctl+0xa7/0x110 [ib_uverbs]\n __x64_sys_ioctl+0x10d/0x8e0\n ? vfs_write+0x17f/0x260\n do_syscall_64+0x3c/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nAdd the missing xarray initialization and remove the desc_size set." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:46.058Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5f6995295f65d1ee6f36d466d26afd98eb797afe" }, { "url": "https://git.kernel.org/stable/c/5508546631a0f555d7088203dec2614e41b5106e" } ], "title": "RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47481", "datePublished": "2024-05-22T08:19:33.512Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:46.058Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47483
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.752Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47483", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:58.617398Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.194Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/base/regmap/regcache-rbtree.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e72dce9afbdb", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "fc081477b47d", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "758ced2c3878", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "3dae1a4eced3", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "1cead23c1c0b", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "36e911a16b37", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "50cc1462a668", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" }, { "lessThan": "55e6d8037805", "status": "affected", "version": "3f4ff561bc88", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/base/regmap/regcache-rbtree.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.12" }, { "lessThan": "3.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.291", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.289", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.254", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.215", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: Fix possible double-free in regcache_rbtree_exit()\n\nIn regcache_rbtree_insert_to_block(), when \u0027present\u0027 realloc failed,\nthe \u0027blk\u0027 which is supposed to assign to \u0027rbnode-\u003eblock\u0027 will be freed,\nso \u0027rbnode-\u003eblock\u0027 points a freed memory, in the error handling path of\nregcache_rbtree_init(), \u0027rbnode-\u003eblock\u0027 will be freed again in\nregcache_rbtree_exit(), KASAN will report double-free as follows:\n\nBUG: KASAN: double-free or invalid-free in kfree+0xce/0x390\nCall Trace:\n slab_free_freelist_hook+0x10d/0x240\n kfree+0xce/0x390\n regcache_rbtree_exit+0x15d/0x1a0\n regcache_rbtree_init+0x224/0x2c0\n regcache_init+0x88d/0x1310\n __regmap_init+0x3151/0x4a80\n __devm_regmap_init+0x7d/0x100\n madera_spi_probe+0x10f/0x333 [madera_spi]\n spi_probe+0x183/0x210\n really_probe+0x285/0xc30\n\nTo fix this, moving up the assignment of rbnode-\u003eblock to immediately after\nthe reallocation has succeeded so that the data structure stays valid even\nif the second reallocation fails." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:48.365Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e72dce9afbdbfa70d9b44f5908a50ff6c4858999" }, { "url": "https://git.kernel.org/stable/c/fc081477b47dfc3a6cb50a96087fc29674013fc2" }, { "url": "https://git.kernel.org/stable/c/758ced2c3878ff789801e6fee808e185c5cf08d6" }, { "url": "https://git.kernel.org/stable/c/3dae1a4eced3ee733d7222e69b8a55caf2d61091" }, { "url": "https://git.kernel.org/stable/c/1cead23c1c0bc766dacb900a3b0269f651ad596f" }, { "url": "https://git.kernel.org/stable/c/36e911a16b377bde0ad91a8c679069d0d310b1a6" }, { "url": "https://git.kernel.org/stable/c/50cc1462a668dc62949a1127388bc3af785ce047" }, { "url": "https://git.kernel.org/stable/c/55e6d8037805b3400096d621091dfbf713f97e83" } ], "title": "regmap: Fix possible double-free in regcache_rbtree_exit()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47483", "datePublished": "2024-05-22T08:19:34.852Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:48.365Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52741
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52741", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:46:03.268177Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:17.508Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.667Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2b693fe3f760c87fd9768e759f6297f743a1b3b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d1fba1e096ffc7ec11df863a97c50203c47315b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3684a2f6affa1ca52a5d4a12f04d0652efdee65e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aa5465aeca3c66fecdf7efcf554aed79b4c4b211" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/cifs/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2b693fe3f760", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d1fba1e096ff", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "3684a2f6affa", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "aa5465aeca3c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/cifs/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix use-after-free in rdata-\u003eread_into_pages()\n\nWhen the network status is unstable, use-after-free may occur when\nread data from the server.\n\n BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0\n\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x38/0x4c\n print_report+0x16f/0x4a6\n kasan_report+0xb7/0x130\n readpages_fill_pages+0x14c/0x7e0\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n\n Allocated by task 2535:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x82/0x90\n cifs_readdata_direct_alloc+0x2c/0x110\n cifs_readdata_alloc+0x2d/0x60\n cifs_readahead+0x393/0xfe0\n read_pages+0x12f/0x470\n page_cache_ra_unbounded+0x1b1/0x240\n filemap_get_pages+0x1c8/0x9a0\n filemap_read+0x1c0/0x540\n cifs_strict_readv+0x21b/0x240\n vfs_read+0x395/0x4b0\n ksys_read+0xb8/0x150\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 79:\n kasan_save_stack+0x22/0x50\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2e/0x50\n __kasan_slab_free+0x10e/0x1a0\n __kmem_cache_free+0x7a/0x1a0\n cifs_readdata_release+0x49/0x60\n process_one_work+0x46c/0x760\n worker_thread+0x2a4/0x6f0\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\n Last potentially related work creation:\n kasan_save_stack+0x22/0x50\n __kasan_record_aux_stack+0x95/0xb0\n insert_work+0x2b/0x130\n __queue_work+0x1fe/0x660\n queue_work_on+0x4b/0x60\n smb2_readv_callback+0x396/0x800\n cifs_abort_connection+0x474/0x6a0\n cifs_reconnect+0x5cb/0xa50\n cifs_readv_from_socket.cold+0x22/0x6c\n cifs_read_page_from_socket+0xc1/0x100\n readpages_fill_pages.cold+0x2f/0x46\n cifs_readv_receive+0x46d/0xa40\n cifs_demultiplex_thread+0x121c/0x1490\n kthread+0x16b/0x1a0\n ret_from_fork+0x2c/0x50\n\nThe following function calls will cause UAF of the rdata pointer.\n\nreadpages_fill_pages\n cifs_read_page_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n __cifs_reconnect\n cifs_abort_connection\n mid-\u003ecallback() --\u003e smb2_readv_callback\n queue_work(\u0026rdata-\u003ework) # if the worker completes first,\n # the rdata is freed\n cifs_readv_complete\n kref_put\n cifs_readdata_release\n kfree(rdata)\n return rdata-\u003e... # UAF in readpages_fill_pages()\n\nSimilarly, this problem also occurs in the uncache_fill_pages().\n\nFix this by adjusts the order of condition judgment in the return\nstatement." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:48.728Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2b693fe3f760c87fd9768e759f6297f743a1b3b0" }, { "url": "https://git.kernel.org/stable/c/d1fba1e096ffc7ec11df863a97c50203c47315b9" }, { "url": "https://git.kernel.org/stable/c/3684a2f6affa1ca52a5d4a12f04d0652efdee65e" }, { "url": "https://git.kernel.org/stable/c/aa5465aeca3c66fecdf7efcf554aed79b4c4b211" } ], "title": "cifs: Fix use-after-free in rdata-\u003eread_into_pages()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52741", "datePublished": "2024-05-21T15:23:03.867Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:48.728Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47491
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47491", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:42:55.199651Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:59.526Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.599Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "mm/khugepaged.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6d67b2a73b8e", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" }, { "lessThan": "5fcb6fce74ff", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" }, { "lessThan": "a4aeaa06d45e", "status": "affected", "version": "99cb0dbd47a1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "mm/khugepaged.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.78", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC. The intended usecase is to avoid TLB\nmisses for large text segments. But it doesn\u0027t restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission. This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:56.684Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8" }, { "url": "https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9" }, { "url": "https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733" } ], "title": "mm: khugepaged: skip huge page collapse for special files", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47491", "datePublished": "2024-05-22T08:19:40.101Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:56.684Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47463
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47463", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:54:35.234529Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:47.455Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.505Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/linux/secretmem.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b77ba1e02345", "status": "affected", "version": "1507f51255c9", "versionType": "git" }, { "lessThan": "79f9bc584314", "status": "affected", "version": "1507f51255c9", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/linux/secretmem.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix NULL page-\u003emapping dereference in page_is_secretmem()\n\nCheck for a NULL page-\u003emapping before dereferencing the mapping in\npage_is_secretmem(), as the page\u0027s mapping can be nullified while gup()\nis running, e.g. by reclaim or truncation.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000068\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 6 PID: 4173897 Comm: CPU 3/KVM Tainted: G W\n RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0\n Code: \u003c48\u003e 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be\n RSP: 0018:ffffaa90087679b0 EFLAGS: 00010046\n RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffe3f37905b900\n ...\n CR2: 0000000000000068 CR3: 00000004c5898003 CR4: 00000000001726e0\n Call Trace:\n get_user_pages_fast_only+0x13/0x20\n hva_to_pfn+0xa9/0x3e0\n try_async_pf+0xa1/0x270\n direct_page_fault+0x113/0xad0\n kvm_mmu_page_fault+0x69/0x680\n vmx_handle_exit+0xe1/0x5d0\n kvm_arch_vcpu_ioctl_run+0xd81/0x1c70\n kvm_vcpu_ioctl+0x267/0x670\n __x64_sys_ioctl+0x83/0xa0\n do_syscall_64+0x56/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:25.964Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767" }, { "url": "https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20" } ], "title": "mm/secretmem: fix NULL page-\u003emapping dereference in page_is_secretmem()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47463", "datePublished": "2024-05-22T06:23:23.688Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-04T12:06:25.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47414
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47414", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:52:58.625321Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:41.022Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.118Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/427faa29e06f0709476ea1bd59758f997ec8b64e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1c7aa87c423e765e3862349c2f095fdfccdd9b3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb8958d5dc79acbd071397abb57b8756375fe1ce" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/riscv/mm/cacheflush.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "427faa29e06f", "status": "affected", "version": "fab957c11efe", "versionType": "git" }, { "lessThan": "f1c7aa87c423", "status": "affected", "version": "fab957c11efe", "versionType": "git" }, { "lessThan": "bb8958d5dc79", "status": "affected", "version": "fab957c11efe", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/riscv/mm/cacheflush.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Flush current cpu icache before other cpus\n\nOn SiFive Unmatched, I recently fell onto the following BUG when booting:\n\n[ 0.000000] ftrace: allocating 36610 entries in 144 pages\n[ 0.000000] Oops - illegal instruction [#1]\n[ 0.000000] Modules linked in:\n[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.13.1+ #5\n[ 0.000000] Hardware name: SiFive HiFive Unmatched A00 (DT)\n[ 0.000000] epc : riscv_cpuid_to_hartid_mask+0x6/0xae\n[ 0.000000] ra : __sbi_rfence_v02+0xc8/0x10a\n[ 0.000000] epc : ffffffff80007240 ra : ffffffff80009964 sp : ffffffff81803e10\n[ 0.000000] gp : ffffffff81a1ea70 tp : ffffffff8180f500 t0 : ffffffe07fe30000\n[ 0.000000] t1 : 0000000000000004 t2 : 0000000000000000 s0 : ffffffff81803e60\n[ 0.000000] s1 : 0000000000000000 a0 : ffffffff81a22238 a1 : ffffffff81803e10\n[ 0.000000] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[ 0.000000] a5 : 0000000000000000 a6 : ffffffff8000989c a7 : 0000000052464e43\n[ 0.000000] s2 : ffffffff81a220c8 s3 : 0000000000000000 s4 : 0000000000000000\n[ 0.000000] s5 : 0000000000000000 s6 : 0000000200000100 s7 : 0000000000000001\n[ 0.000000] s8 : ffffffe07fe04040 s9 : ffffffff81a22c80 s10: 0000000000001000\n[ 0.000000] s11: 0000000000000004 t3 : 0000000000000001 t4 : 0000000000000008\n[ 0.000000] t5 : ffffffcf04000808 t6 : ffffffe3ffddf188\n[ 0.000000] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000002\n[ 0.000000] [\u003cffffffff80007240\u003e] riscv_cpuid_to_hartid_mask+0x6/0xae\n[ 0.000000] [\u003cffffffff80009474\u003e] sbi_remote_fence_i+0x1e/0x26\n[ 0.000000] [\u003cffffffff8000b8f4\u003e] flush_icache_all+0x12/0x1a\n[ 0.000000] [\u003cffffffff8000666c\u003e] patch_text_nosync+0x26/0x32\n[ 0.000000] [\u003cffffffff8000884e\u003e] ftrace_init_nop+0x52/0x8c\n[ 0.000000] [\u003cffffffff800f051e\u003e] ftrace_process_locs.isra.0+0x29c/0x360\n[ 0.000000] [\u003cffffffff80a0e3c6\u003e] ftrace_init+0x80/0x130\n[ 0.000000] [\u003cffffffff80a00f8c\u003e] start_kernel+0x5c4/0x8f6\n[ 0.000000] ---[ end trace f67eb9af4d8d492b ]---\n[ 0.000000] Kernel panic - not syncing: Attempted to kill the idle task!\n[ 0.000000] ---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---\n\nWhile ftrace is looping over a list of addresses to patch, it always failed\nwhen patching the same function: riscv_cpuid_to_hartid_mask. Looking at the\nbacktrace, the illegal instruction is encountered in this same function.\nHowever, patch_text_nosync, after patching the instructions, calls\nflush_icache_range. But looking at what happens in this function:\n\nflush_icache_range -\u003e flush_icache_all\n -\u003e sbi_remote_fence_i\n -\u003e __sbi_rfence_v02\n -\u003e riscv_cpuid_to_hartid_mask\n\nThe icache and dcache of the current cpu are never synchronized between the\npatching of riscv_cpuid_to_hartid_mask and calling this same function.\n\nSo fix this by flushing the current cpu\u0027s icache before asking for the other\ncpus to do the same." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:27.129Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/427faa29e06f0709476ea1bd59758f997ec8b64e" }, { "url": "https://git.kernel.org/stable/c/f1c7aa87c423e765e3862349c2f095fdfccdd9b3" }, { "url": "https://git.kernel.org/stable/c/bb8958d5dc79acbd071397abb57b8756375fe1ce" } ], "title": "riscv: Flush current cpu icache before other cpus", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47414", "datePublished": "2024-05-21T15:04:04.715Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:27.129Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47486
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "cac6b043cea3", "status": "affected", "version": "ca6cb5447cec", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.7" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.11", "status": "unaffected", "version": "5.10.77", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.15", "status": "unaffected", "version": "5.14.16", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "custom" }, { "lessThan": "e1b80a5ebe54", "status": "affected", "version": "ca6cb5447cec", "versionType": "custom" }, { "lessThanOrEqual": "27de809a3d83", "status": "affected", "version": "ca6cb5447cec", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47486", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T14:16:03.996625Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-20T20:47:36.231Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.593Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/riscv/net/bpf_jit_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cac6b043cea3", "status": "affected", "version": "ca6cb5447cec", "versionType": "git" }, { "lessThan": "e1b80a5ebe54", "status": "affected", "version": "ca6cb5447cec", "versionType": "git" }, { "lessThan": "27de809a3d83", "status": "affected", "version": "ca6cb5447cec", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/riscv/net/bpf_jit_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.7" }, { "lessThan": "5.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv, bpf: Fix potential NULL dereference\n\nThe bpf_jit_binary_free() function requires a non-NULL argument. When\nthe RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,\njit_data-\u003eheader will be NULL, which triggers a NULL\ndereference. Avoid this by checking the argument, prior calling the\nfunction." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:51.865Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cac6b043cea3e120f4fccec16f7381747cbfdc0d" }, { "url": "https://git.kernel.org/stable/c/e1b80a5ebe5431caeb20f88c32d4a024777a2d41" }, { "url": "https://git.kernel.org/stable/c/27de809a3d83a6199664479ebb19712533d6fd9b" } ], "title": "riscv, bpf: Fix potential NULL dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47486", "datePublished": "2024-05-22T08:19:36.818Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:51.865Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52846
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52846", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:22:52.516858Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:53.490Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.079Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/hsr/hsr_forward.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ddf4e04e946a", "status": "affected", "version": "451d8123f897", "versionType": "git" }, { "lessThan": "a1a485e45d24", "status": "affected", "version": "451d8123f897", "versionType": "git" }, { "lessThan": "6086258bd5ea", "status": "affected", "version": "451d8123f897", "versionType": "git" }, { "lessThan": "1787b9f0729d", "status": "affected", "version": "451d8123f897", "versionType": "git" }, { "lessThan": "d103fb672690", "status": "affected", "version": "451d8123f897", "versionType": "git" }, { "lessThan": "876f8ab52363", "status": "affected", "version": "451d8123f897", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/hsr/hsr_forward.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.9" }, { "lessThan": "5.9", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:45.888Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd" }, { "url": "https://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827da" }, { "url": "https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401db" }, { "url": "https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18" }, { "url": "https://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363" }, { "url": "https://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0d" } ], "title": "hsr: Prevent use after free in prp_create_tagged_frame()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52846", "datePublished": "2024-05-21T15:31:43.863Z", "dateReserved": "2024-05-21T15:19:24.254Z", "dateUpdated": "2024-11-04T14:53:45.888Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52700
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52700", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-18T14:38:23.667896Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T14:28:36.244Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.606Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/tipc/socket.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "54b6082aec17", "status": "affected", "version": "f25dcc7687d4", "versionType": "git" }, { "lessThan": "11a4d6f67cf5", "status": "affected", "version": "f25dcc7687d4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/tipc/socket.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.0" }, { "lessThan": "4.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix kernel warning when sending SYN message\n\nWhen sending a SYN message, this kernel stack trace is observed:\n\n...\n[ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550\n...\n[ 13.398494] Call Trace:\n[ 13.398630] \u003cTASK\u003e\n[ 13.398630] ? __alloc_skb+0xed/0x1a0\n[ 13.398630] tipc_msg_build+0x12c/0x670 [tipc]\n[ 13.398630] ? shmem_add_to_page_cache.isra.71+0x151/0x290\n[ 13.398630] __tipc_sendmsg+0x2d1/0x710 [tipc]\n[ 13.398630] ? tipc_connect+0x1d9/0x230 [tipc]\n[ 13.398630] ? __local_bh_enable_ip+0x37/0x80\n[ 13.398630] tipc_connect+0x1d9/0x230 [tipc]\n[ 13.398630] ? __sys_connect+0x9f/0xd0\n[ 13.398630] __sys_connect+0x9f/0xd0\n[ 13.398630] ? preempt_count_add+0x4d/0xa0\n[ 13.398630] ? fpregs_assert_state_consistent+0x22/0x50\n[ 13.398630] __x64_sys_connect+0x16/0x20\n[ 13.398630] do_syscall_64+0x42/0x90\n[ 13.398630] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIt is because commit a41dad905e5a (\"iov_iter: saner checks for attempt\nto copy to/from iterator\") has introduced sanity check for copying\nfrom/to iov iterator. Lacking of copy direction from the iterator\nviewpoint would lead to kernel stack trace like above.\n\nThis commit fixes this issue by initializing the iov iterator with\nthe correct copy direction when sending SYN or ACK without data." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:23.410Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32" }, { "url": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc" } ], "title": "tipc: fix kernel warning when sending SYN message", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52700", "datePublished": "2024-05-21T15:22:50.702Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-06T14:28:36.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47412
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47412", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:28:47.066559Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:29:00.823Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.401Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/004b8f8a691205a93d9e80d98b786b2b97424d6e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "block/bio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "004b8f8a6912", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a647a524a467", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "block/bio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.11", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t call rq_qos_ops-\u003edone_bio if the bio isn\u0027t tracked\n\nrq_qos framework is only applied on request based driver, so:\n\n1) rq_qos_done_bio() needn\u0027t to be called for bio based driver\n\n2) rq_qos_done_bio() needn\u0027t to be called for bio which isn\u0027t tracked,\nsuch as bios ended from error handling code.\n\nEspecially in bio_endio():\n\n1) request queue is referred via bio-\u003ebi_bdev-\u003ebd_disk-\u003equeue, which\nmay be gone since request queue refcount may not be held in above two\ncases\n\n2) q-\u003erq_qos may be freed in blk_cleanup_queue() when calling into\n__rq_qos_done_bio()\n\nFix the potential kernel panic by not calling rq_qos_ops-\u003edone_bio if\nthe bio isn\u0027t tracked. This way is safe because both ioc_rqos_done_bio()\nand blkcg_iolatency_done_bio() are nop if the bio isn\u0027t tracked." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:24.826Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/004b8f8a691205a93d9e80d98b786b2b97424d6e" }, { "url": "https://git.kernel.org/stable/c/a647a524a46736786c95cdb553a070322ca096e3" } ], "title": "block: don\u0027t call rq_qos_ops-\u003edone_bio if the bio isn\u0027t tracked", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47412", "datePublished": "2024-05-21T15:04:03.309Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:24.826Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47374
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.654Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/de4afec2d2946c92c62a15ab341c70b287289e6a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/510e1a724ab1bf38150be2c1acabb303f98d0047" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47374", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:38:22.986319Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:56.494Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/dma/debug.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "de4afec2d294", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "510e1a724ab1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/dma/debug.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.9", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-debug: prevent an error message from causing runtime problems\n\nFor some drivers, that use the DMA API. This error message can be reached\nseveral millions of times per second, causing spam to the kernel\u0027s printk\nbuffer and bringing the CPU usage up to 100% (so, it should be rate\nlimited). However, since there is at least one driver that is in the\nmainline and suffers from the error condition, it is more useful to\nerr_printk() here instead of just rate limiting the error message (in hopes\nthat it will make it easier for other drivers that suffer from this issue\nto be spotted)." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:04:41.120Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/de4afec2d2946c92c62a15ab341c70b287289e6a" }, { "url": "https://git.kernel.org/stable/c/510e1a724ab1bf38150be2c1acabb303f98d0047" } ], "title": "dma-debug: prevent an error message from causing runtime problems", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47374", "datePublished": "2024-05-21T15:03:38.436Z", "dateReserved": "2024-05-21T14:58:30.811Z", "dateUpdated": "2024-11-04T12:04:41.120Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47431
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47431", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:14.662615Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:56.536Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/621ddffb70db824eabd63d18ac635180fe9500f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/18d1c5ea3798ba42cfa0f8b2264d873463facb03" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66805763a97f8f7bdf742fc0851d85c02ed9411f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c", "drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "83d857d6b096", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "621ddffb70db", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "18d1c5ea3798", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "66805763a97f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c", "drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.154", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.74", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix gart.bo pin_count leak\n\ngmc_v{9,10}_0_gart_disable() isn\u0027t called matched with\ncorrespoding gart_enbale function in SRIOV case. This will\nlead to gart.bo pin_count leak on driver unload." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:46.964Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95" }, { "url": "https://git.kernel.org/stable/c/621ddffb70db824eabd63d18ac635180fe9500f9" }, { "url": "https://git.kernel.org/stable/c/18d1c5ea3798ba42cfa0f8b2264d873463facb03" }, { "url": "https://git.kernel.org/stable/c/66805763a97f8f7bdf742fc0851d85c02ed9411f" } ], "title": "drm/amdgpu: fix gart.bo pin_count leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47431", "datePublished": "2024-05-21T15:04:16.014Z", "dateReserved": "2024-05-21T14:58:30.829Z", "dateUpdated": "2024-11-04T12:05:46.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47472
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-06-17T16:15:59.888Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47472", "datePublished": "2024-05-22T06:23:29.555Z", "dateRejected": "2024-06-17T16:15:59.888Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-06-17T16:15:59.888Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47417
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47417", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:53.956444Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:38.930Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "tools/lib/bpf/strset.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9e8e7504e098", "status": "affected", "version": "90d76d3ececc", "versionType": "git" }, { "lessThan": "b0e875bac0fa", "status": "affected", "version": "90d76d3ececc", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "tools/lib/bpf/strset.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibbpf: Fix memory leak in strset\n\nFree struct strset itself, not just its internal parts." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:30.601Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9e8e7504e09831c469b67d6dc11d9a72654bdb8c" }, { "url": "https://git.kernel.org/stable/c/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac" } ], "title": "libbpf: Fix memory leak in strset", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47417", "datePublished": "2024-05-21T15:04:06.683Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:30.601Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52707
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52707", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:08.537145Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:46.100Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.459Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7caeb5457bd01ccba0df1d6f4872f20d28e50b38" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ec9c7aa08819f976b2492fa63c41b5712d2924b5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cca2b3feb70170ef6f0fbc4b4d91eea235a2b73a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c6879a4dcefe92d870ab68cabaa9caeda4f2af5a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/sched/psi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7caeb5457bd0", "status": "affected", "version": "0e94682b73bf", "versionType": "git" }, { "lessThan": "ec9c7aa08819", "status": "affected", "version": "0e94682b73bf", "versionType": "git" }, { "lessThan": "cca2b3feb701", "status": "affected", "version": "0e94682b73bf", "versionType": "git" }, { "lessThan": "c6879a4dcefe", "status": "affected", "version": "0e94682b73bf", "versionType": "git" }, { "lessThan": "c2dbe32d5db5", "status": "affected", "version": "0e94682b73bf", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/sched/psi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.2" }, { "lessThan": "5.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/psi: Fix use-after-free in ep_remove_wait_queue()\n\nIf a non-root cgroup gets removed when there is a thread that registered\ntrigger and is polling on a pressure file within the cgroup, the polling\nwaitqueue gets freed in the following path:\n\n do_rmdir\n cgroup_rmdir\n kernfs_drain_open_files\n cgroup_file_release\n cgroup_pressure_release\n psi_trigger_destroy\n\nHowever, the polling thread still has a reference to the pressure file and\nwill access the freed waitqueue when the file is closed or upon exit:\n\n fput\n ep_eventpoll_release\n ep_free\n ep_remove_wait_queue\n remove_wait_queue\n\nThis results in use-after-free as pasted below.\n\nThe fundamental problem here is that cgroup_file_release() (and\nconsequently waitqueue\u0027s lifetime) is not tied to the file\u0027s real lifetime.\nUsing wake_up_pollfree() here might be less than ideal, but it is in line\nwith the comment at commit 42288cb44c4b (\"wait: add wake_up_pollfree()\")\nsince the waitqueue\u0027s lifetime is not tied to file\u0027s one and can be\nconsidered as another special case. While this would be fixable by somehow\nmaking cgroup_file_release() be tied to the fput(), it would require\nsizable refactoring at cgroups or higher layer which might be more\njustifiable if we identify more cases like this.\n\n BUG: KASAN: use-after-free in _raw_spin_lock_irqsave+0x60/0xc0\n Write of size 4 at addr ffff88810e625328 by task a.out/4404\n\n\tCPU: 19 PID: 4404 Comm: a.out Not tainted 6.2.0-rc6 #38\n\tHardware name: Amazon EC2 c5a.8xlarge/, BIOS 1.0 10/16/2017\n\tCall Trace:\n\t\u003cTASK\u003e\n\tdump_stack_lvl+0x73/0xa0\n\tprint_report+0x16c/0x4e0\n\tkasan_report+0xc3/0xf0\n\tkasan_check_range+0x2d2/0x310\n\t_raw_spin_lock_irqsave+0x60/0xc0\n\tremove_wait_queue+0x1a/0xa0\n\tep_free+0x12c/0x170\n\tep_eventpoll_release+0x26/0x30\n\t__fput+0x202/0x400\n\ttask_work_run+0x11d/0x170\n\tdo_exit+0x495/0x1130\n\tdo_group_exit+0x100/0x100\n\tget_signal+0xd67/0xde0\n\tarch_do_signal_or_restart+0x2a/0x2b0\n\texit_to_user_mode_prepare+0x94/0x100\n\tsyscall_exit_to_user_mode+0x20/0x40\n\tdo_syscall_64+0x52/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\t\u003c/TASK\u003e\n\n Allocated by task 4404:\n\n\tkasan_set_track+0x3d/0x60\n\t__kasan_kmalloc+0x85/0x90\n\tpsi_trigger_create+0x113/0x3e0\n\tpressure_write+0x146/0x2e0\n\tcgroup_file_write+0x11c/0x250\n\tkernfs_fop_write_iter+0x186/0x220\n\tvfs_write+0x3d8/0x5c0\n\tksys_write+0x90/0x110\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Freed by task 4407:\n\n\tkasan_set_track+0x3d/0x60\n\tkasan_save_free_info+0x27/0x40\n\t____kasan_slab_free+0x11d/0x170\n\tslab_free_freelist_hook+0x87/0x150\n\t__kmem_cache_free+0xcb/0x180\n\tpsi_trigger_destroy+0x2e8/0x310\n\tcgroup_file_release+0x4f/0xb0\n\tkernfs_drain_open_files+0x165/0x1f0\n\tkernfs_drain+0x162/0x1a0\n\t__kernfs_remove+0x1fb/0x310\n\tkernfs_remove_by_name_ns+0x95/0xe0\n\tcgroup_addrm_files+0x67f/0x700\n\tcgroup_destroy_locked+0x283/0x3c0\n\tcgroup_rmdir+0x29/0x100\n\tkernfs_iop_rmdir+0xd1/0x140\n\tvfs_rmdir+0xfe/0x240\n\tdo_rmdir+0x13d/0x280\n\t__x64_sys_rmdir+0x2c/0x30\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:34.373Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7caeb5457bd01ccba0df1d6f4872f20d28e50b38" }, { "url": "https://git.kernel.org/stable/c/ec9c7aa08819f976b2492fa63c41b5712d2924b5" }, { "url": "https://git.kernel.org/stable/c/cca2b3feb70170ef6f0fbc4b4d91eea235a2b73a" }, { "url": "https://git.kernel.org/stable/c/c6879a4dcefe92d870ab68cabaa9caeda4f2af5a" }, { "url": "https://git.kernel.org/stable/c/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe" } ], "title": "sched/psi: Fix use-after-free in ep_remove_wait_queue()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52707", "datePublished": "2024-05-21T15:22:55.315Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:34.373Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47440
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47440", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T20:20:31.324423Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T16:30:42.379Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:58.978Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/microchip/encx24j600-regmap.c", "drivers/net/ethernet/microchip/encx24j600.c", "drivers/net/ethernet/microchip/encx24j600_hw.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "66358471fa75", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "f043fac1133a", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "fddc7f678d7f", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "5e5494e6fc8a", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "4c2eb80fc90b", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "e19c10d6e07c", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "322c0e534963", "status": "affected", "version": "04fbfce7a222", "versionType": "git" }, { "lessThan": "f03dca0c9e22", "status": "affected", "version": "04fbfce7a222", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/microchip/encx24j600-regmap.c", "drivers/net/ethernet/microchip/encx24j600.c", "drivers/net/ethernet/microchip/encx24j600_hw.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.4" }, { "lessThan": "4.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: encx24j600: check error in devm_regmap_init_encx24j600\n\ndevm_regmap_init may return error which caused by like out of memory,\nthis will results in null pointer dereference later when reading\nor writing register:\n\ngeneral protection fault in encx24j600_spi_probe\nKASAN: null-ptr-deref in range [0x0000000000000090-0x0000000000000097]\nCPU: 0 PID: 286 Comm: spi-encx24j600- Not tainted 5.15.0-rc2-00142-g9978db750e31-dirty #11 9c53a778c1306b1b02359f3c2bbedc0222cba652\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:regcache_cache_bypass drivers/base/regmap/regcache.c:540\nCode: 54 41 89 f4 55 53 48 89 fb 48 83 ec 08 e8 26 94 a8 fe 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4a 03 00 00 4c 8d ab b0 00 00 00 48 8b ab a0 00\nRSP: 0018:ffffc900010476b8 EFLAGS: 00010207\nRAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: 0000000000000000\nRDX: 0000000000000012 RSI: ffff888002de0000 RDI: 0000000000000094\nRBP: ffff888013c9a000 R08: 0000000000000000 R09: fffffbfff3f9cc6a\nR10: ffffc900010476e8 R11: fffffbfff3f9cc69 R12: 0000000000000001\nR13: 000000000000000a R14: ffff888013c9af54 R15: ffff888013c9ad08\nFS: 00007ffa984ab580(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a6384136c8 CR3: 000000003bbe6003 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n encx24j600_spi_probe drivers/net/ethernet/microchip/encx24j600.c:459\n spi_probe drivers/spi/spi.c:397\n really_probe drivers/base/dd.c:517\n __driver_probe_device drivers/base/dd.c:751\n driver_probe_device drivers/base/dd.c:782\n __device_attach_driver drivers/base/dd.c:899\n bus_for_each_drv drivers/base/bus.c:427\n __device_attach drivers/base/dd.c:971\n bus_probe_device drivers/base/bus.c:487\n device_add drivers/base/core.c:3364\n __spi_add_device drivers/spi/spi.c:599\n spi_add_device drivers/spi/spi.c:641\n spi_new_device drivers/spi/spi.c:717\n new_device_store+0x18c/0x1f1 [spi_stub 4e02719357f1ff33f5a43d00630982840568e85e]\n dev_attr_store drivers/base/core.c:2074\n sysfs_kf_write fs/sysfs/file.c:139\n kernfs_fop_write_iter fs/kernfs/file.c:300\n new_sync_write fs/read_write.c:508 (discriminator 4)\n vfs_write fs/read_write.c:594\n ksys_write fs/read_write.c:648\n do_syscall_64 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:113\n\nAdd error check in devm_regmap_init_encx24j600 to avoid this situation." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:56.441Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f" }, { "url": "https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462" }, { "url": "https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc" }, { "url": "https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901" }, { "url": "https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644" }, { "url": "https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e" }, { "url": "https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55" }, { "url": "https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287" } ], "title": "net: encx24j600: check error in devm_regmap_init_encx24j600", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47440", "datePublished": "2024-05-22T06:19:34.890Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:56.441Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52834
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52834", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:09:31.471989Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:26.205Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.046Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/atheros/atl1c/atl1c.h", "drivers/net/ethernet/atheros/atl1c/atl1c_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c29a89b23f67", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "57e44ff9c2c9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "54a6152da499", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "32f08b7b430e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "86565682e905", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/atheros/atl1c/atl1c.h", "drivers/net/ethernet/atheros/atl1c/atl1c_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:31.511Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315" }, { "url": "https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6" }, { "url": "https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa" }, { "url": "https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb" }, { "url": "https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf" } ], "title": "atl1c: Work around the DMA RX overflow issue", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52834", "datePublished": "2024-05-21T15:31:35.575Z", "dateReserved": "2024-05-21T15:19:24.252Z", "dateUpdated": "2024-11-04T14:53:31.511Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52801
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "836db2e7e456", "status": "affected", "version": "51fe6141f0f6", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "fcb32111f01d", "status": "affected", "version": "51fe6141f0f6", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "e7250ab7ca49", "status": "affected", "version": "51fe6141f0f6", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "6..2" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "6.2", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52801", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T15:13:11.142898Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T19:16:04.430Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/836db2e7e4565d8218923b3552304a1637e2f28d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fcb32111f01ddf3cbd04644cde1773428e31de6a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e7250ab7ca4998fe026f2149805b03e09dc32498" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/iommu/iommufd/io_pagetable.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "836db2e7e456", "status": "affected", "version": "51fe6141f0f6", "versionType": "git" }, { "lessThan": "fcb32111f01d", "status": "affected", "version": "51fe6141f0f6", "versionType": "git" }, { "lessThan": "e7250ab7ca49", "status": "affected", "version": "51fe6141f0f6", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/iommu/iommufd/io_pagetable.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.2" }, { "lessThan": "6.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix missing update of domains_itree after splitting iopt_area\n\nIn iopt_area_split(), if the original iopt_area has filled a domain and is\nlinked to domains_itree, pages_nodes have to be properly\nreinserted. Otherwise the domains_itree becomes corrupted and we will UAF." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:59.713Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/836db2e7e4565d8218923b3552304a1637e2f28d" }, { "url": "https://git.kernel.org/stable/c/fcb32111f01ddf3cbd04644cde1773428e31de6a" }, { "url": "https://git.kernel.org/stable/c/e7250ab7ca4998fe026f2149805b03e09dc32498" } ], "title": "iommufd: Fix missing update of domains_itree after splitting iopt_area", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52801", "datePublished": "2024-05-21T15:31:13.700Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-04T14:52:59.713Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52752
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.3" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "1da177e4c3f4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.64" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.13" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52752", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:22:07.851461Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:08.238Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.175Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/smb/client/cifs_debug.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "558817597d5f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "89929ea46f9c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0ab6f842452c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d328c09ee9f1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/smb/client/cifs_debug.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:02.180Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7" }, { "url": "https://git.kernel.org/stable/c/89929ea46f9cc11ba66d2c64713aa5d5dc723b09" }, { "url": "https://git.kernel.org/stable/c/0ab6f842452ce2cae04209d4671ac6289d0aef8a" }, { "url": "https://git.kernel.org/stable/c/d328c09ee9f15ee5a26431f5aad7c9239fa85e62" } ], "title": "smb: client: fix use-after-free bug in cifs_debug_data_proc_show()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52752", "datePublished": "2024-05-21T15:30:40.901Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:52:02.180Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47453
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47453", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:24:44.764547Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:21.088Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "777682e59840", "status": "affected", "version": "d25a0fc41c1f", "versionType": "git" }, { "lessThan": "73e30a62b19b", "status": "affected", "version": "d25a0fc41c1f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Avoid crash from unnecessary IDA free\n\nIn the remove path, there is an attempt to free the aux_idx IDA whether\nit was allocated or not. This can potentially cause a crash when\nunloading the driver on systems that do not initialize support for RDMA.\nBut, this free cannot be gated by the status bit for RDMA, since it is\nallocated if the driver detects support for RDMA at probe time, but the\ndriver can enter into a state where RDMA is not supported after the IDA\nhas been allocated at probe time and this would lead to a memory leak.\n\nInitialize aux_idx to an invalid value and check for a valid value when\nunloading to determine if an IDA free is necessary." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:14.265Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b" }, { "url": "https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e" } ], "title": "ice: Avoid crash from unnecessary IDA free", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47453", "datePublished": "2024-05-22T06:19:43.374Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:14.265Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52790
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52790", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:32:04.825201Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:14.167Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.050Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/dma/swiotlb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ce7612496a4b", "status": "affected", "version": "79636caad361", "versionType": "git" }, { "lessThan": "53c87e846e33", "status": "affected", "version": "79636caad361", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/dma/swiotlb.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.6" }, { "lessThan": "6.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC\n\nLimit the free list length to the size of the IO TLB. Transient pool can be\nsmaller than IO_TLB_SEGSIZE, but the free list is initialized with the\nassumption that the total number of slots is a multiple of IO_TLB_SEGSIZE.\nAs a result, swiotlb_area_find_slots() may allocate slots past the end of\na transient IO TLB buffer." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:47.728Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b" }, { "url": "https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827" } ], "title": "swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52790", "datePublished": "2024-05-21T15:31:06.319Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:47.728Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52789
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52789", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:26:54.599134Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:29.225Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.668Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/vcc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "38cd56fc9de7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "909963e0c167", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "460284dfb10b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4ef41a7f33ff", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6c80f48912b5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7cebc86481bf", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4a24a3182624", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8f8771757b13", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d81ffb87aaa7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/vcc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:46.533Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/38cd56fc9de78bf3c878790785e8c231116ef9d3" }, { "url": "https://git.kernel.org/stable/c/909963e0c16778cec28efb1affc21558825f4200" }, { "url": "https://git.kernel.org/stable/c/460284dfb10b207980c6f3f7046e33446ceb38ac" }, { "url": "https://git.kernel.org/stable/c/4ef41a7f33ffe1a335e7db7e1564ddc6afad47cc" }, { "url": "https://git.kernel.org/stable/c/6c80f48912b5bd4965352d1a9a989e21743a4a06" }, { "url": "https://git.kernel.org/stable/c/7cebc86481bf16049e266f6774d90f2fd4f8d5d2" }, { "url": "https://git.kernel.org/stable/c/4a24a31826246b15477399febd13292b0c9f0ee9" }, { "url": "https://git.kernel.org/stable/c/8f8771757b130383732195497e47fba2aba76d3a" }, { "url": "https://git.kernel.org/stable/c/d81ffb87aaa75f842cd7aa57091810353755b3e6" } ], "title": "tty: vcc: Add check for kstrdup() in vcc_probe()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52789", "datePublished": "2024-05-21T15:31:05.616Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:46.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47381
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47381", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T18:29:17.455627Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:11.897Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.606Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a6bb576ead074ca6fa3b53cb1c5d4037a23de81b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/soc/sof/xtensa/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a6bb576ead07", "status": "affected", "version": "e657c18a01c8", "versionType": "git" }, { "lessThan": "ac4dfccb9657", "status": "affected", "version": "e657c18a01c8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/soc/sof/xtensa/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.2" }, { "lessThan": "5.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Fix DSP oops stack dump output contents\n\nFix @buf arg given to hex_dump_to_buffer() and stack address used\nin dump error output." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:04:48.114Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a6bb576ead074ca6fa3b53cb1c5d4037a23de81b" }, { "url": "https://git.kernel.org/stable/c/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a" } ], "title": "ASoC: SOF: Fix DSP oops stack dump output contents", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47381", "datePublished": "2024-05-21T15:03:42.967Z", "dateReserved": "2024-05-21T14:58:30.812Z", "dateUpdated": "2024-11-04T12:04:48.114Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52754
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52754", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:42:53.248204Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:36.610Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.519Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5e0b788fb96be36d1baf1a5c88d09c7c82a0452a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b083aaf5db2eeca9e362723258e5d8698f7dd84e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/10ec5a97f8f5a772a1a42b4eb27196b447cd3aa9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a493a34bd6e496c55fabedd82b957193ace178f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/rc/imon.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0f5068519f89", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5e0b788fb96b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b083aaf5db2e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "10ec5a97f8f5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2a493a34bd6e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a1766a4fd83b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/rc/imon.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:04.628Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f" }, { "url": "https://git.kernel.org/stable/c/5e0b788fb96be36d1baf1a5c88d09c7c82a0452a" }, { "url": "https://git.kernel.org/stable/c/b083aaf5db2eeca9e362723258e5d8698f7dd84e" }, { "url": "https://git.kernel.org/stable/c/10ec5a97f8f5a772a1a42b4eb27196b447cd3aa9" }, { "url": "https://git.kernel.org/stable/c/2a493a34bd6e496c55fabedd82b957193ace178f" }, { "url": "https://git.kernel.org/stable/c/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7" } ], "title": "media: imon: fix access to invalid resource for the second interface", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52754", "datePublished": "2024-05-21T15:30:42.198Z", "dateReserved": "2024-05-21T15:19:24.235Z", "dateUpdated": "2024-11-04T14:52:04.628Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52797
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52797", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:26:12.766927Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:34.907Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.045Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2c86b24095fcf72cf51bc72d12e4350163b4e11d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/45a0de41ec383c8b7c6d442734ba3852dd2fc4a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c6e316ac05532febb0c966fa9b55f5258ed037be" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/perf/riscv_pmu_sbi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2c86b24095fc", "status": "affected", "version": "4905ec2fb7e6", "versionType": "git" }, { "lessThan": "45a0de41ec38", "status": "affected", "version": "4905ec2fb7e6", "versionType": "git" }, { "lessThan": "c6e316ac0553", "status": "affected", "version": "4905ec2fb7e6", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/perf/riscv_pmu_sbi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.18" }, { "lessThan": "5.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: perf: Check find_first_bit() return value\n\nWe must check the return value of find_first_bit() before using the\nreturn value as an index array since it happens to overflow the array\nand then panic:\n\n[ 107.318430] Kernel BUG [#1]\n[ 107.319434] CPU: 3 PID: 1238 Comm: kill Tainted: G E 6.6.0-rc6ubuntu-defconfig #2\n[ 107.319465] Hardware name: riscv-virtio,qemu (DT)\n[ 107.319551] epc : pmu_sbi_ovf_handler+0x3a4/0x3ae\n[ 107.319840] ra : pmu_sbi_ovf_handler+0x52/0x3ae\n[ 107.319868] epc : ffffffff80a0a77c ra : ffffffff80a0a42a sp : ffffaf83fecda350\n[ 107.319884] gp : ffffffff823961a8 tp : ffffaf8083db1dc0 t0 : ffffaf83fecda480\n[ 107.319899] t1 : ffffffff80cafe62 t2 : 000000000000ff00 s0 : ffffaf83fecda520\n[ 107.319921] s1 : ffffaf83fecda380 a0 : 00000018fca29df0 a1 : ffffffffffffffff\n[ 107.319936] a2 : 0000000001073734 a3 : 0000000000000004 a4 : 0000000000000000\n[ 107.319951] a5 : 0000000000000040 a6 : 000000001d1c8774 a7 : 0000000000504d55\n[ 107.319965] s2 : ffffffff82451f10 s3 : ffffffff82724e70 s4 : 000000000000003f\n[ 107.319980] s5 : 0000000000000011 s6 : ffffaf8083db27c0 s7 : 0000000000000000\n[ 107.319995] s8 : 0000000000000001 s9 : 00007fffb45d6558 s10: 00007fffb45d81a0\n[ 107.320009] s11: ffffaf7ffff60000 t3 : 0000000000000004 t4 : 0000000000000000\n[ 107.320023] t5 : ffffaf7f80000000 t6 : ffffaf8000000000\n[ 107.320037] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003\n[ 107.320081] [\u003cffffffff80a0a77c\u003e] pmu_sbi_ovf_handler+0x3a4/0x3ae\n[ 107.320112] [\u003cffffffff800b42d0\u003e] handle_percpu_devid_irq+0x9e/0x1a0\n[ 107.320131] [\u003cffffffff800ad92c\u003e] generic_handle_domain_irq+0x28/0x36\n[ 107.320148] [\u003cffffffff8065f9f8\u003e] riscv_intc_irq+0x36/0x4e\n[ 107.320166] [\u003cffffffff80caf4a0\u003e] handle_riscv_irq+0x54/0x86\n[ 107.320189] [\u003cffffffff80cb0036\u003e] do_irq+0x64/0x96\n[ 107.320271] Code: 85a6 855e b097 ff7f 80e7 9220 b709 9002 4501 bbd9 (9002) 6097\n[ 107.320585] ---[ end trace 0000000000000000 ]---\n[ 107.320704] Kernel panic - not syncing: Fatal exception in interrupt\n[ 107.320775] SMP: stopping secondary CPUs\n[ 107.321219] Kernel Offset: 0x0 from 0xffffffff80000000\n[ 107.333051] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:54.933Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2c86b24095fcf72cf51bc72d12e4350163b4e11d" }, { "url": "https://git.kernel.org/stable/c/45a0de41ec383c8b7c6d442734ba3852dd2fc4a7" }, { "url": "https://git.kernel.org/stable/c/c6e316ac05532febb0c966fa9b55f5258ed037be" } ], "title": "drivers: perf: Check find_first_bit() return value", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52797", "datePublished": "2024-05-21T15:31:10.952Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-11-04T14:52:54.933Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47457
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47457", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:53:56.304705Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:15.881Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.247Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/can/isotp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "053bc12df0d6", "status": "affected", "version": "e057dd3fc20f", "versionType": "git" }, { "lessThan": "a76abedd2be3", "status": "affected", "version": "e057dd3fc20f", "versionType": "git" }, { "lessThan": "9acf636215a6", "status": "affected", "version": "e057dd3fc20f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/can/isotp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()\n\nUsing wait_event_interruptible() to wait for complete transmission,\nbut do not check the result of wait_event_interruptible() which can be\ninterrupted. It will result in TX buffer has multiple accessors and\nthe later process interferes with the previous process.\n\nFollowing is one of the problems reported by syzbot.\n\n=============================================================\nWARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014\nRIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0\nCall Trace:\n \u003cIRQ\u003e\n ? isotp_setsockopt+0x390/0x390\n __hrtimer_run_queues+0xb8/0x610\n hrtimer_run_softirq+0x91/0xd0\n ? rcu_read_lock_sched_held+0x4d/0x80\n __do_softirq+0xe8/0x553\n irq_exit_rcu+0xf8/0x100\n sysvec_apic_timer_interrupt+0x9e/0xc0\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n\nAdd result check for wait_event_interruptible() in isotp_sendmsg()\nto avoid multiple accessers for tx buffer." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:19.051Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64" }, { "url": "https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110" }, { "url": "https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8" } ], "title": "can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47457", "datePublished": "2024-05-22T06:19:46.021Z", "dateReserved": "2024-05-21T14:58:30.833Z", "dateUpdated": "2024-11-04T12:06:19.051Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52829
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52829", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:39.580141Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-04T18:02:43.447Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.065Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "dfe13eaab043", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "4dd0547e8b45", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "b302dce3d9ed", "status": "affected", "version": "d889913205cf", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()\n\nreg_cap.phy_id is extracted from WMI event and could be an unexpected value\nin case some errors happen. As a result out-of-bound write may occur to\nsoc-\u003ehal_reg_cap. Fix it by validating reg_cap.phy_id before using it.\n\nThis is found during code review.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-29T10:54:30.789Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/dfe13eaab043130f90dd3d57c7d88577c04adc97" }, { "url": "https://git.kernel.org/stable/c/4dd0547e8b45faf6f95373be5436b66cde326c0e" }, { "url": "https://git.kernel.org/stable/c/b302dce3d9edea5b93d1902a541684a967f3c63c" } ], "title": "wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()", "x_generator": { "engine": "bippy-8e903de6a542" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52829", "datePublished": "2024-05-21T15:31:32.164Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-12-04T18:02:43.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52824
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T15:26:11.440Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52824", "datePublished": "2024-05-21T15:31:28.872Z", "dateRejected": "2024-05-24T15:26:11.440Z", "dateReserved": "2024-05-21T15:19:24.250Z", "dateUpdated": "2024-05-24T15:26:11.440Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47422
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47422", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:20:21.213988Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:50.386Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.509Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/nouveau/dispnv50/crc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "65fff0a8efcd", "status": "affected", "version": "12885ecbfe62", "versionType": "git" }, { "lessThan": "0b4e9fc14973", "status": "affected", "version": "12885ecbfe62", "versionType": "git" }, { "lessThan": "0b3d4945cc7e", "status": "affected", "version": "12885ecbfe62", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/nouveau/dispnv50/crc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.9" }, { "lessThan": "5.9", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the \u0027op\u0027 allocated in single_open() will be leaked." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:36.485Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d" }, { "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912" }, { "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5" } ], "title": "drm/nouveau/kms/nv50-: fix file release memory leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47422", "datePublished": "2024-05-21T15:04:09.947Z", "dateReserved": "2024-05-21T14:58:30.820Z", "dateUpdated": "2024-11-04T12:05:36.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52746
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52746", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:50:37.070696Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T15:13:49.462Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.022Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/xfrm/xfrm_compat.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a893cc644812", "status": "affected", "version": "5106f4a8acff", "versionType": "git" }, { "lessThan": "5dc688fae6b7", "status": "affected", "version": "5106f4a8acff", "versionType": "git" }, { "lessThan": "419674224390", "status": "affected", "version": "5106f4a8acff", "versionType": "git" }, { "lessThan": "b6ee89638538", "status": "affected", "version": "5106f4a8acff", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/xfrm/xfrm_compat.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()\n\n int type = nla_type(nla);\n\n if (type \u003e XFRMA_MAX) {\n return -EOPNOTSUPP;\n }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\n if (nla_len(nla) \u003c compat_policy[type].len) {\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:54.534Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0" }, { "url": "https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5" }, { "url": "https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d" }, { "url": "https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff" } ], "title": "xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52746", "datePublished": "2024-05-21T15:23:07.255Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-07T15:13:49.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52778
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52778", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T18:34:28.820303Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:35.332Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/70ff9b65a72885b3a2dfde6709da1f19b85fa696" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/342b528c0e849bed9def76dadaa470d3af678e94" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/57ced2eb77343a91d28f4a73675b05fe7b555def" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9fce92f050f448a0d1ddd9083ef967d9930f1e52" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "70ff9b65a728", "status": "affected", "version": "7c4e983c4f3c", "versionType": "git" }, { "lessThan": "342b528c0e84", "status": "affected", "version": "7c4e983c4f3c", "versionType": "git" }, { "lessThan": "57ced2eb7734", "status": "affected", "version": "7c4e983c4f3c", "versionType": "git" }, { "lessThan": "9fce92f050f4", "status": "affected", "version": "7c4e983c4f3c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/mptcp/protocol.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.19" }, { "lessThan": "5.19", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: deal with large GSO size\n\nAfter the blamed commit below, the TCP sockets (and the MPTCP subflows)\ncan build egress packets larger than 64K. That exceeds the maximum DSS\ndata size, the length being misrepresent on the wire and the stream being\ncorrupted, as later observed on the receiver:\n\n WARNING: CPU: 0 PID: 9696 at net/mptcp/protocol.c:705 __mptcp_move_skbs_from_subflow+0x2604/0x26e0\n CPU: 0 PID: 9696 Comm: syz-executor.7 Not tainted 6.6.0-rc5-gcd8bdf563d46 #45\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x2604/0x26e0 net/mptcp/protocol.c:705\n RSP: 0018:ffffc90000006e80 EFLAGS: 00010246\n RAX: ffffffff83e9f674 RBX: ffff88802f45d870 RCX: ffff888102ad0000\n netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n RDX: 0000000080000303 RSI: 0000000000013908 RDI: 0000000000003908\n RBP: ffffc90000007110 R08: ffffffff83e9e078 R09: 1ffff1100e548c8a\n R10: dffffc0000000000 R11: ffffed100e548c8b R12: 0000000000013908\n R13: dffffc0000000000 R14: 0000000000003908 R15: 000000000031cf29\n FS: 00007f239c47e700(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f239c45cd78 CR3: 000000006a66c006 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n mptcp_data_ready+0x263/0xac0 net/mptcp/protocol.c:819\n subflow_data_ready+0x268/0x6d0 net/mptcp/subflow.c:1409\n tcp_data_queue+0x21a1/0x7a60 net/ipv4/tcp_input.c:5151\n tcp_rcv_established+0x950/0x1d90 net/ipv4/tcp_input.c:6098\n tcp_v6_do_rcv+0x554/0x12f0 net/ipv6/tcp_ipv6.c:1483\n tcp_v6_rcv+0x2e26/0x3810 net/ipv6/tcp_ipv6.c:1749\n ip6_protocol_deliver_rcu+0xd6b/0x1ae0 net/ipv6/ip6_input.c:438\n ip6_input+0x1c5/0x470 net/ipv6/ip6_input.c:483\n ipv6_rcv+0xef/0x2c0 include/linux/netfilter.h:304\n __netif_receive_skb+0x1ea/0x6a0 net/core/dev.c:5532\n process_backlog+0x353/0x660 net/core/dev.c:5974\n __napi_poll+0xc6/0x5a0 net/core/dev.c:6536\n net_rx_action+0x6a0/0xfd0 net/core/dev.c:6603\n __do_softirq+0x184/0x524 kernel/softirq.c:553\n do_softirq+0xdd/0x130 kernel/softirq.c:454\n\nAddress the issue explicitly bounding the maximum GSO size to what MPTCP\nactually allows." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:32.367Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/70ff9b65a72885b3a2dfde6709da1f19b85fa696" }, { "url": "https://git.kernel.org/stable/c/342b528c0e849bed9def76dadaa470d3af678e94" }, { "url": "https://git.kernel.org/stable/c/57ced2eb77343a91d28f4a73675b05fe7b555def" }, { "url": "https://git.kernel.org/stable/c/9fce92f050f448a0d1ddd9083ef967d9930f1e52" } ], "title": "mptcp: deal with large GSO size", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52778", "datePublished": "2024-05-21T15:30:58.244Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:32.367Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52802
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-06-08T11:39:04.020Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52802", "datePublished": "2024-05-21T15:31:14.377Z", "dateRejected": "2024-06-08T11:39:04.020Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-06-08T11:39:04.020Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52823
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T10:16:07.397Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52823", "datePublished": "2024-05-21T15:31:28.211Z", "dateRejected": "2024-05-24T10:16:07.397Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-05-24T10:16:07.397Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47476
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47476", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-25T18:23:48.578876Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-01T14:38:44.765Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.479Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/ni_usb6501.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "58478143771b", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "aa3973842350", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "df7b1238f3b5", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "bc51111bf6e8", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "b0156b7c9649", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "ef143dc0c3de", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "4a9d43cb5d5f", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "d6a727a681a3", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" }, { "lessThan": "907767da8f3a", "status": "affected", "version": "a03bb00e50ab", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/ni_usb6501.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.18" }, { "lessThan": "3.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.217", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.159", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: ni_usb6501: fix NULL-deref in command paths\n\nThe driver uses endpoint-sized USB transfer buffers but had no sanity\nchecks on the sizes. This can lead to zero-size-pointer dereferences or\noverflowed transfer buffers in ni6501_port_command() and\nni6501_counter_command() if a (malicious) device has smaller max-packet\nsizes than expected (or when doing descriptor fuzz testing).\n\nAdd the missing sanity checks to probe()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:40.142Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/58478143771b20ab219937b1c30a706590a59224" }, { "url": "https://git.kernel.org/stable/c/aa39738423503825625853b643b9e99d11c23816" }, { "url": "https://git.kernel.org/stable/c/df7b1238f3b599a0b9284249772cdfd1ea83a632" }, { "url": "https://git.kernel.org/stable/c/bc51111bf6e8e7b6cc94b133e4c291273a16acd1" }, { "url": "https://git.kernel.org/stable/c/b0156b7c9649d8f55a2ce3d3258509f1b2a181c3" }, { "url": "https://git.kernel.org/stable/c/ef143dc0c3defe56730ecd3a9de7b3e1d7e557c1" }, { "url": "https://git.kernel.org/stable/c/4a9d43cb5d5f39fa39fc1da438517004cc95f7ea" }, { "url": "https://git.kernel.org/stable/c/d6a727a681a39ae4f73081a9bedb45d14f95bdd1" }, { "url": "https://git.kernel.org/stable/c/907767da8f3a925b060c740e0b5c92ea7dbec440" } ], "title": "comedi: ni_usb6501: fix NULL-deref in command paths", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47476", "datePublished": "2024-05-22T08:19:30.201Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:40.142Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52753
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52753", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:43:36.953665Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:11.593Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/dc/core/dc_stream.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "09909f515032", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eac3e4760aa1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "79b6a90f4f24", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4e497f1acd99", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8a06894666e0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6d8653b1a7a8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "df8bc953eed7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b1904ed480ce", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/dc/core/dc_stream.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why \u0026 How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:03.402Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd" }, { "url": "https://git.kernel.org/stable/c/eac3e4760aa12159f7f5475d55a67b7933abc195" }, { "url": "https://git.kernel.org/stable/c/79b6a90f4f2433312154cd68452b0ba501fa74db" }, { "url": "https://git.kernel.org/stable/c/4e497f1acd99075b13605b2e7fa0cba721a2cfd9" }, { "url": "https://git.kernel.org/stable/c/8a06894666e0b462c9316b26ab615cefdd0d676c" }, { "url": "https://git.kernel.org/stable/c/6d8653b1a7a8dc938b566ae8c4f373b36e792c68" }, { "url": "https://git.kernel.org/stable/c/df8bc953eed72371e43ca407bd063507f760cf89" }, { "url": "https://git.kernel.org/stable/c/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6" } ], "title": "drm/amd/display: Avoid NULL dereference of timing generator", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52753", "datePublished": "2024-05-21T15:30:41.548Z", "dateReserved": "2024-05-21T15:19:24.234Z", "dateUpdated": "2024-11-04T14:52:03.402Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48707
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-48707", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T17:51:43.390258Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:16:39.940Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T15:17:55.855Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/cxl/core/region.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a04c7d062b53", "status": "affected", "version": "176baefb2eb5", "versionType": "git" }, { "lessThan": "4fa4302d6dc7", "status": "affected", "version": "176baefb2eb5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/cxl/core/region.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Fix null pointer dereference for resetting decoder\n\nNot all decoders have a reset callback.\n\nThe CXL specification allows a host bridge with a single root port to\nhave no explicit HDM decoders. Currently the region driver assumes there\nare none. As such the CXL core creates a special pass through decoder\ninstance without a commit/reset callback.\n\nPrior to this patch, the -\u003ereset() callback was called unconditionally when\ncalling cxl_region_decode_reset. Thus a configuration with 1 Host Bridge,\n1 Root Port, and one directly attached CXL type 3 device or multiple CXL\ntype 3 devices attached to downstream ports of a switch can cause a null\npointer dereference.\n\nBefore the fix, a kernel crash was observed when we destroy the region, and\na pass through decoder is reset.\n\nThe issue can be reproduced as below,\n 1) create a region with a CXL setup which includes a HB with a\n single root port under which a memdev is attached directly.\n 2) destroy the region with cxl destroy-region regionX -f." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:14:57.167Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a04c7d062b537ff787d00da95bdfe343260d4beb" }, { "url": "https://git.kernel.org/stable/c/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b" } ], "title": "cxl/region: Fix null pointer dereference for resetting decoder", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2022-48707", "datePublished": "2024-05-21T15:22:48.735Z", "dateReserved": "2024-05-03T14:55:07.147Z", "dateUpdated": "2024-11-04T12:14:57.167Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52776
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52776", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:48:38.223706Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-31T14:25:28.524Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.862Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "774de37c147f", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "d7a5f7f76568", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "69bd216e0493", "status": "affected", "version": "d889913205cf", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/wmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix dfs-radar and temperature event locking\n\nThe ath12k active pdevs are protected by RCU but the DFS-radar and\ntemperature event handling code calling ath12k_mac_get_ar_by_pdev_id()\nwas not marked as a read-side critical section.\n\nMark the code in question as RCU read-side critical sections to avoid\nany potential use-after-free issues.\n\nNote that the temperature event handler looks like a place holder\ncurrently but would still trigger an RCU lockdep splat.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:29.522Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/774de37c147fea81f2c2e4be5082304f4f71d535" }, { "url": "https://git.kernel.org/stable/c/d7a5f7f76568e48869916d769e28b9f3ca70c78e" }, { "url": "https://git.kernel.org/stable/c/69bd216e049349886405b1c87a55dce3d35d1ba7" } ], "title": "wifi: ath12k: fix dfs-radar and temperature event locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52776", "datePublished": "2024-05-21T15:30:56.906Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:29.522Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52877
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52877", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T19:16:07.522837Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T19:16:15.611Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.091Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/typec/tcpm/tcpm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e5f53a68a596", "status": "affected", "version": "5e1d4c49fbc8", "versionType": "git" }, { "lessThan": "e7a802447c49", "status": "affected", "version": "5e1d4c49fbc8", "versionType": "git" }, { "lessThan": "9ee038590d80", "status": "affected", "version": "5e1d4c49fbc8", "versionType": "git" }, { "lessThan": "b37a168c0137", "status": "affected", "version": "5e1d4c49fbc8", "versionType": "git" }, { "lessThan": "4987daf86c15", "status": "affected", "version": "5e1d4c49fbc8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/typec/tcpm/tcpm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.138", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.62", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.11", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.1", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()\n\nIt is possible that typec_register_partner() returns ERR_PTR on failure.\nWhen port-\u003epartner is an error, a NULL pointer dereference may occur as\nshown below.\n\n[91222.095236][ T319] typec port0: failed to register partner (-17)\n...\n[91225.061491][ T319] Unable to handle kernel NULL pointer dereference\nat virtual address 000000000000039f\n[91225.274642][ T319] pc : tcpm_pd_data_request+0x310/0x13fc\n[91225.274646][ T319] lr : tcpm_pd_data_request+0x298/0x13fc\n[91225.308067][ T319] Call trace:\n[91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc\n[91225.308073][ T319] tcpm_pd_rx_handler+0x100/0x9e8\n[91225.355900][ T319] kthread_worker_fn+0x178/0x58c\n[91225.355902][ T319] kthread+0x150/0x200\n[91225.355905][ T319] ret_from_fork+0x10/0x30\n\nAdd a check for port-\u003epartner to avoid dereferencing a NULL pointer." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:24.817Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac" }, { "url": "https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc" }, { "url": "https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08" }, { "url": "https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b" }, { "url": "https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b" } ], "title": "usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52877", "datePublished": "2024-05-21T15:32:09.946Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:24.817Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47494
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47494", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:38:36.269063Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:18.041Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/net/cfg80211.h", "net/wireless/core.c", "net/wireless/core.h", "net/wireless/mlme.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4c22227e39c7", "status": "affected", "version": "6cd536fe62ef", "versionType": "git" }, { "lessThan": "3c897f39b71f", "status": "affected", "version": "6cd536fe62ef", "versionType": "git" }, { "lessThan": "09b1d5dc6ce1", "status": "affected", "version": "6cd536fe62ef", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/net/cfg80211.h", "net/wireless/core.c", "net/wireless/core.h", "net/wireless/mlme.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: fix management registrations locking\n\nThe management registrations locking was broken, the list was\nlocked for each wdev, but cfg80211_mgmt_registrations_update()\niterated it without holding all the correct spinlocks, causing\nlist corruption.\n\nRather than trying to fix it with fine-grained locking, just\nmove the lock to the wiphy/rdev (still need the list on each\nwdev), we already need to hold the wdev lock to change it, so\nthere\u0027s no contention on the lock in any case. This trivially\nfixes the bug since we hold one wdev\u0027s lock already, and now\nwill hold the lock that protects all lists." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:00.210Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4c22227e39c7a0b4dab55617ee8d34d171fab8d4" }, { "url": "https://git.kernel.org/stable/c/3c897f39b71fe68f90599f6a45b5f7bf5618420e" }, { "url": "https://git.kernel.org/stable/c/09b1d5dc6ce1c9151777f6c4e128a59457704c97" } ], "title": "cfg80211: fix management registrations locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47494", "datePublished": "2024-05-22T08:19:42.083Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:07:00.210Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52706
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52706", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T17:18:55.625779Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-05T17:19:03.460Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.922Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/854e1ecff266033d3149666d3c5b8b0e174b4210" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpio/gpio-sim.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "854e1ecff266", "status": "affected", "version": "cb8c474e79be", "versionType": "git" }, { "lessThan": "79eeab1d85e0", "status": "affected", "version": "cb8c474e79be", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpio/gpio-sim.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.17" }, { "lessThan": "5.17", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: sim: fix a memory leak\n\nFix an inverted logic bug in gpio_sim_remove_hogs() that leads to GPIO\nhog structures never being freed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:33.229Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/854e1ecff266033d3149666d3c5b8b0e174b4210" }, { "url": "https://git.kernel.org/stable/c/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b" } ], "title": "gpio: sim: fix a memory leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52706", "datePublished": "2024-05-21T15:22:54.679Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:33.229Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52859
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.049Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52859", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:28.164920Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.164Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0e1e88bba286", "status": "affected", "version": "3bf30882c3c7", "versionType": "git" }, { "lessThan": "b660420f449d", "status": "affected", "version": "3bf30882c3c7", "versionType": "git" }, { "lessThan": "3405f364f82d", "status": "affected", "version": "3bf30882c3c7", "versionType": "git" }, { "lessThan": "75bab28ffd05", "status": "affected", "version": "3bf30882c3c7", "versionType": "git" }, { "lessThan": "b805cafc604b", "status": "affected", "version": "3bf30882c3c7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/perf/hisilicon/hisi_uncore_pa_pmu.c", "drivers/perf/hisilicon/hisi_uncore_sllc_pmu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: hisi: Fix use-after-free when register pmu fails\n\nWhen we fail to register the uncore pmu, the pmu context may not been\nallocated. The error handing will call cpuhp_state_remove_instance()\nto call uncore pmu offline callback, which migrate the pmu context.\nSince that\u0027s liable to lead to some kind of use-after-free.\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been failed to register." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:01.591Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0e1e88bba286621b886218363de07b319d6208b2" }, { "url": "https://git.kernel.org/stable/c/b660420f449d094b1fabfa504889810b3a63cdd5" }, { "url": "https://git.kernel.org/stable/c/3405f364f82d4f5407a8b4c519dc15d24b847fda" }, { "url": "https://git.kernel.org/stable/c/75bab28ffd05ec8879c197890b1bd1dfec8d3f63" }, { "url": "https://git.kernel.org/stable/c/b805cafc604bfdb671fae7347a57f51154afa735" } ], "title": "perf: hisi: Fix use-after-free when register pmu fails", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52859", "datePublished": "2024-05-21T15:31:52.546Z", "dateReserved": "2024-05-21T15:19:24.260Z", "dateUpdated": "2024-11-04T14:54:01.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47337
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.569Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d2f0b960d07e52bb664471b4de0ed8b08c636b3a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f3d0a109240c9bed5c60d819014786be3a2fe515" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e1bd3fac2baa3d5c04375980c1d5263a3335af92" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/887bfae2732b5b02a86a859fd239d34f7ff93c05" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ea518b70ed5e4598c8d706f37fc16f7b06e440bd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e4212ecf0713dd57d0e3209a66201da582149b1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c1671d2d2ef8a84837eea1b4d99ca0c6a66fb691" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/93aa71ad7379900e61c8adff6a710a4c18c7c99b" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47337", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:38:56.617775Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:50.372Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/hosts.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d2f0b960d07e", "status": "affected", "version": "8958181c1663", "versionType": "git" }, { "lessThan": "f3d0a109240c", "status": "affected", "version": "db08ce595dd6", "versionType": "git" }, { "lessThan": "e1bd3fac2baa", "status": "affected", "version": "2dc85045ae65", "versionType": "git" }, { "lessThan": "887bfae2732b", "status": "affected", "version": "79296e292d67", "versionType": "git" }, { "lessThan": "ea518b70ed5e", "status": "affected", "version": "7a696ce1d5d1", "versionType": "git" }, { "lessThan": "8e4212ecf071", "status": "affected", "version": "45d83db47281", "versionType": "git" }, { "lessThan": "c1671d2d2ef8", "status": "affected", "version": "66a834d09293", "versionType": "git" }, { "lessThan": "93aa71ad7379", "status": "affected", "version": "66a834d09293", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/hosts.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.276", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.240", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.198", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.134", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.52", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.19", "versionType": "semver" }, { "lessThanOrEqual": "5.13.*", "status": "unaffected", "version": "5.13.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n\nCommit 66a834d09293 (\"scsi: core: Fix error handling of scsi_host_alloc()\")\nchanged the allocation logic to call put_device() to perform host cleanup\nwith the assumption that IDA removal and stopping the kthread would\nproperly be performed in scsi_host_dev_release(). However, in the unlikely\ncase that the error handler thread fails to spawn, shost-\u003eehandler is set\nto ERR_PTR(-ENOMEM).\n\nThe error handler cleanup code in scsi_host_dev_release() will call\nkthread_stop() if shost-\u003eehandler != NULL which will always be the case\nwhether the kthread was successfully spawned or not. In the case that it\nfailed to spawn this has the nasty side effect of trying to dereference an\ninvalid pointer when kthread_stop() is called. The following splat provides\nan example of this behavior in the wild:\n\nscsi host11: error handler thread failed to spawn, error = -4\nKernel attempted to read user page (10c) - exploit attempt? (uid: 0)\nBUG: Kernel NULL pointer dereference on read at 0x0000010c\nFaulting instruction address: 0xc00000000818e9a8\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: ibmvscsi(+) scsi_transport_srp dm_multipath dm_mirror dm_region\n hash dm_log dm_mod fuse overlay squashfs loop\nCPU: 12 PID: 274 Comm: systemd-udevd Not tainted 5.13.0-rc7 #1\nNIP: c00000000818e9a8 LR: c0000000089846e8 CTR: 0000000000007ee8\nREGS: c000000037d12ea0 TRAP: 0300 Not tainted (5.13.0-rc7)\nMSR: 800000000280b033 \u0026lt;SF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u0026gt; CR: 28228228\nXER: 20040001\nCFAR: c0000000089846e4 DAR: 000000000000010c DSISR: 40000000 IRQMASK: 0\nGPR00: c0000000089846e8 c000000037d13140 c000000009cc1100 fffffffffffffffc\nGPR04: 0000000000000001 0000000000000000 0000000000000000 c000000037dc0000\nGPR08: 0000000000000000 c000000037dc0000 0000000000000001 00000000fffff7ff\nGPR12: 0000000000008000 c00000000a049000 c000000037d13d00 000000011134d5a0\nGPR16: 0000000000001740 c0080000190d0000 c0080000190d1740 c000000009129288\nGPR20: c000000037d13bc0 0000000000000001 c000000037d13bc0 c0080000190b7898\nGPR24: c0080000190b7708 0000000000000000 c000000033bb2c48 0000000000000000\nGPR28: c000000046b28280 0000000000000000 000000000000010c fffffffffffffffc\nNIP [c00000000818e9a8] kthread_stop+0x38/0x230\nLR [c0000000089846e8] scsi_host_dev_release+0x98/0x160\nCall Trace:\n[c000000033bb2c48] 0xc000000033bb2c48 (unreliable)\n[c0000000089846e8] scsi_host_dev_release+0x98/0x160\n[c00000000891e960] device_release+0x60/0x100\n[c0000000087e55c4] kobject_release+0x84/0x210\n[c00000000891ec78] put_device+0x28/0x40\n[c000000008984ea4] scsi_host_alloc+0x314/0x430\n[c0080000190b38bc] ibmvscsi_probe+0x54/0xad0 [ibmvscsi]\n[c000000008110104] vio_bus_probe+0xa4/0x4b0\n[c00000000892a860] really_probe+0x140/0x680\n[c00000000892aefc] driver_probe_device+0x15c/0x200\n[c00000000892b63c] device_driver_attach+0xcc/0xe0\n[c00000000892b740] __driver_attach+0xf0/0x200\n[c000000008926f28] bus_for_each_dev+0xa8/0x130\n[c000000008929ce4] driver_attach+0x34/0x50\n[c000000008928fc0] bus_add_driver+0x1b0/0x300\n[c00000000892c798] driver_register+0x98/0x1a0\n[c00000000810eb60] __vio_register_driver+0x80/0xe0\n[c0080000190b4a30] ibmvscsi_module_init+0x9c/0xdc [ibmvscsi]\n[c0000000080121d0] do_one_initcall+0x60/0x2d0\n[c000000008261abc] do_init_module+0x7c/0x320\n[c000000008265700] load_module+0x2350/0x25b0\n[c000000008265cb4] __do_sys_finit_module+0xd4/0x160\n[c000000008031110] system_call_exception+0x150/0x2d0\n[c00000000800d35c] system_call_common+0xec/0x278\n\nFix this be nulling shost-\u003eehandler when the kthread fails to spawn." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:03:56.937Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d2f0b960d07e52bb664471b4de0ed8b08c636b3a" }, { "url": "https://git.kernel.org/stable/c/f3d0a109240c9bed5c60d819014786be3a2fe515" }, { "url": "https://git.kernel.org/stable/c/e1bd3fac2baa3d5c04375980c1d5263a3335af92" }, { "url": "https://git.kernel.org/stable/c/887bfae2732b5b02a86a859fd239d34f7ff93c05" }, { "url": "https://git.kernel.org/stable/c/ea518b70ed5e4598c8d706f37fc16f7b06e440bd" }, { "url": "https://git.kernel.org/stable/c/8e4212ecf0713dd57d0e3209a66201da582149b1" }, { "url": "https://git.kernel.org/stable/c/c1671d2d2ef8a84837eea1b4d99ca0c6a66fb691" }, { "url": "https://git.kernel.org/stable/c/93aa71ad7379900e61c8adff6a710a4c18c7c99b" } ], "title": "scsi: core: Fix bad pointer dereference when ehandler kthread is invalid", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47337", "datePublished": "2024-05-21T14:35:46.379Z", "dateReserved": "2024-05-21T14:28:16.978Z", "dateUpdated": "2024-11-04T12:03:56.937Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47411
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-25T13:30:07.769Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47411", "datePublished": "2024-05-21T15:04:02.643Z", "dateRejected": "2024-05-25T13:30:07.769Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-05-25T13:30:07.769Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52735
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "1da177e4c3f4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.95" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.2" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52735", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:57:06.250837Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:39.551Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.223Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/core/sock_map.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f312367f5246", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "749985988148", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5b4a79ba65a1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/core/sock_map.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:41.369Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba" }, { "url": "https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49" }, { "url": "https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9" } ], "title": "bpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52735", "datePublished": "2024-05-21T15:22:59.893Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:41.369Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47270
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.023Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47270", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:39:41.783429Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:47.414Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/gadget/function/f_ecm.c", "drivers/usb/gadget/function/f_eem.c", "drivers/usb/gadget/function/f_hid.c", "drivers/usb/gadget/function/f_loopback.c", "drivers/usb/gadget/function/f_printer.c", "drivers/usb/gadget/function/f_rndis.c", "drivers/usb/gadget/function/f_serial.c", "drivers/usb/gadget/function/f_sourcesink.c", "drivers/usb/gadget/function/f_subset.c", "drivers/usb/gadget/function/f_tcm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "beb1e67a5ca8", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "8cd5f45c1b76", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "10770d2ac009", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "b4903f7fdc48", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "4b289a0f3033", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "f17aae7c4009", "status": "affected", "version": "eaef50c76057", "versionType": "git" }, { "lessThan": "90c4d05780d4", "status": "affected", "version": "eaef50c76057", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/gadget/function/f_ecm.c", "drivers/usb/gadget/function/f_eem.c", "drivers/usb/gadget/function/f_hid.c", "drivers/usb/gadget/function/f_loopback.c", "drivers/usb/gadget/function/f_printer.c", "drivers/usb/gadget/function/f_rndis.c", "drivers/usb/gadget/function/f_serial.c", "drivers/usb/gadget/function/f_sourcesink.c", "drivers/usb/gadget/function/f_subset.c", "drivers/usb/gadget/function/f_tcm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.6" }, { "lessThan": "4.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.273", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.237", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.195", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.126", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.44", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.11", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:02:41.438Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c" }, { "url": "https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee" }, { "url": "https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5" }, { "url": "https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db" }, { "url": "https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2" }, { "url": "https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc" }, { "url": "https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25" } ], "title": "usb: fix various gadgets null ptr deref on 10gbps cabling.", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47270", "datePublished": "2024-05-21T14:19:59.874Z", "dateReserved": "2024-05-21T13:27:52.127Z", "dateUpdated": "2024-11-04T12:02:41.438Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47368
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "4c4c3052911b", "status": "affected", "version": "d4fd0404c1c9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "6c3f1b741c6c", "status": "affected", "version": "d4fd0404c1c9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "6f329d9da2a5", "status": "affected", "version": "d4fd0404c1c9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "7237a494decf", "status": "affected", "version": "d4fd0404c1c9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.1" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.1", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.150", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.70", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47368", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T20:50:21.709936Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T20:50:27.716Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.655Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/freescale/enetc/enetc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4c4c3052911b", "status": "affected", "version": "d4fd0404c1c9", "versionType": "git" }, { "lessThan": "6c3f1b741c6c", "status": "affected", "version": "d4fd0404c1c9", "versionType": "git" }, { "lessThan": "6f329d9da2a5", "status": "affected", "version": "d4fd0404c1c9", "versionType": "git" }, { "lessThan": "7237a494decf", "status": "affected", "version": "d4fd0404c1c9", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/freescale/enetc/enetc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.1" }, { "lessThan": "5.1", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.150", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.70", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.9", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nenetc: Fix illegal access when reading affinity_hint\n\nirq_set_affinity_hit() stores a reference to the cpumask_t\nparameter in the irq descriptor, and that reference can be\naccessed later from irq_affinity_hint_proc_show(). Since\nthe cpu_mask parameter passed to irq_set_affinity_hit() has\nonly temporary storage (it\u0027s on the stack memory), later\naccesses to it are illegal. Thus reads from the corresponding\nprocfs affinity_hint file can result in paging request oops.\n\nThe issue is fixed by the get_cpu_mask() helper, which provides\na permanent storage for the cpumask_t parameter." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:04:35.269Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28" }, { "url": "https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b" }, { "url": "https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270" }, { "url": "https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90" } ], "title": "enetc: Fix illegal access when reading affinity_hint", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47368", "datePublished": "2024-05-21T15:03:34.494Z", "dateReserved": "2024-05-21T14:58:30.810Z", "dateUpdated": "2024-11-04T12:04:35.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52745
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a779187db39b2f32d048a752573e56e4e77807f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b1afb666c32931667c15ad1b58e7203f0119dcaf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7197460dcd43ff0e4a502ba855dd82d37c2848cc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e632291a2dbce45a24cddeb5fe28fe71d724ba43" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52745", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:28.815664Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:34.534Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/ulp/ipoib/ipoib_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4a779187db39", "status": "affected", "version": "d4bf3fcccd18", "versionType": "git" }, { "lessThan": "b1afb666c329", "status": "affected", "version": "d21714134505", "versionType": "git" }, { "lessThan": "1b4ef90cbcfa", "status": "affected", "version": "ca48174a7643", "versionType": "git" }, { "lessThan": "7197460dcd43", "status": "affected", "version": "ee0e9b2c4b9c", "versionType": "git" }, { "lessThan": "e632291a2dbc", "status": "affected", "version": "dbc94a0fb817", "versionType": "git" } ] }, { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/ulp/ipoib/ipoib_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5.4.232", "status": "affected", "version": "5.4.229", "versionType": "semver" }, { "lessThan": "5.10.168", "status": "affected", "version": "5.10.163", "versionType": "semver" }, { "lessThan": "5.15.94", "status": "affected", "version": "5.15.86", "versionType": "semver" }, { "lessThan": "6.1.12", "status": "affected", "version": "6.1.2", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/IPoIB: Fix legacy IPoIB due to wrong number of queues\n\nThe cited commit creates child PKEY interfaces over netlink will\nmultiple tx and rx queues, but some devices doesn\u0027t support more than 1\ntx and 1 rx queues. This causes to a crash when traffic is sent over the\nPKEY interface due to the parent having a single queue but the child\nhaving multiple queues.\n\nThis patch fixes the number of queues to 1 for legacy IPoIB at the\nearliest possible point in time.\n\nBUG: kernel NULL pointer dereference, address: 000000000000036b\nPGD 0 P4D 0\nOops: 0000 [#1] SMP\nCPU: 4 PID: 209665 Comm: python3 Not tainted 6.1.0_for_upstream_min_debug_2022_12_12_17_02 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:kmem_cache_alloc+0xcb/0x450\nCode: ce 7e 49 8b 50 08 49 83 78 10 00 4d 8b 28 0f 84 cb 02 00 00 4d 85 ed 0f 84 c2 02 00 00 41 8b 44 24 28 48 8d 4a\n01 49 8b 3c 24 \u003c49\u003e 8b 5c 05 00 4c 89 e8 65 48 0f c7 0f 0f 94 c0 84 c0 74 b8 41 8b\nRSP: 0018:ffff88822acbbab8 EFLAGS: 00010202\nRAX: 0000000000000070 RBX: ffff8881c28e3e00 RCX: 00000000064f8dae\nRDX: 00000000064f8dad RSI: 0000000000000a20 RDI: 0000000000030d00\nRBP: 0000000000000a20 R08: ffff8882f5d30d00 R09: ffff888104032f40\nR10: ffff88810fade828 R11: 736f6d6570736575 R12: ffff88810081c000\nR13: 00000000000002fb R14: ffffffff817fc865 R15: 0000000000000000\nFS: 00007f9324ff9700(0000) GS:ffff8882f5d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000036b CR3: 00000001125af004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_clone+0x55/0xd0\n ip6_finish_output2+0x3fe/0x690\n ip6_finish_output+0xfa/0x310\n ip6_send_skb+0x1e/0x60\n udp_v6_send_skb+0x1e5/0x420\n udpv6_sendmsg+0xb3c/0xe60\n ? ip_mc_finish_output+0x180/0x180\n ? __switch_to_asm+0x3a/0x60\n ? __switch_to_asm+0x34/0x60\n sock_sendmsg+0x33/0x40\n __sys_sendto+0x103/0x160\n ? _copy_to_user+0x21/0x30\n ? kvm_clock_get_cycles+0xd/0x10\n ? ktime_get_ts64+0x49/0xe0\n __x64_sys_sendto+0x25/0x30\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f9374f1ed14\nCode: 42 41 f8 ff 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b\n7c 24 08 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 68 41 f8 ff 48 8b\nRSP: 002b:00007f9324ff7bd0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9324ff7cc8 RCX: 00007f9374f1ed14\nRDX: 00000000000002fb RSI: 00007f93000052f0 RDI: 0000000000000030\nRBP: 0000000000000000 R08: 00007f9324ff7d40 R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\nR13: 000000012a05f200 R14: 0000000000000001 R15: 00007f9374d57bdc\n \u003c/TASK\u003e" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:53.382Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4a779187db39b2f32d048a752573e56e4e77807f" }, { "url": "https://git.kernel.org/stable/c/b1afb666c32931667c15ad1b58e7203f0119dcaf" }, { "url": "https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6" }, { "url": "https://git.kernel.org/stable/c/7197460dcd43ff0e4a502ba855dd82d37c2848cc" }, { "url": "https://git.kernel.org/stable/c/e632291a2dbce45a24cddeb5fe28fe71d724ba43" } ], "title": "IB/IPoIB: Fix legacy IPoIB due to wrong number of queues", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52745", "datePublished": "2024-05-21T15:23:06.595Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:53.382Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52767
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52767", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:35:50.400144Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:42.766Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.999Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/944900fe2736c07288efe2d9394db4d3ca23f2c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2214e2bb5489145aba944874d0ee1652a0a63dc8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53f2cb491b500897a619ff6abd72f565933760f0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/tls/tls_sw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "944900fe2736", "status": "affected", "version": "5ad627faed13", "versionType": "git" }, { "lessThan": "2214e2bb5489", "status": "affected", "version": "df720d288dbb", "versionType": "git" }, { "lessThan": "53f2cb491b50", "status": "affected", "version": "df720d288dbb", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/tls/tls_sw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix NULL deref on tls_sw_splice_eof() with empty record\n\nsyzkaller discovered that if tls_sw_splice_eof() is executed as part of\nsendfile() when the plaintext/ciphertext sk_msg are empty, the send path\ngets confused because the empty ciphertext buffer does not have enough\nspace for the encryption overhead. This causes tls_push_record() to go on\nthe `split = true` path (which is only supposed to be used when interacting\nwith an attached BPF program), and then get further confused and hit the\ntls_merge_open_record() path, which then assumes that there must be at\nleast one populated buffer element, leading to a NULL deref.\n\nIt is possible to have empty plaintext/ciphertext buffers if we previously\nbailed from tls_sw_sendmsg_locked() via the tls_trim_both_msgs() path.\ntls_sw_push_pending_record() already handles this case correctly; let\u0027s do\nthe same check in tls_sw_splice_eof()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:18.239Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/944900fe2736c07288efe2d9394db4d3ca23f2c9" }, { "url": "https://git.kernel.org/stable/c/2214e2bb5489145aba944874d0ee1652a0a63dc8" }, { "url": "https://git.kernel.org/stable/c/53f2cb491b500897a619ff6abd72f565933760f0" } ], "title": "tls: fix NULL deref on tls_sw_splice_eof() with empty record", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52767", "datePublished": "2024-05-21T15:30:50.993Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:18.239Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52783
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52783", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:46:59.012551Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:56.974Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.842Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/wangxun/libwx/wx_hw.c", "drivers/net/ethernet/wangxun/ngbe/ngbe_main.c", "drivers/net/ethernet/wangxun/txgbe/txgbe_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "61a550716539", "status": "affected", "version": "79625f45ca73", "versionType": "git" }, { "lessThan": "8ba2c459668c", "status": "affected", "version": "79625f45ca73", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/wangxun/libwx/wx_hw.c", "drivers/net/ethernet/wangxun/ngbe/ngbe_main.c", "drivers/net/ethernet/wangxun/txgbe/txgbe_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wangxun: fix kernel panic due to null pointer\n\nWhen the device uses a custom subsystem vendor ID, the function\nwx_sw_init() returns before the memory of \u0027wx-\u003emac_table\u0027 is allocated.\nThe null pointer will causes the kernel panic." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:39.107Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/61a55071653974dab172d4c5d699bb365cfd13c9" }, { "url": "https://git.kernel.org/stable/c/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013" } ], "title": "net: wangxun: fix kernel panic due to null pointer", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52783", "datePublished": "2024-05-21T15:31:01.598Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:39.107Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52784
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52784", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T18:34:45.558216Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:37.337Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/bonding/bond_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b4f0e605a508", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "396baca6683f", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "53064e8239dd", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "19554aa901b5", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "87c49806a37f", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "d98c91215a57", "status": "affected", "version": "872254dd6b1f", "versionType": "git" }, { "lessThan": "3cffa2ddc4d3", "status": "affected", "version": "872254dd6b1f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/bonding/bond_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.24" }, { "lessThan": "2.6.24", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:40.349Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe" }, { "url": "https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc" }, { "url": "https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c" }, { "url": "https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4" }, { "url": "https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c" }, { "url": "https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859" }, { "url": "https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2" } ], "title": "bonding: stop the device in bond_setup_by_slave()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52784", "datePublished": "2024-05-21T15:31:02.362Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:40.349Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52826
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52826", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T16:22:54.826543Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:44.202Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.076Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/84c923d898905187ebfd4c0ef38cd1450af7e0ea" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d0bc9ab0a161a9745273f5bf723733a8e6c57aca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9268bfd76bebc85ff221691b61498cc16d75451c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eaede6900c0961b072669d6bd97fe8f90ed1900f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f22def5970c423ea7f87d5247bd0ef91416b0658" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/panel/panel-tpo-tpg110.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9acc2bc00135", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "84c923d89890", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d0bc9ab0a161", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9268bfd76beb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eaede6900c09", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f22def5970c4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/panel/panel-tpo-tpg110.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:23.449Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc" }, { "url": "https://git.kernel.org/stable/c/84c923d898905187ebfd4c0ef38cd1450af7e0ea" }, { "url": "https://git.kernel.org/stable/c/d0bc9ab0a161a9745273f5bf723733a8e6c57aca" }, { "url": "https://git.kernel.org/stable/c/9268bfd76bebc85ff221691b61498cc16d75451c" }, { "url": "https://git.kernel.org/stable/c/eaede6900c0961b072669d6bd97fe8f90ed1900f" }, { "url": "https://git.kernel.org/stable/c/f22def5970c423ea7f87d5247bd0ef91416b0658" } ], "title": "drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52826", "datePublished": "2024-05-21T15:31:30.184Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-11-04T14:53:23.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52857
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52857", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:34:11.546564Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:02.750Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.048Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/mediatek/mtk_drm_gem.c", "drivers/gpu/drm/mediatek/mtk_drm_plane.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0d8a1df39d3f", "status": "affected", "version": "1a64a7aff8da", "versionType": "git" }, { "lessThan": "96312a251d4d", "status": "affected", "version": "1a64a7aff8da", "versionType": "git" }, { "lessThan": "b0b0d811eac6", "status": "affected", "version": "1a64a7aff8da", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/mediatek/mtk_drm_gem.c", "drivers/gpu/drm/mediatek/mtk_drm_plane.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix coverity issue with unintentional integer overflow\n\n1. Instead of multiplying 2 variable of different types. Change to\nassign a value of one variable and then multiply the other variable.\n\n2. Add a int variable for multiplier calculation instead of calculating\ndifferent types multiplier with dma_addr_t variable directly." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:58.971Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0d8a1df39d3fc34560e2cc663b5c340d06a25396" }, { "url": "https://git.kernel.org/stable/c/96312a251d4dcee5d36e32edba3002bfde0ddd9c" }, { "url": "https://git.kernel.org/stable/c/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7" } ], "title": "drm/mediatek: Fix coverity issue with unintentional integer overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52857", "datePublished": "2024-05-21T15:31:51.232Z", "dateReserved": "2024-05-21T15:19:24.258Z", "dateUpdated": "2024-11-04T14:53:58.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47493
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47493", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-06T18:35:17.607326Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:35:30.175Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.750Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ocfs2/suballoc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5043fbd294f5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2e382600e885", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6f1b228529ae", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ocfs2/suballoc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix race between searching chunks and release journal_head from buffer_head\n\nEncountered a race between ocfs2_test_bg_bit_allocatable() and\njbd2_journal_put_journal_head() resulting in the below vmcore.\n\n PID: 106879 TASK: ffff880244ba9c00 CPU: 2 COMMAND: \"loop3\"\n Call trace:\n panic\n oops_end\n no_context\n __bad_area_nosemaphore\n bad_area_nosemaphore\n __do_page_fault\n do_page_fault\n page_fault\n [exception RIP: ocfs2_block_group_find_clear_bits+316]\n ocfs2_block_group_find_clear_bits [ocfs2]\n ocfs2_cluster_group_search [ocfs2]\n ocfs2_search_chain [ocfs2]\n ocfs2_claim_suballoc_bits [ocfs2]\n __ocfs2_claim_clusters [ocfs2]\n ocfs2_claim_clusters [ocfs2]\n ocfs2_local_alloc_slide_window [ocfs2]\n ocfs2_reserve_local_alloc_bits [ocfs2]\n ocfs2_reserve_clusters_with_limit [ocfs2]\n ocfs2_reserve_clusters [ocfs2]\n ocfs2_lock_refcount_allocators [ocfs2]\n ocfs2_make_clusters_writable [ocfs2]\n ocfs2_replace_cow [ocfs2]\n ocfs2_refcount_cow [ocfs2]\n ocfs2_file_write_iter [ocfs2]\n lo_rw_aio\n loop_queue_work\n kthread_worker_fn\n kthread\n ret_from_fork\n\nWhen ocfs2_test_bg_bit_allocatable() called bh2jh(bg_bh), the\nbg_bh-\u003eb_private NULL as jbd2_journal_put_journal_head() raced and\nreleased the jounal head from the buffer head. Needed to take bit lock\nfor the bit \u0027BH_JournalHead\u0027 to fix this race." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:59.024Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5043fbd294f5909a080ade0f04b70a4da9e122b7" }, { "url": "https://git.kernel.org/stable/c/2e382600e8856ea654677b5134ee66e03ea72bc2" }, { "url": "https://git.kernel.org/stable/c/6f1b228529ae49b0f85ab89bcdb6c365df401558" } ], "title": "ocfs2: fix race between searching chunks and release journal_head from buffer_head", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47493", "datePublished": "2024-05-22T08:19:41.419Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:59.024Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52808
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52808", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:30:55.612970Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:03.695Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.709Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/hisi_sas/hisi_sas_v3_hw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f0bfc8a5561f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "33331b265aac", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "75a2656260fe", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b4465009e7d6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6de426f9276c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/hisi_sas/hisi_sas_v3_hw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs\n\nIf init debugfs failed during device registration due to memory allocation\nfailure, debugfs_remove_recursive() is called, after which debugfs_dir is\nnot set to NULL. debugfs_remove_recursive() will be called again during\ndevice removal. As a result, illegal pointer is accessed.\n\n[ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs!\n...\n[ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[ 1669.872669] pc : down_write+0x24/0x70\n[ 1669.876315] lr : down_write+0x1c/0x70\n[ 1669.879961] sp : ffff000036f53a30\n[ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8\n[ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000\n[ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270\n[ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8\n[ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310\n[ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10\n[ 1669.914982] x17: 0000000000000000 x16: 0000000000000000\n[ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870\n[ 1669.925555] x13: 0000000000000040 x12: 0000000000000228\n[ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0\n[ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10\n[ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff\n[ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00\n[ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000\n[ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001\n[ 1669.962563] Call trace:\n[ 1669.965000] down_write+0x24/0x70\n[ 1669.968301] debugfs_remove_recursive+0x5c/0x1b0\n[ 1669.972905] hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main]\n[ 1669.978541] hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw]\n[ 1669.984175] pci_device_remove+0x48/0xd8\n[ 1669.988082] device_release_driver_internal+0x1b4/0x250\n[ 1669.993282] device_release_driver+0x28/0x38\n[ 1669.997534] pci_stop_bus_device+0x84/0xb8\n[ 1670.001611] pci_stop_and_remove_bus_device_locked+0x24/0x40\n[ 1670.007244] remove_store+0xfc/0x140\n[ 1670.010802] dev_attr_store+0x44/0x60\n[ 1670.014448] sysfs_kf_write+0x58/0x80\n[ 1670.018095] kernfs_fop_write+0xe8/0x1f0\n[ 1670.022000] __vfs_write+0x60/0x190\n[ 1670.025472] vfs_write+0xac/0x1c0\n[ 1670.028771] ksys_write+0x6c/0xd8\n[ 1670.032071] __arm64_sys_write+0x24/0x30\n[ 1670.035977] el0_svc_common+0x78/0x130\n[ 1670.039710] el0_svc_handler+0x38/0x78\n[ 1670.043442] el0_svc+0x8/0xc\n\nTo fix this, set debugfs_dir to NULL after debugfs_remove_recursive()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:06.905Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3" }, { "url": "https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec" }, { "url": "https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db" }, { "url": "https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be" }, { "url": "https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be" } ], "title": "scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52808", "datePublished": "2024-05-21T15:31:18.330Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:06.905Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52793
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-24T04:35:34.485Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52793", "datePublished": "2024-05-21T15:31:08.299Z", "dateRejected": "2024-05-24T04:35:34.485Z", "dateReserved": "2024-05-21T15:19:24.246Z", "dateUpdated": "2024-05-24T04:35:34.485Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47437
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47437", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:17:08.445721Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:58.331Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.217Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/iio/imu/adis16475.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "04e03b907022", "status": "affected", "version": "39c024b51b56", "versionType": "git" }, { "lessThan": "9da1b86865ab", "status": "affected", "version": "39c024b51b56", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/iio/imu/adis16475.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adis16475: fix deadlock on frequency set\n\nWith commit 39c024b51b560\n(\"iio: adis16475: improve sync scale mode handling\"), two deadlocks were\nintroduced:\n 1) The call to \u0027adis_write_reg_16()\u0027 was not changed to it\u0027s unlocked\n version.\n 2) The lock was not being released on the success path of the function.\n\nThis change fixes both these issues." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:52.945Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6" }, { "url": "https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73" } ], "title": "iio: adis16475: fix deadlock on frequency set", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47437", "datePublished": "2024-05-22T06:19:32.879Z", "dateReserved": "2024-05-21T14:58:30.831Z", "dateUpdated": "2024-11-04T12:05:52.945Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47473
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47473", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T15:51:49.368979Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:11.292Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/qla2xxx/qla_bsg.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "96f0aebf29be", "status": "affected", "version": "8c0eb596baa5", "versionType": "git" }, { "lessThan": "a7fbb56e6c94", "status": "affected", "version": "8c0eb596baa5", "versionType": "git" }, { "lessThan": "7fb223d0ad80", "status": "affected", "version": "8c0eb596baa5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/qla2xxx/qla_bsg.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.11" }, { "lessThan": "3.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()\n\nCommit 8c0eb596baa5 (\"[SCSI] qla2xxx: Fix a memory leak in an error path of\nqla2x00_process_els()\"), intended to change:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_HST_ELS_NOLOGIN\n\n\n bsg_job-\u003erequest-\u003emsgcode != FC_BSG_RPT_ELS\n\nbut changed it to:\n\n bsg_job-\u003erequest-\u003emsgcode == FC_BSG_RPT_ELS\n\ninstead.\n\nChange the == to a != to avoid leaking the fcport structure or freeing\nunallocated memory." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:36.599Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a" }, { "url": "https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e" }, { "url": "https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad" } ], "title": "scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47473", "datePublished": "2024-05-22T06:23:30.204Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-04T12:06:36.599Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52786
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52786", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T19:36:50.287766Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:16.597Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.517Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e3b83d87c93eb6fc96a80b5e8527f7dc9f5a11bc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7343c23ebcadbedc23a7063d1e24d976eccb0d0d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ce56d21355cd6f6937aca32f1f44ca749d1e4808" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ext4/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e3b83d87c93e", "status": "affected", "version": "310ee0902b8d", "versionType": "git" }, { "lessThan": "7343c23ebcad", "status": "affected", "version": "310ee0902b8d", "versionType": "git" }, { "lessThan": "ce56d21355cd", "status": "affected", "version": "310ee0902b8d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ext4/file.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.5" }, { "lessThan": "6.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix racy may inline data check in dio write\n\nsyzbot reports that the following warning from ext4_iomap_begin()\ntriggers as of the commit referenced below:\n\n if (WARN_ON_ONCE(ext4_has_inline_data(inode)))\n return -ERANGE;\n\nThis occurs during a dio write, which is never expected to encounter\nan inode with inline data. To enforce this behavior,\next4_dio_write_iter() checks the current inline state of the inode\nand clears the MAY_INLINE_DATA state flag to either fall back to\nbuffered writes, or enforce that any other writers in progress on\nthe inode are not allowed to create inline data.\n\nThe problem is that the check for existing inline data and the state\nflag can span a lock cycle. For example, if the ilock is originally\nlocked shared and subsequently upgraded to exclusive, another writer\nmay have reacquired the lock and created inline data before the dio\nwrite task acquires the lock and proceeds.\n\nThe commit referenced below loosens the lock requirements to allow\nsome forms of unaligned dio writes to occur under shared lock, but\nAFAICT the inline data check was technically already racy for any\ndio write that would have involved a lock cycle. Regardless, lift\nclearing of the state bit to the same lock critical section that\nchecks for preexisting inline data on the inode to close the race." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:42.837Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e3b83d87c93eb6fc96a80b5e8527f7dc9f5a11bc" }, { "url": "https://git.kernel.org/stable/c/7343c23ebcadbedc23a7063d1e24d976eccb0d0d" }, { "url": "https://git.kernel.org/stable/c/ce56d21355cd6f6937aca32f1f44ca749d1e4808" } ], "title": "ext4: fix racy may inline data check in dio write", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52786", "datePublished": "2024-05-21T15:31:03.694Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:42.837Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52819
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52819", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:21:07.724623Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T19:06:09.154Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.956Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "60a00dfc7c5d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a63fd579e7b1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d50a56749e5a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8c1dbddbfcb0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a237675aa1e6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d0725232da77", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7c68283f3166", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b3b8b7c040cf", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0f0e59075b5c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/pm/powerplay/hwmgr/pptable_v1_0.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:19.914Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6" }, { "url": "https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e" }, { "url": "https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679" }, { "url": "https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92" }, { "url": "https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1" }, { "url": "https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4" }, { "url": "https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216" }, { "url": "https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18" }, { "url": "https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356" } ], "title": "drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52819", "datePublished": "2024-05-21T15:31:25.582Z", "dateReserved": "2024-05-21T15:19:24.249Z", "dateUpdated": "2024-11-05T19:06:09.154Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52867
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52867", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:50:12.334865Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:41.676Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.225Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/radeon/evergreen.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "112d4b02d94b", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "caaa74541459", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "ddc42881f170", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "7b063c93bece", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "347f025a02b3", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "341e79f8aec6", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "d9b4fa249dea", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "19534a7a225f", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" }, { "lessThan": "dd05484f99d1", "status": "affected", "version": "5cc4e5fc293b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/radeon/evergreen.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.13" }, { "lessThan": "4.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:11.943Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783" }, { "url": "https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f" }, { "url": "https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783" }, { "url": "https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896" }, { "url": "https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94" }, { "url": "https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58" }, { "url": "https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e5c7a855" }, { "url": "https://git.kernel.org/stable/c/19534a7a225f1bf2da70a9a90d41d0215f8f6b45" }, { "url": "https://git.kernel.org/stable/c/dd05484f99d16715a88eedfca363828ef9a4c2d4" } ], "title": "drm/radeon: possible buffer overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52867", "datePublished": "2024-05-21T15:31:57.866Z", "dateReserved": "2024-05-21T15:19:24.262Z", "dateUpdated": "2024-11-04T14:54:11.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52830
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-05-22T11:37:09.061Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52830", "datePublished": "2024-05-21T15:31:32.881Z", "dateRejected": "2024-05-22T11:37:09.061Z", "dateReserved": "2024-05-21T15:19:24.251Z", "dateUpdated": "2024-05-22T11:37:09.061Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52768
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52768", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:50:15.574062Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T17:17:15.027Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.520Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/microchip/wilc1000/wlan.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "541b3757fd44", "status": "affected", "version": "32dd0b22a5ba", "versionType": "git" }, { "lessThan": "4b0d6ddb6466", "status": "affected", "version": "40b717bfcefa", "versionType": "git" }, { "lessThan": "6aaf7cd8bdfe", "status": "affected", "version": "40b717bfcefa", "versionType": "git" }, { "lessThan": "3ce1c2c3999b", "status": "affected", "version": "40b717bfcefa", "versionType": "git" }, { "lessThan": "05ac1a198a63", "status": "affected", "version": "40b717bfcefa", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/microchip/wilc1000/wlan.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: use vmm_table as array in wilc struct\n\nEnabling KASAN and running some iperf tests raises some memory issues with\nvmm_table:\n\nBUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4\nWrite of size 4 at addr c3a61540 by task wlan0-tx/95\n\nKASAN detects that we are writing data beyond range allocated to vmm_table.\nThere is indeed a mismatch between the size passed to allocator in\nwilc_wlan_init, and the range of possible indexes used later: allocation\nsize is missing a multiplication by sizeof(u32)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:19.457Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/541b3757fd443a68ed8d25968eae511a8275e7c8" }, { "url": "https://git.kernel.org/stable/c/4b0d6ddb6466d10df878a7787f175a0e4adc3e27" }, { "url": "https://git.kernel.org/stable/c/6aaf7cd8bdfe245d3c9a8b48fe70c2011965948e" }, { "url": "https://git.kernel.org/stable/c/3ce1c2c3999b232258f7aabab311d47dda75605c" }, { "url": "https://git.kernel.org/stable/c/05ac1a198a63ad66bf5ae8b7321407c102d40ef3" } ], "title": "wifi: wilc1000: use vmm_table as array in wilc struct", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52768", "datePublished": "2024-05-21T15:30:51.656Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-05T17:17:15.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52844
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "7a7899f6f58e" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.10" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.201" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.139" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.63" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.5.12" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.6.2" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52844", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T19:28:09.029238Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:14.051Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/media/test-drivers/vidtv/vidtv_psi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3387490c89b1", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" }, { "lessThan": "d17269fb9161", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" }, { "lessThan": "5c26aae37239", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" }, { "lessThan": "5cfcc8de7d73", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" }, { "lessThan": "a51335704a3f", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" }, { "lessThan": "76a2c5df6ca8", "status": "affected", "version": "7a7899f6f58e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/media/test-drivers/vidtv/vidtv_psi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: psi: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:43.448Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3387490c89b10aeb4e71d78b65dbc9ba4b2385b9" }, { "url": "https://git.kernel.org/stable/c/d17269fb9161995303985ab2fe6f16cfb72152f9" }, { "url": "https://git.kernel.org/stable/c/5c26aae3723965c291c65dd2ecad6a3240d422b0" }, { "url": "https://git.kernel.org/stable/c/5cfcc8de7d733a1137b86954cc28ce99972311ad" }, { "url": "https://git.kernel.org/stable/c/a51335704a3f90eaf23a6864faefca34b382490a" }, { "url": "https://git.kernel.org/stable/c/76a2c5df6ca8bd8ada45e953b8c72b746f42918d" } ], "title": "media: vidtv: psi: Add check for kstrdup", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52844", "datePublished": "2024-05-21T15:31:42.527Z", "dateReserved": "2024-05-21T15:19:24.254Z", "dateUpdated": "2024-11-04T14:53:43.448Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52705
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52705", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:32:06.834863Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:07.362Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:34.922Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/nilfs2/ioctl.c", "fs/nilfs2/super.c", "fs/nilfs2/the_nilfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2f7a1135b202", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b96591e2c35c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "52844d8382cd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0ee5ed0126a2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a158782b56b0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a8ef5109f93c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "99b9402a36f0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/nilfs2/ioctl.c", "fs/nilfs2/super.c", "fs/nilfs2/the_nilfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.306", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix underflow in second superblock position calculations\n\nMacro NILFS_SB2_OFFSET_BYTES, which computes the position of the second\nsuperblock, underflows when the argument device size is less than 4096\nbytes. Therefore, when using this macro, it is necessary to check in\nadvance that the device size is not less than a lower limit, or at least\nthat underflow does not occur.\n\nThe current nilfs2 implementation lacks this check, causing out-of-bound\nblock access when mounting devices smaller than 4096 bytes:\n\n I/O error, dev loop0, sector 36028797018963960 op 0x0:(READ) flags 0x0\n phys_seg 1 prio class 2\n NILFS (loop0): unable to read secondary superblock (blocksize = 1024)\n\nIn addition, when trying to resize the filesystem to a size below 4096\nbytes, this underflow occurs in nilfs_resize_fs(), passing a huge number\nof segments to nilfs_sufile_resize(), corrupting parameters such as the\nnumber of segments in superblocks. This causes excessive loop iterations\nin nilfs_sufile_resize() during a subsequent resize ioctl, causing\nsemaphore ns_segctor_sem to block for a long time and hang the writer\nthread:\n\n INFO: task segctord:5067 blocked for more than 143 seconds.\n Not tainted 6.2.0-rc8-syzkaller-00015-gf6feea56f66d #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:segctord state:D stack:23456 pid:5067 ppid:2\n flags:0x00004000\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x1409/0x43f0 kernel/sched/core.c:6606\n schedule+0xc3/0x190 kernel/sched/core.c:6682\n rwsem_down_write_slowpath+0xfcf/0x14a0 kernel/locking/rwsem.c:1190\n nilfs_transaction_lock+0x25c/0x4f0 fs/nilfs2/segment.c:357\n nilfs_segctor_thread_construct fs/nilfs2/segment.c:2486 [inline]\n nilfs_segctor_thread+0x52f/0x1140 fs/nilfs2/segment.c:2570\n kthread+0x270/0x300 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n ...\n Call Trace:\n \u003cTASK\u003e\n folio_mark_accessed+0x51c/0xf00 mm/swap.c:515\n __nilfs_get_page_block fs/nilfs2/page.c:42 [inline]\n nilfs_grab_buffer+0x3d3/0x540 fs/nilfs2/page.c:61\n nilfs_mdt_submit_block+0xd7/0x8f0 fs/nilfs2/mdt.c:121\n nilfs_mdt_read_block+0xeb/0x430 fs/nilfs2/mdt.c:176\n nilfs_mdt_get_block+0x12d/0xbb0 fs/nilfs2/mdt.c:251\n nilfs_sufile_get_segment_usage_block fs/nilfs2/sufile.c:92 [inline]\n nilfs_sufile_truncate_range fs/nilfs2/sufile.c:679 [inline]\n nilfs_sufile_resize+0x7a3/0x12b0 fs/nilfs2/sufile.c:777\n nilfs_resize_fs+0x20c/0xed0 fs/nilfs2/super.c:422\n nilfs_ioctl_resize fs/nilfs2/ioctl.c:1033 [inline]\n nilfs_ioctl+0x137c/0x2440 fs/nilfs2/ioctl.c:1301\n ...\n\nThis fixes these issues by inserting appropriate minimum device size\nchecks or anti-underflow checks, depending on where the macro is used." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:32.108Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b" }, { "url": "https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff" }, { "url": "https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f" }, { "url": "https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5" }, { "url": "https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205" }, { "url": "https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4" }, { "url": "https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d" } ], "title": "nilfs2: fix underflow in second superblock position calculations", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52705", "datePublished": "2024-05-21T15:22:54.015Z", "dateReserved": "2024-03-07T14:49:46.891Z", "dateUpdated": "2024-11-04T14:51:32.108Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52769
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.063Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52769", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:02.913580Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:55.534Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d908ca431e20", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "afd3425bd696", "status": "affected", "version": "d889913205cf", "versionType": "git" }, { "lessThan": "6afc57ea315e", "status": "affected", "version": "d889913205cf", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath12k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix htt mlo-offset event locking\n\nThe ath12k active pdevs are protected by RCU but the htt mlo-offset\nevent handling code calling ath12k_mac_get_ar_by_pdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:20.716Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d908ca431e20b0e4bfc5d911d1744910ed779bdb" }, { "url": "https://git.kernel.org/stable/c/afd3425bd69610f318403084fe491e24a1357fb9" }, { "url": "https://git.kernel.org/stable/c/6afc57ea315e0f660b1f870a681737bb7b71faef" } ], "title": "wifi: ath12k: fix htt mlo-offset event locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52769", "datePublished": "2024-05-21T15:30:52.308Z", "dateReserved": "2024-05-21T15:19:24.238Z", "dateUpdated": "2024-11-04T14:52:20.716Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47490
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47490", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-06T18:35:40.816155Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:35:50.447Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/ttm/ttm_bo_util.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bd99782f3ca4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "960b1fdfc39a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "c21b4002214c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bbc920fb320f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "132a3d998d67", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0db55f9a1baf", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/ttm/ttm_bo_util.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.157", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.158", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.77", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.78", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix memleak in ttm_transfered_destroy\n\nWe need to cleanup the fences for ghost objects as well.\n\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214029\nBug: https://bugzilla.kernel.org/show_bug.cgi?id=214447" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:55.533Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd" }, { "url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9" }, { "url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db" }, { "url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a" }, { "url": "https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd" }, { "url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5" } ], "title": "drm/ttm: fix memleak in ttm_transfered_destroy", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47490", "datePublished": "2024-05-22T08:19:39.424Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-04T12:06:55.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52773
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52773", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-24T15:34:16.322339Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-24T15:34:25.209Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.003Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "fb5c134ca589", "status": "affected", "version": "22676bc500c2", "versionType": "git" }, { "lessThan": "5b14cf37b9f0", "status": "affected", "version": "22676bc500c2", "versionType": "git" }, { "lessThan": "1d07b7e84276", "status": "affected", "version": "22676bc500c2", "versionType": "git" }, { "lessThan": "b71f4ade1b89", "status": "affected", "version": "22676bc500c2", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()\n\nWhen ddc_service_construct() is called, it explicitly checks both the\nlink type and whether there is something on the link which will\ndictate whether the pin is marked as hw_supported.\n\nIf the pin isn\u0027t set or the link is not set (such as from\nunloading/reloading amdgpu in an IGT test) then fail the\namdgpu_dm_i2c_xfer() call." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:25.516Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d" }, { "url": "https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42" }, { "url": "https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9" }, { "url": "https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c" } ], "title": "drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52773", "datePublished": "2024-05-21T15:30:54.932Z", "dateReserved": "2024-05-21T15:19:24.239Z", "dateUpdated": "2024-11-04T14:52:25.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47484
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47484", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:09:25.005976Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T15:25:53.559Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c", "drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f1e3cd1cc802", "status": "affected", "version": "8756828a8148", "versionType": "git" }, { "lessThan": "c2d4c543f74c", "status": "affected", "version": "8756828a8148", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c", "drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.5" }, { "lessThan": "5.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.16", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix possible null pointer dereference.\n\nThis patch fixes possible null pointer dereference in files\n\"rvu_debugfs.c\" and \"rvu_nix.c\"" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:49.563Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0" }, { "url": "https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354" } ], "title": "octeontx2-af: Fix possible null pointer dereference.", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47484", "datePublished": "2024-05-22T08:19:35.503Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-11-07T15:25:53.559Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52842
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52842", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-21T17:26:02.672939Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:39.841Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/vmw_vsock/virtio_transport_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cd12535b97dd", "status": "affected", "version": "baddcc2c7157", "versionType": "git" }, { "lessThan": "0b8906fb48b9", "status": "affected", "version": "71dc9ec9ac7d", "versionType": "git" }, { "lessThan": "34c4effacfc3", "status": "affected", "version": "71dc9ec9ac7d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/vmw_vsock/virtio_transport_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.3" }, { "lessThan": "6.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()\n\nKMSAN reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was stored to memory at:\n virtio_transport_space_update net/vmw_vsock/virtio_transport_common.c:1274 [inline]\n virtio_transport_recv_pkt+0x1ee8/0x26a0 net/vmw_vsock/virtio_transport_common.c:1415\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was created at:\n slab_post_alloc_hook+0x105/0xad0 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5a2/0xaf0 mm/slub.c:3523\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x2fd/0x770 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n virtio_vsock_alloc_skb include/linux/virtio_vsock.h:66 [inline]\n virtio_transport_alloc_skb+0x90/0x11e0 net/vmw_vsock/virtio_transport_common.c:58\n virtio_transport_reset_no_sock net/vmw_vsock/virtio_transport_common.c:957 [inline]\n virtio_transport_recv_pkt+0x1279/0x26a0 net/vmw_vsock/virtio_transport_common.c:1387\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nCPU: 1 PID: 10664 Comm: kworker/1:5 Not tainted 6.6.0-rc3-00146-g9f3ebbef746f #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-1.fc38 04/01/2014\nWorkqueue: vsock-loopback vsock_loopback_work\n=====================================================\n\nThe following simple reproducer can cause the issue described above:\n\nint main(void)\n{\n int sock;\n struct sockaddr_vm addr = {\n .svm_family = AF_VSOCK,\n .svm_cid = VMADDR_CID_ANY,\n .svm_port = 1234,\n };\n\n sock = socket(AF_VSOCK, SOCK_STREAM, 0);\n connect(sock, (struct sockaddr *)\u0026addr, sizeof(addr));\n return 0;\n}\n\nThis issue occurs because the `buf_alloc` and `fwd_cnt` fields of the\n`struct virtio_vsock_hdr` are not initialized when a new skb is allocated\nin `virtio_transport_init_hdr()`. This patch resolves the issue by\ninitializing these fields during allocation." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:40.906Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cd12535b97dd7d18cf655ec78ce1cf1f29a576be" }, { "url": "https://git.kernel.org/stable/c/0b8906fb48b99e993d6e8a12539f618f4854dd26" }, { "url": "https://git.kernel.org/stable/c/34c4effacfc329aeca5635a69fd9e0f6c90b4101" } ], "title": "virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52842", "datePublished": "2024-05-21T15:31:41.180Z", "dateReserved": "2024-05-21T15:19:24.254Z", "dateUpdated": "2024-11-04T14:53:40.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52810
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "cc61fcf7d1c9", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "8f2964df6bfc", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "a81a56b4cbe3", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "524b4f203afc", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5f148b16972e", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "0cb567e72733", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "491085258185", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "1a7c53fdea1d", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "525b861a0081", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.7" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52810", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T16:17:58.719311Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1335", "description": "CWE-1335 Incorrect Bitwise Shift of Integer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T17:20:18.215Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.035Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cc61fcf7d1c9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8f2964df6bfc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a81a56b4cbe3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "524b4f203afc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "5f148b16972e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0cb567e72733", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "491085258185", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "1a7c53fdea1d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "525b861a0081", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/jfs/jfs_dmap.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:09.293Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01" }, { "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc" }, { "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1" }, { "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907" }, { "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f" }, { "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6" }, { "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45" }, { "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b" }, { "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa" } ], "title": "fs/jfs: Add check for negative db_l2nbperpage", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52810", "datePublished": "2024-05-21T15:31:19.629Z", "dateReserved": "2024-05-21T15:19:24.248Z", "dateUpdated": "2024-11-04T14:53:09.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52760
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52760", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:26:22.936431Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:04.103Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/gfs2/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7ad4e0a4f61c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "08a28272faa7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "bdcb8aa434c6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/gfs2/super.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.97", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix slab-use-after-free in gfs2_qd_dealloc\n\nIn gfs2_put_super(), whether withdrawn or not, the quota should\nbe cleaned up by gfs2_quota_cleanup().\n\nOtherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcu\ncallback) has run for all gfs2_quota_data objects, resulting in\nuse-after-free.\n\nAlso, gfs2_destroy_threads() and gfs2_quota_cleanup() is already called\nby gfs2_make_fs_ro(), so in gfs2_put_super(), after calling\ngfs2_make_fs_ro(), there is no need to call them again." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:09.450Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba" }, { "url": "https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81" }, { "url": "https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37" } ], "title": "gfs2: Fix slab-use-after-free in gfs2_qd_dealloc", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52760", "datePublished": "2024-05-21T15:30:46.427Z", "dateReserved": "2024-05-21T15:19:24.237Z", "dateUpdated": "2024-11-04T14:52:09.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52868
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52868", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:32:21.368633Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:15.357Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/edbd6bbe40ac524a8f2273ffacc53edf14f3c686" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c99626092efca3061b387043d4a7399bf75fbdd5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/thermal/thermal_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b55f0a9f865b", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "6ad1bf47fbe5", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "3091ab943dfc", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "3f795fb35c2d", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "3a8f4e58e1ee", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "77ff34a56b69", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "0f6b3be28c4d", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "edbd6bbe40ac", "status": "affected", "version": "203d3d4aa482", "versionType": "git" }, { "lessThan": "c99626092efc", "status": "affected", "version": "203d3d4aa482", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/thermal/thermal_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.25" }, { "lessThan": "2.6.25", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: prevent potential string overflow\n\nThe dev-\u003eid value comes from ida_alloc() so it\u0027s a number between zero\nand INT_MAX. If it\u0027s too high then these sprintf()s will overflow." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:13.301Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8" }, { "url": "https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521" }, { "url": "https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb" }, { "url": "https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c" }, { "url": "https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c" }, { "url": "https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8" }, { "url": "https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c72266629bea97" }, { "url": "https://git.kernel.org/stable/c/edbd6bbe40ac524a8f2273ffacc53edf14f3c686" }, { "url": "https://git.kernel.org/stable/c/c99626092efca3061b387043d4a7399bf75fbdd5" } ], "title": "thermal: core: prevent potential string overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52868", "datePublished": "2024-05-21T15:31:58.530Z", "dateReserved": "2024-05-21T15:19:24.263Z", "dateUpdated": "2024-11-04T14:54:13.301Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47488
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-12-05T13:50:30.024Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47488", "datePublished": "2024-05-22T08:19:38.117Z", "dateRejected": "2024-12-05T13:50:30.024Z", "dateReserved": "2024-05-22T06:20:56.201Z", "dateUpdated": "2024-12-05T13:50:30.024Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47415
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47415", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T18:23:54.594735Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:27.933Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.475Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/432d8185e9ffce97e3866ca71c39b0807a456920" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/24d5f16e407b75bc59d5419b957a9cab423b2681" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/intel/iwlwifi/mvm/time-event.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "432d8185e9ff", "status": "affected", "version": "7b3954a1d69a", "versionType": "git" }, { "lessThan": "24d5f16e407b", "status": "affected", "version": "7b3954a1d69a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/intel/iwlwifi/mvm/time-event.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: mvm: Fix possible NULL dereference\n\nIn __iwl_mvm_remove_time_event() check that \u0027te_data-\u003evif\u0027 is NULL\nbefore dereferencing it." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:28.276Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/432d8185e9ffce97e3866ca71c39b0807a456920" }, { "url": "https://git.kernel.org/stable/c/24d5f16e407b75bc59d5419b957a9cab423b2681" } ], "title": "iwlwifi: mvm: Fix possible NULL dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47415", "datePublished": "2024-05-21T15:04:05.381Z", "dateReserved": "2024-05-21T14:58:30.818Z", "dateUpdated": "2024-11-04T12:05:28.276Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48708
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-48708", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:23:32.256877Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:24:41.903Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T15:17:55.728Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/pinctrl/pinctrl-single.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1177bdafe87c", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "e671e63587c9", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "2b763f7de108", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "6e2a0521e4e8", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "71668706fbe7", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "bcc487001a15", "status": "affected", "version": "571aec4df5b7", "versionType": "git" }, { "lessThan": "d2d73e6d4822", "status": "affected", "version": "571aec4df5b7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/pinctrl/pinctrl-single.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.11" }, { "lessThan": "4.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.306", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference\n\nAdded checking of pointer \"function\" in pcs_set_mux().\npinmux_generic_get_function() can return NULL and the pointer\n\"function\" was dereferenced without checking against NULL.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:14:58.297Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1177bdafe87cbe543a2dc48a9bbac265aa5864db" }, { "url": "https://git.kernel.org/stable/c/e671e63587c92b3fd767cf82e73129f6d5feeb33" }, { "url": "https://git.kernel.org/stable/c/2b763f7de108cb1a5ad5ed08e617d677341947cb" }, { "url": "https://git.kernel.org/stable/c/6e2a0521e4e84a2698f2da3950fb5c5496a4d208" }, { "url": "https://git.kernel.org/stable/c/71668706fbe7d20e6f172fa3287fa8aac1b56c26" }, { "url": "https://git.kernel.org/stable/c/bcc487001a15f71f103d102cba4ac8145d7a68f2" }, { "url": "https://git.kernel.org/stable/c/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b" } ], "title": "pinctrl: single: fix potential NULL dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2022-48708", "datePublished": "2024-05-21T15:22:49.381Z", "dateReserved": "2024-05-03T14:55:07.148Z", "dateUpdated": "2024-11-04T12:14:58.297Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52800
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52800", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:43:54.246107Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T19:04:08.110Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.060Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "03ed26935beb", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "3a51e6b4da71", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "e3199b3fac65", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "423762f02182", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "69cede2a5a5f", "status": "affected", "version": "d5c65159f289", "versionType": "git" }, { "lessThan": "3f77c7d605b2", "status": "affected", "version": "d5c65159f289", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/ath/ath11k/dp_rx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:58.489Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/03ed26935bebf6b6fd8a656490bf3dcc71b72679" }, { "url": "https://git.kernel.org/stable/c/3a51e6b4da71fdfa43ec006d6abc020f3e22d14e" }, { "url": "https://git.kernel.org/stable/c/e3199b3fac65c9f103055390b6fd07c5cffa5961" }, { "url": "https://git.kernel.org/stable/c/423762f021825b5e57c3d6f01ff96a9ff19cdcd8" }, { "url": "https://git.kernel.org/stable/c/69cede2a5a5f60e3f5602b901b52cb64edd2ea6c" }, { "url": "https://git.kernel.org/stable/c/3f77c7d605b29df277d77e9ee75d96e7ad145d2d" } ], "title": "wifi: ath11k: fix htt pktlog locking", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52800", "datePublished": "2024-05-21T15:31:13.033Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-06T19:04:08.110Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52803
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52803", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:49.719946Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:08.071Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.893Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/17866066b8ac1cc38fb449670bc15dc9fee4b40a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7d61d1da2ed1f682c41cae0c8d4719cdaccee5c5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dedf2a0eb9448ae73b270743e6ea9b108189df46" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/194454afa6aa9d6ed74f0c57127bc8beb27c20df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7749fd2dbef72a52b5c9ffdbf877691950ed4680" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1cdb52ffd6600a37bd355d8dce58ecd03e55e618" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cc2e7ebbeb1d0601f7f3c8d93b78fcc03a95e44a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bfca5fb4e97c46503ddfc582335917b0cc228264" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/linux/sunrpc/clnt.h", "net/sunrpc/clnt.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "17866066b8ac", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "7d61d1da2ed1", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "dedf2a0eb944", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "194454afa6aa", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "7749fd2dbef7", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "1cdb52ffd660", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "cc2e7ebbeb1d", "status": "affected", "version": "0157d021d23a", "versionType": "git" }, { "lessThan": "bfca5fb4e97c", "status": "affected", "version": "0157d021d23a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/linux/sunrpc/clnt.h", "net/sunrpc/clnt.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.4" }, { "lessThan": "3.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.318", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.280", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:00.924Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/17866066b8ac1cc38fb449670bc15dc9fee4b40a" }, { "url": "https://git.kernel.org/stable/c/7d61d1da2ed1f682c41cae0c8d4719cdaccee5c5" }, { "url": "https://git.kernel.org/stable/c/dedf2a0eb9448ae73b270743e6ea9b108189df46" }, { "url": "https://git.kernel.org/stable/c/194454afa6aa9d6ed74f0c57127bc8beb27c20df" }, { "url": "https://git.kernel.org/stable/c/7749fd2dbef72a52b5c9ffdbf877691950ed4680" }, { "url": "https://git.kernel.org/stable/c/1cdb52ffd6600a37bd355d8dce58ecd03e55e618" }, { "url": "https://git.kernel.org/stable/c/cc2e7ebbeb1d0601f7f3c8d93b78fcc03a95e44a" }, { "url": "https://git.kernel.org/stable/c/bfca5fb4e97c46503ddfc582335917b0cc228264" } ], "title": "SUNRPC: Fix RPC client cleaned up the freed pipefs dentries", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52803", "datePublished": "2024-05-21T15:31:15.063Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-04T14:53:00.924Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47376
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47376", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T18:56:40.431373Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T18:57:16.694Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:08.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/93937596e0652d50973f9dc944fea1694ac8cdfd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6345a0bee80139ea00a341c4202ebfd1534b5eb0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b5fe7cdfee5901ce5513c30e554d51536e003bde" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e6491b559704da720f6da09dd0a52c4df44c514" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/bpf/verifier.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "93937596e065", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6345a0bee801", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b5fe7cdfee59", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "0e6491b55970", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/bpf/verifier.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.150", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.70", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.9", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add oversize check before call kvcalloc()\n\nCommit 7661809d493b (\"mm: don\u0027t allow oversized kvmalloc() calls\") add the\noversize check. When the allocation is larger than what kmalloc() supports,\nthe following warning triggered:\n\nWARNING: CPU: 0 PID: 8408 at mm/util.c:597 kvmalloc_node+0x108/0x110 mm/util.c:597\nModules linked in:\nCPU: 0 PID: 8408 Comm: syz-executor221 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:kvmalloc_node+0x108/0x110 mm/util.c:597\nCall Trace:\n kvmalloc include/linux/mm.h:806 [inline]\n kvmalloc_array include/linux/mm.h:824 [inline]\n kvcalloc include/linux/mm.h:829 [inline]\n check_btf_line kernel/bpf/verifier.c:9925 [inline]\n check_btf_info kernel/bpf/verifier.c:10049 [inline]\n bpf_check+0xd634/0x150d0 kernel/bpf/verifier.c:13759\n bpf_prog_load kernel/bpf/syscall.c:2301 [inline]\n __sys_bpf+0x11181/0x126e0 kernel/bpf/syscall.c:4587\n __do_sys_bpf kernel/bpf/syscall.c:4691 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:4689 [inline]\n __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4689\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:04:43.432Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/93937596e0652d50973f9dc944fea1694ac8cdfd" }, { "url": "https://git.kernel.org/stable/c/6345a0bee80139ea00a341c4202ebfd1534b5eb0" }, { "url": "https://git.kernel.org/stable/c/b5fe7cdfee5901ce5513c30e554d51536e003bde" }, { "url": "https://git.kernel.org/stable/c/0e6491b559704da720f6da09dd0a52c4df44c514" } ], "title": "bpf: Add oversize check before call kvcalloc()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47376", "datePublished": "2024-05-21T15:03:39.738Z", "dateReserved": "2024-05-21T14:58:30.811Z", "dateUpdated": "2024-11-04T12:04:43.432Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47434
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47434", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:19:19.923791Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:46.138Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.365Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/62c182b5e763e5f4062e72678e72ce3e02dd4d1b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/01c2dcb67e71c351006dd17cbba86c26b7f61eaf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dec944bb7079b37968cf69c8a438f91f15c4cc61" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e54abefe703ab7c4e5983e889babd1447738ca42" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ff0e50d3564f33b7f4b35cadeabd951d66cfc570" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/host/xhci-ring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "22bcb65ea410", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "62c182b5e763", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "01c2dcb67e71", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "dec944bb7079", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e54abefe703a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ff0e50d3564f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/host/xhci-ring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix command ring pointer corruption while aborting a command\n\nThe command ring pointer is located at [6:63] bits of the command\nring control register (CRCR). All the control bits like command stop,\nabort are located at [0:3] bits. While aborting a command, we read the\nCRCR and set the abort bit and write to the CRCR. The read will always\ngive command ring pointer as all zeros. So we essentially write only\nthe control bits. Since we split the 64 bit write into two 32 bit writes,\nthere is a possibility of xHC command ring stopped before the upper\ndword (all zeros) is written. If that happens, xHC updates the upper\ndword of its internal command ring pointer with all zeros. Next time,\nwhen the command ring is restarted, we see xHC memory access failures.\nFix this issue by only writing to the lower dword of CRCR where all\ncontrol bits are located." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:50.574Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0" }, { "url": "https://git.kernel.org/stable/c/62c182b5e763e5f4062e72678e72ce3e02dd4d1b" }, { "url": "https://git.kernel.org/stable/c/01c2dcb67e71c351006dd17cbba86c26b7f61eaf" }, { "url": "https://git.kernel.org/stable/c/dec944bb7079b37968cf69c8a438f91f15c4cc61" }, { "url": "https://git.kernel.org/stable/c/e54abefe703ab7c4e5983e889babd1447738ca42" }, { "url": "https://git.kernel.org/stable/c/ff0e50d3564f33b7f4b35cadeabd951d66cfc570" } ], "title": "xhci: Fix command ring pointer corruption while aborting a command", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47434", "datePublished": "2024-05-22T06:19:30.896Z", "dateReserved": "2024-05-21T14:58:30.830Z", "dateUpdated": "2024-11-04T12:05:50.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47464
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "d6f451f1f60c", "status": "affected", "version": "bf361231c295", "versionType": "custom" }, { "lessThan": "16802fa4c33e", "status": "affected", "version": "bf361231c295", "versionType": "custom" }, { "lessThan": "4e9e46a70020", "status": "affected", "version": "bf361231c295", "versionType": "custom" }, { "lessThan": "6e3ee990c904", "status": "affected", "version": "bf361231c295", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:5.3:-:*:*:*:*:*:*" ], "defaultStatus": "affected", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.3" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47464", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:04:07.219306Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:04:11.318Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.357Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/auditsc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d6f451f1f60c", "status": "affected", "version": "bf361231c295", "versionType": "git" }, { "lessThan": "16802fa4c33e", "status": "affected", "version": "bf361231c295", "versionType": "git" }, { "lessThan": "4e9e46a70020", "status": "affected", "version": "bf361231c295", "versionType": "git" }, { "lessThan": "6e3ee990c904", "status": "affected", "version": "bf361231c295", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/auditsc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.156", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.76", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.15", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: fix possible null-pointer dereference in audit_filter_rules\n\nFix possible null-pointer dereference in audit_filter_rules.\n\naudit_filter_rules() error: we previously assumed \u0027ctx\u0027 could be null" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:27.118Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2" }, { "url": "https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05" }, { "url": "https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d" }, { "url": "https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895" } ], "title": "audit: fix possible null-pointer dereference in audit_filter_rules", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47464", "datePublished": "2024-05-22T06:23:24.355Z", "dateReserved": "2024-05-22T06:20:56.198Z", "dateUpdated": "2024-11-04T12:06:27.118Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52743
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52743", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T15:21:19.164066Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:21:30.697Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.549Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "87a5e3fc8416", "status": "affected", "version": "940b61af02f4", "versionType": "git" }, { "lessThan": "1ad4112c9fcf", "status": "affected", "version": "940b61af02f4", "versionType": "git" }, { "lessThan": "ca834a017851", "status": "affected", "version": "940b61af02f4", "versionType": "git" }, { "lessThan": "df59e0540145", "status": "affected", "version": "940b61af02f4", "versionType": "git" }, { "lessThan": "4d159f7884f7", "status": "affected", "version": "940b61af02f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.17" }, { "lessThan": "4.17", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.168", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.94", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nWhen both ice and the irdma driver are loaded, a warning in\ncheck_flush_dependency is being triggered. This is due to ice driver\nworkqueue being allocated with the WQ_MEM_RECLAIM flag and the irdma one\nis not.\n\nAccording to kernel documentation, this flag should be set if the\nworkqueue will be involved in the kernel\u0027s memory reclamation flow.\nSince it is not, there is no need for the ice driver\u0027s WQ to have this\nflag set so remove it.\n\nExample trace:\n\n[ +0.000004] workqueue: WQ_MEM_RECLAIM ice:ice_service_task [ice] is flushing !WQ_MEM_RECLAIM infiniband:0x0\n[ +0.000139] WARNING: CPU: 0 PID: 728 at kernel/workqueue.c:2632 check_flush_dependency+0x178/0x1a0\n[ +0.000011] Modules linked in: bonding tls xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_cha\nin_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink bridge stp llc rfkill vfat fat intel_rapl_msr intel\n_rapl_common isst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct1\n0dif_pclmul crc32_pclmul ghash_clmulni_intel rapl intel_cstate rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_\ncore_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_cm iw_cm iTCO_wdt iTCO_vendor_support ipmi_ssif irdma mei_me ib_uverbs\nib_core intel_uncore joydev pcspkr i2c_i801 acpi_ipmi mei lpc_ich i2c_smbus intel_pch_thermal ioatdma ipmi_si acpi_power_meter\nacpi_pad xfs libcrc32c sd_mod t10_pi crc64_rocksoft crc64 sg ahci ixgbe libahci ice i40e igb crc32c_intel mdio i2c_algo_bit liba\nta dca wmi dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\n[ +0.000161] [last unloaded: bonding]\n[ +0.000006] CPU: 0 PID: 728 Comm: kworker/0:2 Tainted: G S 6.2.0-rc2_next-queue-13jan-00458-gc20aabd57164 #1\n[ +0.000006] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[ +0.000003] Workqueue: ice ice_service_task [ice]\n[ +0.000127] RIP: 0010:check_flush_dependency+0x178/0x1a0\n[ +0.000005] Code: 89 8e 02 01 e8 49 3d 40 00 49 8b 55 18 48 8d 8d d0 00 00 00 48 8d b3 d0 00 00 00 4d 89 e0 48 c7 c7 e0 3b 08\n9f e8 bb d3 07 01 \u003c0f\u003e 0b e9 be fe ff ff 80 3d 24 89 8e 02 00 0f 85 6b ff ff ff e9 06\n[ +0.000004] RSP: 0018:ffff88810a39f990 EFLAGS: 00010282\n[ +0.000005] RAX: 0000000000000000 RBX: ffff888141bc2400 RCX: 0000000000000000\n[ +0.000004] RDX: 0000000000000001 RSI: dffffc0000000000 RDI: ffffffffa1213a80\n[ +0.000003] RBP: ffff888194bf3400 R08: ffffed117b306112 R09: ffffed117b306112\n[ +0.000003] R10: ffff888bd983088b R11: ffffed117b306111 R12: 0000000000000000\n[ +0.000003] R13: ffff888111f84d00 R14: ffff88810a3943ac R15: ffff888194bf3400\n[ +0.000004] FS: 0000000000000000(0000) GS:ffff888bd9800000(0000) knlGS:0000000000000000\n[ +0.000003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000003] CR2: 000056035b208b60 CR3: 000000017795e005 CR4: 00000000007706f0\n[ +0.000003] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ +0.000003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ +0.000002] PKRU: 55555554\n[ +0.000003] Call Trace:\n[ +0.000002] \u003cTASK\u003e\n[ +0.000003] __flush_workqueue+0x203/0x840\n[ +0.000006] ? mutex_unlock+0x84/0xd0\n[ +0.000008] ? __pfx_mutex_unlock+0x10/0x10\n[ +0.000004] ? __pfx___flush_workqueue+0x10/0x10\n[ +0.000006] ? mutex_lock+0xa3/0xf0\n[ +0.000005] ib_cache_cleanup_one+0x39/0x190 [ib_core]\n[ +0.000174] __ib_unregister_device+0x84/0xf0 [ib_core]\n[ +0.000094] ib_unregister_device+0x25/0x30 [ib_core]\n[ +0.000093] irdma_ib_unregister_device+0x97/0xc0 [irdma]\n[ +0.000064] ? __pfx_irdma_ib_unregister_device+0x10/0x10 [irdma]\n[ +0.000059] ? up_write+0x5c/0x90\n[ +0.000005] irdma_remove+0x36/0x90 [irdma]\n[ +0.000062] auxiliary_bus_remove+0x32/0x50\n[ +0.000007] device_r\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:51.113Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/87a5e3fc8416106e290c448fc8a6dd50ab24c634" }, { "url": "https://git.kernel.org/stable/c/1ad4112c9fcf0bc08222b2b1614fba52ffd12255" }, { "url": "https://git.kernel.org/stable/c/ca834a017851c50464c25a85f3cb2daefff7bede" }, { "url": "https://git.kernel.org/stable/c/df59e05401450973c8c7e96fd74b49e24442dc1f" }, { "url": "https://git.kernel.org/stable/c/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39" } ], "title": "ice: Do not use WQ_MEM_RECLAIM flag for workqueue", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52743", "datePublished": "2024-05-21T15:23:05.179Z", "dateReserved": "2024-05-21T15:19:24.233Z", "dateUpdated": "2024-11-04T14:51:51.113Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47479
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47479", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:24:15.320557Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:37.514Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.455Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/staging/rtl8712/usb_intf.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c430094541a8", "status": "affected", "version": "8c213fa59199", "versionType": "git" }, { "lessThan": "befd23bd3b17", "status": "affected", "version": "8c213fa59199", "versionType": "git" }, { "lessThan": "a65c9afe9f2f", "status": "affected", "version": "8c213fa59199", "versionType": "git" }, { "lessThan": "c052cc1a069c", "status": "affected", "version": "8c213fa59199", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/staging/rtl8712/usb_intf.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.3" }, { "lessThan": "3.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use-after-free in rtl8712_dl_fw\n\nSyzbot reported use-after-free in rtl8712_dl_fw(). The problem was in\nrace condition between r871xu_dev_remove() -\u003endo_open() callback.\n\nIt\u0027s easy to see from crash log, that driver accesses released firmware\nin -\u003endo_open() callback. It may happen, since driver was releasing\nfirmware _before_ unregistering netdev. Fix it by moving\nunregister_netdev() before cleaning up resources.\n\nCall Trace:\n...\n rtl871x_open_fw drivers/staging/rtl8712/hal_init.c:83 [inline]\n rtl8712_dl_fw+0xd95/0xe10 drivers/staging/rtl8712/hal_init.c:170\n rtl8712_hal_init drivers/staging/rtl8712/hal_init.c:330 [inline]\n rtl871x_hal_init+0xae/0x180 drivers/staging/rtl8712/hal_init.c:394\n netdev_open+0xe6/0x6c0 drivers/staging/rtl8712/os_intfs.c:380\n __dev_open+0x2bc/0x4d0 net/core/dev.c:1484\n\nFreed by task 1306:\n...\n release_firmware+0x1b/0x30 drivers/base/firmware_loader/main.c:1053\n r871xu_dev_remove+0xcc/0x2c0 drivers/staging/rtl8712/usb_intf.c:599\n usb_unbind_interface+0x1d8/0x8d0 drivers/usb/core/driver.c:458" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:43.715Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c430094541a80575259a94ff879063ef01473506" }, { "url": "https://git.kernel.org/stable/c/befd23bd3b17f1a3f9c943a8580b47444c7c63ed" }, { "url": "https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4" }, { "url": "https://git.kernel.org/stable/c/c052cc1a069c3e575619cf64ec427eb41176ca70" } ], "title": "staging: rtl8712: fix use-after-free in rtl8712_dl_fw", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47479", "datePublished": "2024-05-22T08:19:32.174Z", "dateReserved": "2024-05-22T06:20:56.200Z", "dateUpdated": "2024-11-04T12:06:43.715Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52708
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52708", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:27:42.948187Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:21.454Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.045Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e9b488d60f51ae312006e224e03a30a151c28bdd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0b3edcb24bd81b3b2e3dac89f4733bfd47d283be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ecad2fafd424ffdc203b2748ded0b37e4bbecef3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/82645bf4ed02abe930a659c5fe16d593a6dbd93f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cf4c9d2ac1e42c7d18b921bec39486896645b714" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/mmc/host/mmc_spi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e9b488d60f51", "status": "affected", "version": "15a0580ced08", "versionType": "git" }, { "lessThan": "0b3edcb24bd8", "status": "affected", "version": "15a0580ced08", "versionType": "git" }, { "lessThan": "ecad2fafd424", "status": "affected", "version": "15a0580ced08", "versionType": "git" }, { "lessThan": "82645bf4ed02", "status": "affected", "version": "15a0580ced08", "versionType": "git" }, { "lessThan": "cf4c9d2ac1e4", "status": "affected", "version": "15a0580ced08", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/mmc/host/mmc_spi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.24" }, { "lessThan": "2.6.24", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmc_spi: fix error handling in mmc_spi_probe()\n\nIf mmc_add_host() fails, it doesn\u0027t need to call mmc_remove_host(),\nor it will cause null-ptr-deref, because of deleting a not added\ndevice in mmc_remove_host().\n\nTo fix this, goto label \u0027fail_glue_init\u0027, if mmc_add_host() fails,\nand change the label \u0027fail_add_host\u0027 to \u0027fail_gpiod_request\u0027." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:35.567Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e9b488d60f51ae312006e224e03a30a151c28bdd" }, { "url": "https://git.kernel.org/stable/c/0b3edcb24bd81b3b2e3dac89f4733bfd47d283be" }, { "url": "https://git.kernel.org/stable/c/ecad2fafd424ffdc203b2748ded0b37e4bbecef3" }, { "url": "https://git.kernel.org/stable/c/82645bf4ed02abe930a659c5fe16d593a6dbd93f" }, { "url": "https://git.kernel.org/stable/c/cf4c9d2ac1e42c7d18b921bec39486896645b714" } ], "title": "mmc: mmc_spi: fix error handling in mmc_spi_probe()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52708", "datePublished": "2024-05-21T15:22:55.975Z", "dateReserved": "2024-03-07T14:49:46.892Z", "dateUpdated": "2024-11-04T14:51:35.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47224
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47224", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-31T18:48:29.010008Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-04T20:41:06.725Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:32:07.412Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/019ab7d044d0ebf97e1236bb8935b7809be92358" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e8afe05bd359ebe12a61dbdc94c06c00ea3e8d4b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6aa32217a9a446275440ee8724b1ecaf1838df47" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/xilinx/ll_temac_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6d120ab4dc39", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "019ab7d044d0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e8afe05bd359", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6aa32217a9a4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/xilinx/ll_temac_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.128", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.46", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ll_temac: Make sure to free skb when it is completely used\n\nWith the skb pointer piggy-backed on the TX BD, we have a simple and\nefficient way to free the skb buffer when the frame has been transmitted.\nBut in order to avoid freeing the skb while there are still fragments from\nthe skb in use, we need to piggy-back on the TX BD of the skb, not the\nfirst.\n\nWithout this, we are doing use-after-free on the DMA side, when the first\nBD of a multi TX BD packet is seen as completed in xmit_done, and the\nremaining BDs are still being processed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:01:48.724Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3" }, { "url": "https://git.kernel.org/stable/c/019ab7d044d0ebf97e1236bb8935b7809be92358" }, { "url": "https://git.kernel.org/stable/c/e8afe05bd359ebe12a61dbdc94c06c00ea3e8d4b" }, { "url": "https://git.kernel.org/stable/c/6aa32217a9a446275440ee8724b1ecaf1838df47" } ], "title": "net: ll_temac: Make sure to free skb when it is completely used", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47224", "datePublished": "2024-05-21T14:19:29.542Z", "dateReserved": "2024-04-10T18:59:19.529Z", "dateUpdated": "2024-11-04T20:41:06.725Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47424
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47424", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:26:01.019314Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:26:22.350Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.004Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/i40e/i40e_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "60ad4cde0ad2", "status": "affected", "version": "c17401a1dd21", "versionType": "git" }, { "lessThan": "17063cac4088", "status": "affected", "version": "c17401a1dd21", "versionType": "git" }, { "lessThan": "97aeed72af4f", "status": "affected", "version": "c17401a1dd21", "versionType": "git" }, { "lessThan": "75099439209d", "status": "affected", "version": "c17401a1dd21", "versionType": "git" }, { "lessThan": "2e5a20573a92", "status": "affected", "version": "c17401a1dd21", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/i40e/i40e_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.15" }, { "lessThan": "4.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.211", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:38.842Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4" }, { "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312" }, { "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236" }, { "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef" }, { "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e" } ], "title": "i40e: Fix freeing of uninitialized misc IRQ vector", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47424", "datePublished": "2024-05-21T15:04:11.271Z", "dateReserved": "2024-05-21T14:58:30.827Z", "dateUpdated": "2024-11-04T12:05:38.842Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48710
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-48710", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T15:20:52.497034Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:21:02.469Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T15:17:55.832Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/radeon/radeon_connectors.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b33f7d99c922", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "16a0f0b63c4c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8a89bfeef9ab", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "28fd384c78d7", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fee8ae0a0bb6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7b7fba107b2c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e938d24f0b73", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "140d9807b96e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a2b28708b645", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/radeon/radeon_connectors.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.318", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.283", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.247", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.198", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.122", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.47", "versionType": "semver" }, { "lessThanOrEqual": "5.17.*", "status": "unaffected", "version": "5.17.15", "versionType": "semver" }, { "lessThanOrEqual": "5.18.*", "status": "unaffected", "version": "5.18.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.19", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix a possible null pointer dereference\n\nIn radeon_fp_native_mode(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.\n\nThe failure status of drm_cvt_mode() on the other path is checked too." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:15:00.908Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9" }, { "url": "https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f" }, { "url": "https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29" }, { "url": "https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60" }, { "url": "https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab" }, { "url": "https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9" }, { "url": "https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479" }, { "url": "https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2094bd17" }, { "url": "https://git.kernel.org/stable/c/a2b28708b645c5632dc93669ab06e97874c8244f" } ], "title": "drm/radeon: fix a possible null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2022-48710", "datePublished": "2024-05-21T15:30:37.579Z", "dateReserved": "2024-05-03T14:55:07.148Z", "dateUpdated": "2024-11-04T12:15:00.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47426
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47426", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:34:45.731747Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:43.032Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.913Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/s390/net/bpf_jit_comp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a326f9c01cfb", "status": "affected", "version": "1c8f9b91c456", "versionType": "git" }, { "lessThan": "29fdb11ca88d", "status": "affected", "version": "1c8f9b91c456", "versionType": "git" }, { "lessThan": "d590a410e472", "status": "affected", "version": "1c8f9b91c456", "versionType": "git" }, { "lessThan": "686cb8b9f6b4", "status": "affected", "version": "1c8f9b91c456", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/s390/net/bpf_jit_comp.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.153", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.73", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, s390: Fix potential memory leak about jit_data\n\nMake sure to free jit_data through kfree() in the error path." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:41.213Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842" }, { "url": "https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be" }, { "url": "https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2" }, { "url": "https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd" } ], "title": "bpf, s390: Fix potential memory leak about jit_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47426", "datePublished": "2024-05-21T15:04:12.581Z", "dateReserved": "2024-05-21T14:58:30.827Z", "dateUpdated": "2024-11-04T12:05:41.213Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52782
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52782", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-23T18:32:52.154799Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:24:11.095Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx5/core/en_tx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a9d6c0c5a6bd", "status": "affected", "version": "e729382c297e", "versionType": "git" }, { "lessThan": "4d510506b465", "status": "affected", "version": "3178308ad4ca", "versionType": "git" }, { "lessThan": "7e3f3ba97e6c", "status": "affected", "version": "3178308ad4ca", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx5/core/en_tx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.6" }, { "lessThan": "6.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Track xmit submission to PTP WQ after populating metadata map\n\nEnsure the skb is available in metadata mapping to skbs before tracking the\nmetadata index for detecting undelivered CQEs. If the metadata index is put\nin the tracking list before putting the skb in the map, the metadata index\nmight be used for detecting undelivered CQEs before the relevant skb is\navailable in the map, which can lead to a null-ptr-deref.\n\nLog:\n general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n CPU: 0 PID: 1243 Comm: kworker/0:2 Not tainted 6.6.0-rc4+ #108\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events mlx5e_rx_dim_work [mlx5_core]\n RIP: 0010:mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n Code: 8c 24 38 cc ff ff 4c 8d 3c c1 4c 89 f9 48 c1 e9 03 42 80 3c 31 00 0f 85 97 0f 00 00 4d 8b 3f 49 8d 7f 28 48 89 f9 48 c1 e9 03 \u003c42\u003e 80 3c 31 00 0f 85 8b 0f 00 00 49 8b 47 28 48 85 c0 0f 84 05 07\n RSP: 0018:ffff8884d3c09c88 EFLAGS: 00010206\n RAX: 0000000000000069 RBX: ffff8881160349d8 RCX: 0000000000000005\n RDX: ffffed10218f48cf RSI: 0000000000000004 RDI: 0000000000000028\n RBP: ffff888122707700 R08: 0000000000000001 R09: ffffed109a781383\n R10: 0000000000000003 R11: 0000000000000003 R12: ffff88810c7a7a40\n R13: ffff888122707700 R14: dffffc0000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8884d3c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f878dd6e0 CR3: 000000014d108002 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? die_addr+0x3c/0xa0\n ? exc_general_protection+0x144/0x210\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n ? mlx5e_ptp_napi_poll+0x8f6/0x2290 [mlx5_core]\n __napi_poll.constprop.0+0xa4/0x580\n net_rx_action+0x460/0xb80\n ? _raw_spin_unlock_irqrestore+0x32/0x60\n ? __napi_poll.constprop.0+0x580/0x580\n ? tasklet_action_common.isra.0+0x2ef/0x760\n __do_softirq+0x26c/0x827\n irq_exit_rcu+0xc2/0x100\n common_interrupt+0x7f/0xa0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x22/0x40\n RIP: 0010:__kmem_cache_alloc_node+0xb/0x330\n Code: 41 5d 41 5e 41 5f c3 8b 44 24 14 8b 4c 24 10 09 c8 eb d5 e8 b7 43 ca 01 0f 1f 80 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 \u003c41\u003e 56 41 89 d6 41 55 41 89 f5 41 54 49 89 fc 53 48 83 e4 f0 48 83\n RSP: 0018:ffff88812c4079c0 EFLAGS: 00000246\n RAX: 1ffffffff083c7fe RBX: ffff888100042dc0 RCX: 0000000000000218\n RDX: 00000000ffffffff RSI: 0000000000000dc0 RDI: ffff888100042dc0\n RBP: ffff88812c4079c8 R08: ffffffffa0289f96 R09: ffffed1025880ea9\n R10: ffff888138839f80 R11: 0000000000000002 R12: 0000000000000dc0\n R13: 0000000000000100 R14: 000000000000008c R15: ffff8881271fc450\n ? cmd_exec+0x796/0x2200 [mlx5_core]\n kmalloc_trace+0x26/0xc0\n cmd_exec+0x796/0x2200 [mlx5_core]\n mlx5_cmd_do+0x22/0xc0 [mlx5_core]\n mlx5_cmd_exec+0x17/0x30 [mlx5_core]\n mlx5_core_modify_cq_moderation+0x139/0x1b0 [mlx5_core]\n ? mlx5_add_cq_to_tasklet+0x280/0x280 [mlx5_core]\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? process_one_work+0x659/0x1220\n mlx5e_rx_dim_work+0x9d/0x100 [mlx5_core]\n process_one_work+0x730/0x1220\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? max_active_store+0xf0/0xf0\n ? assign_work+0x168/0x240\n worker_thread+0x70f/0x12d0\n ? __kthread_parkme+0xd1/0x1d0\n ? process_one_work+0x1220/0x1220\n kthread+0x2d9/0x3b0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_as\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:37.835Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866" }, { "url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8" }, { "url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167" } ], "title": "net/mlx5e: Track xmit submission to PTP WQ after populating metadata map", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52782", "datePublished": "2024-05-21T15:31:00.897Z", "dateReserved": "2024-05-21T15:19:24.240Z", "dateUpdated": "2024-11-04T14:52:37.835Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52730
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.273Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52730", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:41.339440Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:56.604Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/mmc/core/sdio_bus.c", "drivers/mmc/core/sdio_cis.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "92ff03c2563c", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "5c7858adada3", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "761db46b29b4", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "30716d9f0fa1", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "1e06cf04239e", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "f855d31bb38d", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" }, { "lessThan": "605d9fb9556f", "status": "affected", "version": "3d10a1ba0d37", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/mmc/core/sdio_bus.c", "drivers/mmc/core/sdio_cis.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.33" }, { "lessThan": "2.6.33", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.306", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.273", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:36.766Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58" }, { "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a" }, { "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e" }, { "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931" }, { "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd" }, { "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72" }, { "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded" } ], "title": "mmc: sdio: fix possible resource leaks in some error paths", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52730", "datePublished": "2024-05-21T15:22:56.633Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:36.766Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52839
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.924Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/85be1a73fd298ed3fd060dfce97caef5f9928c57" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52839", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:34.430107Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.398Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/perf/riscv_pmu_sbi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "85be1a73fd29", "status": "affected", "version": "3fec323339a4", "versionType": "git" }, { "lessThan": "61e3d993c8bd", "status": "affected", "version": "3fec323339a4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/perf/riscv_pmu_sbi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.6" }, { "lessThan": "6.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: perf: Do not broadcast to other cpus when starting a counter\n\nThis command:\n\n$ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000\n\ngives rise to this kernel warning:\n\n[ 444.364395] WARNING: CPU: 0 PID: 104 at kernel/smp.c:775 smp_call_function_many_cond+0x42c/0x436\n[ 444.364515] Modules linked in:\n[ 444.364657] CPU: 0 PID: 104 Comm: perf-exec Not tainted 6.6.0-rc6-00051-g391df82e8ec3-dirty #73\n[ 444.364771] Hardware name: riscv-virtio,qemu (DT)\n[ 444.364868] epc : smp_call_function_many_cond+0x42c/0x436\n[ 444.364917] ra : on_each_cpu_cond_mask+0x20/0x32\n[ 444.364948] epc : ffffffff8009f9e0 ra : ffffffff8009fa5a sp : ff20000000003800\n[ 444.364966] gp : ffffffff81500aa0 tp : ff60000002b83000 t0 : ff200000000038c0\n[ 444.364982] t1 : ffffffff815021f0 t2 : 000000000000001f s0 : ff200000000038b0\n[ 444.364998] s1 : ff60000002c54d98 a0 : ff60000002a73940 a1 : 0000000000000000\n[ 444.365013] a2 : 0000000000000000 a3 : 0000000000000003 a4 : 0000000000000100\n[ 444.365029] a5 : 0000000000010100 a6 : 0000000000f00000 a7 : 0000000000000000\n[ 444.365044] s2 : 0000000000000000 s3 : ffffffffffffffff s4 : ff60000002c54d98\n[ 444.365060] s5 : ffffffff81539610 s6 : ffffffff80c20c48 s7 : 0000000000000000\n[ 444.365075] s8 : 0000000000000000 s9 : 0000000000000001 s10: 0000000000000001\n[ 444.365090] s11: ffffffff80099394 t3 : 0000000000000003 t4 : 00000000eac0c6e6\n[ 444.365104] t5 : 0000000400000000 t6 : ff60000002e010d0\n[ 444.365120] status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003\n[ 444.365226] [\u003cffffffff8009f9e0\u003e] smp_call_function_many_cond+0x42c/0x436\n[ 444.365295] [\u003cffffffff8009fa5a\u003e] on_each_cpu_cond_mask+0x20/0x32\n[ 444.365311] [\u003cffffffff806e90dc\u003e] pmu_sbi_ctr_start+0x7a/0xaa\n[ 444.365327] [\u003cffffffff806e880c\u003e] riscv_pmu_start+0x48/0x66\n[ 444.365339] [\u003cffffffff8012111a\u003e] perf_adjust_freq_unthr_context+0x196/0x1ac\n[ 444.365356] [\u003cffffffff801237aa\u003e] perf_event_task_tick+0x78/0x8c\n[ 444.365368] [\u003cffffffff8003faf4\u003e] scheduler_tick+0xe6/0x25e\n[ 444.365383] [\u003cffffffff8008a042\u003e] update_process_times+0x80/0x96\n[ 444.365398] [\u003cffffffff800991ec\u003e] tick_sched_handle+0x26/0x52\n[ 444.365410] [\u003cffffffff800993e4\u003e] tick_sched_timer+0x50/0x98\n[ 444.365422] [\u003cffffffff8008a6aa\u003e] __hrtimer_run_queues+0x126/0x18a\n[ 444.365433] [\u003cffffffff8008b350\u003e] hrtimer_interrupt+0xce/0x1da\n[ 444.365444] [\u003cffffffff806cdc60\u003e] riscv_timer_interrupt+0x30/0x3a\n[ 444.365457] [\u003cffffffff8006afa6\u003e] handle_percpu_devid_irq+0x80/0x114\n[ 444.365470] [\u003cffffffff80065b82\u003e] generic_handle_domain_irq+0x1c/0x2a\n[ 444.365483] [\u003cffffffff8045faec\u003e] riscv_intc_irq+0x2e/0x46\n[ 444.365497] [\u003cffffffff808a9c62\u003e] handle_riscv_irq+0x4a/0x74\n[ 444.365521] [\u003cffffffff808aa760\u003e] do_irq+0x7c/0x7e\n[ 444.365796] ---[ end trace 0000000000000000 ]---\n\nThat\u0027s because the fix in commit 3fec323339a4 (\"drivers: perf: Fix panic\nin riscv SBI mmap support\") was wrong since there is no need to broadcast\nto other cpus when starting a counter, that\u0027s only needed in mmap when\nthe counters could have already been started on other cpus, so simply\nremove this broadcast." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:37.437Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/85be1a73fd298ed3fd060dfce97caef5f9928c57" }, { "url": "https://git.kernel.org/stable/c/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72" } ], "title": "drivers: perf: Do not broadcast to other cpus when starting a counter", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52839", "datePublished": "2024-05-21T15:31:39.196Z", "dateReserved": "2024-05-21T15:19:24.253Z", "dateUpdated": "2024-11-04T14:53:37.437Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52840
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52840", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T18:01:30.625524Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T18:01:37.971Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.065Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/input/rmi4/rmi_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2f236d8638f5", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "50d122536661", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "6c71e065befb", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "303766bb92c5", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "7082b1fb5321", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "cc56c4d17721", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "c8e639f5743c", "status": "affected", "version": "24d28e4f1271", "versionType": "git" }, { "lessThan": "eb988e46da2e", "status": "affected", "version": "24d28e4f1271", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/input/rmi4/rmi_bus.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.18" }, { "lessThan": "4.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()\n\nThe put_device() calls rmi_release_function() which frees \"fn\" so the\ndereference on the next line \"fn-\u003enum_of_irqs\" is a use after free.\nMove the put_device() to the end to fix this." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:38.605Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2f236d8638f5b43e0c72919a6a27fe286c32053f" }, { "url": "https://git.kernel.org/stable/c/50d12253666195a14c6cd2b81c376e2dbeedbdff" }, { "url": "https://git.kernel.org/stable/c/6c71e065befb2fae8f1461559b940c04e1071bd5" }, { "url": "https://git.kernel.org/stable/c/303766bb92c5c225cf40f9bbbe7e29749406e2f2" }, { "url": "https://git.kernel.org/stable/c/7082b1fb5321037bc11ba1cf2d7ed23c6b2b521f" }, { "url": "https://git.kernel.org/stable/c/cc56c4d17721dcb10ad4e9c9266e449be1462683" }, { "url": "https://git.kernel.org/stable/c/c8e639f5743cf4b01f8c65e0df075fe4d782b585" }, { "url": "https://git.kernel.org/stable/c/eb988e46da2e4eae89f5337e047ce372fe33d5b1" } ], "title": "Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52840", "datePublished": "2024-05-21T15:31:39.862Z", "dateReserved": "2024-05-21T15:19:24.253Z", "dateUpdated": "2024-11-04T14:53:38.605Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47429
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47429", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:57:20.280954Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:59.087Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d7a8e38999fbd6910516e44cb43f9f4317e54f73" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f08fb25bc66986b0952724530a640d9970fa52c1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/include/asm/interrupt.h", "arch/powerpc/kernel/exceptions-64s.S", "arch/powerpc/kernel/traps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d7a8e38999fb", "status": "affected", "version": "2b43dd7653cc", "versionType": "git" }, { "lessThan": "f08fb25bc669", "status": "affected", "version": "2b43dd7653cc", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/include/asm/interrupt.h", "arch/powerpc/kernel/exceptions-64s.S", "arch/powerpc/kernel/traps.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64s: Fix unrecoverable MCE calling async handler from NMI\n\nThe machine check handler is not considered NMI on 64s. The early\nhandler is the true NMI handler, and then it schedules the\nmachine_check_exception handler to run when interrupts are enabled.\n\nThis works fine except the case of an unrecoverable MCE, where the true\nNMI is taken when MSR[RI] is clear, it can not recover, so it calls\nmachine_check_exception directly so something might be done about it.\n\nCalling an async handler from NMI context can result in irq state and\nother things getting corrupted. This can also trigger the BUG at\n arch/powerpc/include/asm/interrupt.h:168\n BUG_ON(!arch_irq_disabled_regs(regs) \u0026\u0026 !(regs-\u003emsr \u0026 MSR_EE));\n\nFix this by making an _async version of the handler which is called\nin the normal case, and a NMI version that is called for unrecoverable\ninterrupts." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:44.688Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d7a8e38999fbd6910516e44cb43f9f4317e54f73" }, { "url": "https://git.kernel.org/stable/c/f08fb25bc66986b0952724530a640d9970fa52c1" } ], "title": "powerpc/64s: Fix unrecoverable MCE calling async handler from NMI", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47429", "datePublished": "2024-05-21T15:04:14.574Z", "dateReserved": "2024-05-21T14:58:30.828Z", "dateUpdated": "2024-11-04T12:05:44.688Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52733
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "1da177e4c3f4" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.4.232" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.10.169" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.15.95" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.1.13" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "6.2" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-52733", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:53:36.981536Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:22:57.298Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.875Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/s390/boot/decompressor.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "16409f7d9ca5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "55dbd6f4ea95", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9ed522143f95", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f1eb22d0ff06", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7ab41c2c08a3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/s390/boot/decompressor.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.232", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.169", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.95", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/decompressor: specify __decompress() buf len to avoid overflow\n\nHistorically calls to __decompress() didn\u0027t specify \"out_len\" parameter\non many architectures including s390, expecting that no writes beyond\nuncompressed kernel image are performed. This has changed since commit\n2aa14b1ab2c4 (\"zstd: import usptream v1.5.2\") which includes zstd library\ncommit 6a7ede3dfccb (\"Reduce size of dctx by reutilizing dst buffer\n(#2751)\"). Now zstd decompression code might store literal buffer in\nthe unwritten portion of the destination buffer. Since \"out_len\" is\nnot set, it is considered to be unlimited and hence free to use for\noptimization needs. On s390 this might corrupt initrd or ipl report\nwhich are often placed right after the decompressor buffer. Luckily the\nsize of uncompressed kernel image is already known to the decompressor,\nso to avoid the problem simply specify it in the \"out_len\" parameter." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:51:40.228Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/16409f7d9ca5bb8220e1049ea9aae0d3c94d2dfb" }, { "url": "https://git.kernel.org/stable/c/55dbd6f4ea954751340f4f73d5dcd7c8f12208b2" }, { "url": "https://git.kernel.org/stable/c/9ed522143f959630f8b7782ddc212900d8f609a9" }, { "url": "https://git.kernel.org/stable/c/f1eb22d0ff064ad458b3b1a1eaa84ac3996206c2" }, { "url": "https://git.kernel.org/stable/c/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b" } ], "title": "s390/decompressor: specify __decompress() buf len to avoid overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52733", "datePublished": "2024-05-21T15:22:58.605Z", "dateReserved": "2024-05-21T15:19:24.232Z", "dateUpdated": "2024-11-04T14:51:40.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47497
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47497", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T17:50:37.993929Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:32.686Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/nvmem/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "abcb8d33e4d2", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "60df06bbdf49", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "2df6c0230502", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "eb0fc8e7170e", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "0594f1d048d8", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "57e48886401b", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "0e822e5413da", "status": "affected", "version": "69aba7948cbe", "versionType": "git" }, { "lessThan": "5d388fa01fa6", "status": "affected", "version": "69aba7948cbe", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/nvmem/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.3" }, { "lessThan": "4.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.290", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.288", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.252", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.213", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.155", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.75", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.14", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\n\nIf a cell has \u0027nbits\u0027 equal to a multiple of BITS_PER_BYTE the logic\n\n *p \u0026= GENMASK((cell-\u003enbits%BITS_PER_BYTE) - 1, 0);\n\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\n\nUBSAN reports this problem:\n\n UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\n shift exponent 64 is too large for 64-bit type \u0027unsigned long\u0027\n CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\n Hardware name: Google Lazor (rev3+) with KB Backlight (DT)\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n dump_backtrace+0x0/0x170\n show_stack+0x24/0x30\n dump_stack_lvl+0x64/0x7c\n dump_stack+0x18/0x38\n ubsan_epilogue+0x10/0x54\n __ubsan_handle_shift_out_of_bounds+0x180/0x194\n __nvmem_cell_read+0x1ec/0x21c\n nvmem_cell_read+0x58/0x94\n nvmem_cell_read_variable_common+0x4c/0xb0\n nvmem_cell_read_variable_le_u32+0x40/0x100\n a6xx_gpu_init+0x170/0x2f4\n adreno_bind+0x174/0x284\n component_bind_all+0xf0/0x264\n msm_drm_bind+0x1d8/0x7a0\n try_to_bring_up_master+0x164/0x1ac\n __component_add+0xbc/0x13c\n component_add+0x20/0x2c\n dp_display_probe+0x340/0x384\n platform_probe+0xc0/0x100\n really_probe+0x110/0x304\n __driver_probe_device+0xb8/0x120\n driver_probe_device+0x4c/0xfc\n __device_attach_driver+0xb0/0x128\n bus_for_each_drv+0x90/0xdc\n __device_attach+0xc8/0x174\n device_initial_probe+0x20/0x2c\n bus_probe_device+0x40/0xa4\n deferred_probe_work_func+0x7c/0xb8\n process_one_work+0x128/0x21c\n process_scheduled_works+0x40/0x54\n worker_thread+0x1ec/0x2a8\n kthread+0x138/0x158\n ret_from_fork+0x10/0x20\n\nFix it by making sure there are any bits to mask out." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:04.372Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/abcb8d33e4d2215ccde5ab5ccf9f730a59d79d97" }, { "url": "https://git.kernel.org/stable/c/60df06bbdf497e37ed25ad40572c362e5b0998df" }, { "url": "https://git.kernel.org/stable/c/2df6c023050205c4d04ffc121bc549f65cb8d1df" }, { "url": "https://git.kernel.org/stable/c/eb0fc8e7170e61eaf65d28dee4a8baf4e86b19ca" }, { "url": "https://git.kernel.org/stable/c/0594f1d048d8dc338eb9a240021b1d00ae1eb082" }, { "url": "https://git.kernel.org/stable/c/57e48886401b14cd351423fabfec2cfd18df4f66" }, { "url": "https://git.kernel.org/stable/c/0e822e5413da1af28cca350cb1cb42b6133bdcae" }, { "url": "https://git.kernel.org/stable/c/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9" } ], "title": "nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47497", "datePublished": "2024-05-22T08:19:44.144Z", "dateReserved": "2024-05-22T06:20:56.203Z", "dateUpdated": "2024-11-04T12:07:04.372Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52792
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52792", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T15:19:10.363547Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:19:25.796Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:35.979Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/cxl/core/region.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "90db4c1d5eba", "status": "affected", "version": "5e42bcbc3fef", "versionType": "git" }, { "lessThan": "9090c5537c93", "status": "affected", "version": "5e42bcbc3fef", "versionType": "git" }, { "lessThan": "07ffcd8ec79c", "status": "affected", "version": "5e42bcbc3fef", "versionType": "git" }, { "lessThan": "0718588c7aaa", "status": "affected", "version": "5e42bcbc3fef", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/cxl/core/region.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.0" }, { "lessThan": "6.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Do not try to cleanup after cxl_region_setup_targets() fails\n\nCommit 5e42bcbc3fef (\"cxl/region: decrement -\u003enr_targets on error in\ncxl_region_attach()\") tried to avoid \u0027eiw\u0027 initialization errors when\n-\u003enr_targets exceeded 16, by just decrementing -\u003enr_targets when\ncxl_region_setup_targets() failed.\n\nCommit 86987c766276 (\"cxl/region: Cleanup target list on attach error\")\nextended that cleanup to also clear cxled-\u003epos and p-\u003etargets[pos]. The\ninitialization error was incidentally fixed separately by:\nCommit 8d4285425714 (\"cxl/region: Fix port setup uninitialized variable\nwarnings\") which was merged a few days after 5e42bcbc3fef.\n\nBut now the original cleanup when cxl_region_setup_targets() fails\nprevents endpoint and switch decoder resources from being reused:\n\n1) the cleanup does not set the decoder\u0027s region to NULL, which results\n in future dpa_size_store() calls returning -EBUSY\n2) the decoder is not properly freed, which results in future commit\n errors associated with the upstream switch\n\nNow that the initialization errors were fixed separately, the proper\ncleanup for this case is to just return immediately. Then the resources\nassociated with this target get cleanup up as normal when the failed\nregion is deleted.\n\nThe -\u003enr_targets decrement in the error case also helped prevent\na p-\u003etargets[] array overflow, so add a new check to prevent against\nthat overflow.\n\nTested by trying to create an invalid region for a 2 switch * 2 endpoint\ntopology, and then following up with creating a valid region." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:52:50.117Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83" }, { "url": "https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60" }, { "url": "https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2" }, { "url": "https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d" } ], "title": "cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52792", "datePublished": "2024-05-21T15:31:07.633Z", "dateReserved": "2024-05-21T15:19:24.241Z", "dateUpdated": "2024-11-04T14:52:50.117Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52853
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52853", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-22T18:51:33.652573Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:57.826Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.048Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/hid-cp2112.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "df0daac27094", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "727203e6e7e7", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "3d959406c8ff", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "012d0c66f939", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "bafb12b629b7", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "fb5718bc6733", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "eb1121fac798", "status": "affected", "version": "13de9cca514e", "versionType": "git" }, { "lessThan": "e3c2d2d144c0", "status": "affected", "version": "13de9cca514e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/hid-cp2112.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.10" }, { "lessThan": "4.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhid: cp2112: Fix duplicate workqueue initialization\n\nPreviously the cp2112 driver called INIT_DELAYED_WORK within\ncp2112_gpio_irq_startup, resulting in duplicate initilizations of the\nworkqueue on subsequent IRQ startups following an initial request. This\nresulted in a warning in set_work_data in workqueue.c, as well as a rare\nNULL dereference within process_one_work in workqueue.c.\n\nInitialize the workqueue within _probe instead." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:54.174Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/df0daac2709473531d6a3472997cc65301ac06d6" }, { "url": "https://git.kernel.org/stable/c/727203e6e7e7020e1246fc1628cbdb8d90177819" }, { "url": "https://git.kernel.org/stable/c/3d959406c8fff2334d83d0c352d54fd6f5b2e7cd" }, { "url": "https://git.kernel.org/stable/c/012d0c66f9392a99232ac28217229f32dd3a70cf" }, { "url": "https://git.kernel.org/stable/c/bafb12b629b7c3ad59812dd1ac1b0618062e0e38" }, { "url": "https://git.kernel.org/stable/c/fb5718bc67337dde1528661f419ffcf275757592" }, { "url": "https://git.kernel.org/stable/c/eb1121fac7986b30915ba20c5a04cc01fdcf160c" }, { "url": "https://git.kernel.org/stable/c/e3c2d2d144c082dd71596953193adf9891491f42" } ], "title": "hid: cp2112: Fix duplicate workqueue initialization", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52853", "datePublished": "2024-05-21T15:31:48.571Z", "dateReserved": "2024-05-21T15:19:24.256Z", "dateUpdated": "2024-11-04T14:53:54.174Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52806
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.085Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52806", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:47.089606Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:54.863Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/hda/hdac_stream.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7de25112de82", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "758c7733cb82", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2527775616f3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "25354bae4fc3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "631a96e9eb42", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "43b91df291c8", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fe7c1a0c2b25", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "4a320da7f7cb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f93dc90c2e8e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/hda/hdac_stream.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.331", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.300", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.262", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.202", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.140", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.64", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.13", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.3", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:53:04.598Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b" }, { "url": "https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323" }, { "url": "https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250" }, { "url": "https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7" }, { "url": "https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e" }, { "url": "https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4" }, { "url": "https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0" }, { "url": "https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd" }, { "url": "https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236" } ], "title": "ALSA: hda: Fix possible null-ptr-deref when assigning a stream", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52806", "datePublished": "2024-05-21T15:31:17.025Z", "dateReserved": "2024-05-21T15:19:24.247Z", "dateUpdated": "2024-11-04T14:53:04.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47474
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47474", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:55:02.820898Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:55:10.246Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.764Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/vmk80xx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e0e6a63fd97a", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "7cfb35db6077", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "0866dcaa828c", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "063f576c43d5", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "1ae4715121a5", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "b7fd7f3387f0", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "7b0e35618932", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "47b4636ebdbe", "status": "affected", "version": "985cafccbf9b", "versionType": "git" }, { "lessThan": "78cdfd62bd54", "status": "affected", "version": "985cafccbf9b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/comedi/drivers/vmk80xx.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.31" }, { "lessThan": "2.6.31", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.292", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.290", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.255", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.217", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.159", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.79", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.18", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix bulk-buffer overflow\n\nThe driver is using endpoint-sized buffers but must not assume that the\ntx and rx buffers are of equal size or a malicious device could overflow\nthe slab-allocated receive buffer when doing bulk transfers." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:06:37.774Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e0e6a63fd97ad95fe05dfd77268a1952551e11a7" }, { "url": "https://git.kernel.org/stable/c/7cfb35db607760698d299fd1cf7402dfa8f09973" }, { "url": "https://git.kernel.org/stable/c/0866dcaa828c21bc2f94dac00e086078f11b5772" }, { "url": "https://git.kernel.org/stable/c/063f576c43d589a4c153554b681d32b3f8317c7b" }, { "url": "https://git.kernel.org/stable/c/1ae4715121a57bc6fa29fd992127b01907f2f993" }, { "url": "https://git.kernel.org/stable/c/b7fd7f3387f070215e6be341e68eb5c087eeecc0" }, { "url": "https://git.kernel.org/stable/c/7b0e356189327287d0eb98ec081bd6dd97068cd3" }, { "url": "https://git.kernel.org/stable/c/47b4636ebdbeba2044b3db937c4d2b6a4fe3d0f2" }, { "url": "https://git.kernel.org/stable/c/78cdfd62bd54af615fba9e3ca1ba35de39d3871d" } ], "title": "comedi: vmk80xx: fix bulk-buffer overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47474", "datePublished": "2024-05-22T08:19:28.759Z", "dateReserved": "2024-05-22T06:20:56.199Z", "dateUpdated": "2024-11-04T12:06:37.774Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47421
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.007Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/72e9a1bf9b722628c28092e0c2cd8717edd201dc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/248b061689a40f4fed05252ee2c89f87cf26d7d8" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47421", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:37:47.598437Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:56.726Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "72e9a1bf9b72", "status": "affected", "version": "c9a6b82f45e2", "versionType": "git" }, { "lessThan": "248b061689a4", "status": "affected", "version": "c9a6b82f45e2", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_device.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.12", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume\n\nIn current code, when a PCI error state pci_channel_io_normal is detectd,\nit will report PCI_ERS_RESULT_CAN_RECOVER status to PCI driver, and PCI\ndriver will continue the execution of PCI resume callback report_resume by\npci_walk_bridge, and the callback will go into amdgpu_pci_resume\nfinally, where write lock is releasd unconditionally without acquiring\nsuch lock first. In this case, a deadlock will happen when other threads\nstart to acquire the read lock.\n\nTo fix this, add a member in amdgpu_device strucutre to cache\npci_channel_state, and only continue the execution in amdgpu_pci_resume\nwhen it\u0027s pci_channel_io_frozen." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:35.287Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/72e9a1bf9b722628c28092e0c2cd8717edd201dc" }, { "url": "https://git.kernel.org/stable/c/248b061689a40f4fed05252ee2c89f87cf26d7d8" } ], "title": "drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47421", "datePublished": "2024-05-21T15:04:09.296Z", "dateReserved": "2024-05-21T14:58:30.820Z", "dateUpdated": "2024-11-04T12:05:35.287Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52875
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:11:36.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0bd7d7b47" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1bf9c204aef4cc55ce46a7ff2d4dc7e5f86551a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-52875", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:36:21.387443Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:53.925Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt2701.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "6fccee2af400", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "1953e62366da", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "d1461f0c9ca0", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "001e5def774f", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "d1175cf4bd2b", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "2a18dd653284", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "e61934720af4", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "1bf9c204aef4", "status": "affected", "version": "e9862118272a", "versionType": "git" }, { "lessThan": "0d6e24b422a2", "status": "affected", "version": "e9862118272a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/clk/mediatek/clk-mt2701.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.10" }, { "lessThan": "4.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.330", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.299", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.261", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.201", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.139", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.63", "versionType": "semver" }, { "lessThanOrEqual": "6.5.*", "status": "unaffected", "version": "6.5.12", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:22.187Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739" }, { "url": "https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d" }, { "url": "https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95" }, { "url": "https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96" }, { "url": "https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055" }, { "url": "https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802" }, { "url": "https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0bd7d7b47" }, { "url": "https://git.kernel.org/stable/c/1bf9c204aef4cc55ce46a7ff2d4dc7e5f86551a7" }, { "url": "https://git.kernel.org/stable/c/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3" } ], "title": "clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52875", "datePublished": "2024-05-21T15:32:08.604Z", "dateReserved": "2024-05-21T15:19:24.264Z", "dateUpdated": "2024-11-04T14:54:22.187Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48706
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-48706", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:37:11.513272Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:37:51.673Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T15:17:55.751Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6b04456e248761cf68f562f2fd7c04e591fcac94" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/vdpa/ifcvf/ifcvf_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5d2cc32c1c10", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6b04456e2487", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/vdpa/ifcvf/ifcvf_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.13", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: ifcvf: Do proper cleanup if IFCVF init fails\n\nifcvf_mgmt_dev leaks memory if it is not freed before\nreturning. Call is made to correct return statement\nso memory does not leak. ifcvf_init_hw does not take\ncare of this so it is needed to do it here." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:14:56.030Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e" }, { "url": "https://git.kernel.org/stable/c/6b04456e248761cf68f562f2fd7c04e591fcac94" } ], "title": "vdpa: ifcvf: Do proper cleanup if IFCVF init fails", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2022-48706", "datePublished": "2024-05-21T15:22:48.087Z", "dateReserved": "2024-05-03T14:55:07.146Z", "dateUpdated": "2024-11-04T12:14:56.030Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47410
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47410", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T17:35:53.003122Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T17:37:32.982Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.102Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ac7d732b24f4061f8a732ada49b054ab38c63e15" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/197ae17722e989942b36e33e044787877f158574" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_device.c", "drivers/gpu/drm/amd/amdkfd/kfd_migrate.c", "drivers/gpu/drm/amd/amdkfd/kfd_migrate.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ac7d732b24f4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "197ae17722e9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_device.c", "drivers/gpu/drm/amd/amdkfd/kfd_migrate.c", "drivers/gpu/drm/amd/amdkfd/kfd_migrate.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.14.*", "status": "unaffected", "version": "5.14.11", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix svm_migrate_fini warning\n\nDevice manager releases device-specific resources when a driver\ndisconnects from a device, devm_memunmap_pages and\ndevm_release_mem_region calls in svm_migrate_fini are redundant.\n\nIt causes below warning trace after patch \"drm/amdgpu: Split\namdgpu_device_fini into early and late\", so remove function\nsvm_migrate_fini.\n\nBUG: https://gitlab.freedesktop.org/drm/amd/-/issues/1718\n\nWARNING: CPU: 1 PID: 3646 at drivers/base/devres.c:795\ndevm_release_action+0x51/0x60\nCall Trace:\n ? memunmap_pages+0x360/0x360\n svm_migrate_fini+0x2d/0x60 [amdgpu]\n kgd2kfd_device_exit+0x23/0xa0 [amdgpu]\n amdgpu_amdkfd_device_fini_sw+0x1d/0x30 [amdgpu]\n amdgpu_device_fini_sw+0x45/0x290 [amdgpu]\n amdgpu_driver_release_kms+0x12/0x30 [amdgpu]\n drm_dev_release+0x20/0x40 [drm]\n release_nodes+0x196/0x1e0\n device_release_driver_internal+0x104/0x1d0\n driver_detach+0x47/0x90\n bus_remove_driver+0x7a/0xd0\n pci_unregister_driver+0x3d/0x90\n amdgpu_exit+0x11/0x20 [amdgpu]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:05:23.638Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ac7d732b24f4061f8a732ada49b054ab38c63e15" }, { "url": "https://git.kernel.org/stable/c/197ae17722e989942b36e33e044787877f158574" } ], "title": "drm/amdkfd: fix svm_migrate_fini warning", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47410", "datePublished": "2024-05-21T15:04:01.984Z", "dateReserved": "2024-05-21T14:58:30.817Z", "dateUpdated": "2024-11-04T12:05:23.638Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.