Action not permitted
Modal body text goes here.
wid-sec-w-2024-3575
Vulnerability from csaf_certbund
Published
2024-12-02 23:00
Modified
2024-12-02 23:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3575 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3575.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3575 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3575"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53105",
"url": "https://lore.kernel.org/linux-cve-announce/2024120244-CVE-2024-53105-d978@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53106",
"url": "https://lore.kernel.org/linux-cve-announce/2024120246-CVE-2024-53106-8432@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53107",
"url": "https://lore.kernel.org/linux-cve-announce/2024120247-CVE-2024-53107-4f83@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53108",
"url": "https://lore.kernel.org/linux-cve-announce/2024120247-CVE-2024-53108-effc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53109",
"url": "https://lore.kernel.org/linux-cve-announce/2024120247-CVE-2024-53109-2481@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53110",
"url": "https://lore.kernel.org/linux-cve-announce/2024120248-CVE-2024-53110-3bff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53111",
"url": "https://lore.kernel.org/linux-cve-announce/2024120248-CVE-2024-53111-eb9b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53112",
"url": "https://lore.kernel.org/linux-cve-announce/2024120249-CVE-2024-53112-e04e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53113",
"url": "https://lore.kernel.org/linux-cve-announce/2024120249-CVE-2024-53113-57df@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53114",
"url": "https://lore.kernel.org/linux-cve-announce/2024120249-CVE-2024-53114-c500@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53115",
"url": "https://lore.kernel.org/linux-cve-announce/2024120250-CVE-2024-53115-fd6e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53116",
"url": "https://lore.kernel.org/linux-cve-announce/2024120250-CVE-2024-53116-ab42@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53117",
"url": "https://lore.kernel.org/linux-cve-announce/2024120250-CVE-2024-53117-145b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53118",
"url": "https://lore.kernel.org/linux-cve-announce/2024120251-CVE-2024-53118-c6d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53119",
"url": "https://lore.kernel.org/linux-cve-announce/2024120251-CVE-2024-53119-4957@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53120",
"url": "https://lore.kernel.org/linux-cve-announce/2024120251-CVE-2024-53120-65fd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53121",
"url": "https://lore.kernel.org/linux-cve-announce/2024120252-CVE-2024-53121-34da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53122",
"url": "https://lore.kernel.org/linux-cve-announce/2024120252-CVE-2024-53122-f35c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53123",
"url": "https://lore.kernel.org/linux-cve-announce/2024120252-CVE-2024-53123-cd09@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-53124",
"url": "https://lore.kernel.org/linux-cve-announce/2024120253-CVE-2024-53124-91b3@gregkh/"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2024-12-02T23:00:00.000+00:00",
"generator": {
"date": "2024-12-03T10:11:04.588+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3575",
"initial_release_date": "2024-12-02T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T008144",
"product_identification_helper": {
"cpe": "cpe:/a:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53105",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53105"
},
{
"cve": "CVE-2024-53106",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53106"
},
{
"cve": "CVE-2024-53107",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53107"
},
{
"cve": "CVE-2024-53108",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53108"
},
{
"cve": "CVE-2024-53109",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53109"
},
{
"cve": "CVE-2024-53110",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53110"
},
{
"cve": "CVE-2024-53111",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53111"
},
{
"cve": "CVE-2024-53112",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53112"
},
{
"cve": "CVE-2024-53113",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53113"
},
{
"cve": "CVE-2024-53114",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53114"
},
{
"cve": "CVE-2024-53115",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53115"
},
{
"cve": "CVE-2024-53116",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53116"
},
{
"cve": "CVE-2024-53117",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53117"
},
{
"cve": "CVE-2024-53118",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53118"
},
{
"cve": "CVE-2024-53119",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53119"
},
{
"cve": "CVE-2024-53120",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53120"
},
{
"cve": "CVE-2024-53121",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53121"
},
{
"cve": "CVE-2024-53122",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53122"
},
{
"cve": "CVE-2024-53123",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53124",
"notes": [
{
"category": "description",
"text": "There are multiple vulnerabilities in Linux Kernel. These flaws exist in several subsystems and components such as the ima, the virtio or the vsock among others due to multiple security related issues like a memory leak, a NULL pointer dereference or an improper error handling mechanism and more. A local attacker can exploit these vulnerabilities to create a Denial of Service condition."
}
],
"product_status": {
"known_affected": [
"T008144"
]
},
"release_date": "2024-12-02T23:00:00.000+00:00",
"title": "CVE-2024-53124"
}
]
}
cve-2024-53113
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/page_alloc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6addb2d9501e",
"status": "affected",
"version": "387ba26fb1cb",
"versionType": "git"
},
{
"lessThan": "d0f16cec7977",
"status": "affected",
"version": "387ba26fb1cb",
"versionType": "git"
},
{
"lessThan": "31502374627b",
"status": "affected",
"version": "387ba26fb1cb",
"versionType": "git"
},
{
"lessThan": "8ce41b0f9d77",
"status": "affected",
"version": "387ba26fb1cb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/page_alloc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix NULL pointer dereference in alloc_pages_bulk_noprof\n\nWe triggered a NULL pointer dereference for ac.preferred_zoneref-\u003ezone in\nalloc_pages_bulk_noprof() when the task is migrated between cpusets.\n\nWhen cpuset is enabled, in prepare_alloc_pages(), ac-\u003enodemask may be\n\u0026current-\u003emems_allowed. when first_zones_zonelist() is called to find\npreferred_zoneref, the ac-\u003enodemask may be modified concurrently if the\ntask is migrated between different cpusets. Assuming we have 2 NUMA Node,\nwhen traversing Node1 in ac-\u003ezonelist, the nodemask is 2, and when\ntraversing Node2 in ac-\u003ezonelist, the nodemask is 1. As a result, the\nac-\u003epreferred_zoneref points to NULL zone.\n\nIn alloc_pages_bulk_noprof(), for_each_zone_zonelist_nodemask() finds a\nallowable zone and calls zonelist_node_idx(ac.preferred_zoneref), leading\nto NULL pointer dereference.\n\n__alloc_pages_noprof() fixes this issue by checking NULL pointer in commit\nea57485af8f4 (\"mm, page_alloc: fix check for NULL preferred_zone\") and\ncommit df76cee6bbeb (\"mm, page_alloc: remove redundant checks from alloc\nfastpath\").\n\nTo fix it, check NULL pointer for preferred_zoneref-\u003ezone."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:45.419Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6addb2d9501ec866d7b3a3b4e665307c437e9be2"
},
{
"url": "https://git.kernel.org/stable/c/d0f16cec79774c3132df006cf771eddd89d08f58"
},
{
"url": "https://git.kernel.org/stable/c/31502374627ba9ec3e710dbd0bb00457cc6d2c19"
},
{
"url": "https://git.kernel.org/stable/c/8ce41b0f9d77cca074df25afd39b86e2ee3aa68e"
}
],
"title": "mm: fix NULL pointer dereference in alloc_pages_bulk_noprof",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53113",
"datePublished": "2024-12-02T13:44:45.419Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:45.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53112
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-05 11:30
Severity ?
EPSS score ?
Summary
ocfs2: uncache inode which has failed entering the group
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/resize.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ac0cfe8ac35c",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "620d22598110",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "843dfc804af4",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "b751c50e19d6",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
},
{
"lessThan": "737f34137844",
"status": "affected",
"version": "7909f2bf8353",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/resize.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.25"
},
{
"lessThan": "2.6.25",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.325",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: uncache inode which has failed entering the group\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/ocfs2/uptodate.c:509!\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? do_error_trap+0x1dc/0x2c0\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? __pfx_do_error_trap+0x10/0x10\n ? handle_invalid_op+0x34/0x40\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? ocfs2_set_new_buffer_uptodate+0x2e/0x160\n ? ocfs2_set_new_buffer_uptodate+0x144/0x160\n ? ocfs2_set_new_buffer_uptodate+0x145/0x160\n ocfs2_group_add+0x39f/0x15a0\n ? __pfx_ocfs2_group_add+0x10/0x10\n ? __pfx_lock_acquire+0x10/0x10\n ? mnt_get_write_access+0x68/0x2b0\n ? __pfx_lock_release+0x10/0x10\n ? rcu_read_lock_any_held+0xb7/0x160\n ? __pfx_rcu_read_lock_any_held+0x10/0x10\n ? smack_log+0x123/0x540\n ? mnt_get_write_access+0x68/0x2b0\n ? mnt_get_write_access+0x68/0x2b0\n ? mnt_get_write_access+0x226/0x2b0\n ocfs2_ioctl+0x65e/0x7d0\n ? __pfx_ocfs2_ioctl+0x10/0x10\n ? smack_file_ioctl+0x29e/0x3a0\n ? __pfx_smack_file_ioctl+0x10/0x10\n ? lockdep_hardirqs_on_prepare+0x43d/0x780\n ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10\n ? __pfx_ocfs2_ioctl+0x10/0x10\n __se_sys_ioctl+0xfb/0x170\n do_syscall_64+0xf3/0x230\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n \u003c/TASK\u003e\n\nWhen \u0027ioctl(OCFS2_IOC_GROUP_ADD, ...)\u0027 has failed for the particular\ninode in \u0027ocfs2_verify_group_and_input()\u0027, corresponding buffer head\nremains cached and subsequent call to the same \u0027ioctl()\u0027 for the same\ninode issues the BUG() in \u0027ocfs2_set_new_buffer_uptodate()\u0027 (trying\nto cache the same buffer head of that inode). Fix this by uncaching\nthe buffer head with \u0027ocfs2_remove_from_cache()\u0027 on error path in\n\u0027ocfs2_group_add()\u0027."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T11:30:00.806Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ac0cfe8ac35cf1be54131b90d114087b558777ca"
},
{
"url": "https://git.kernel.org/stable/c/620d22598110b0d0cb97a3fcca65fc473ea86e73"
},
{
"url": "https://git.kernel.org/stable/c/843dfc804af4b338ead42331dd58081b428ecdf8"
},
{
"url": "https://git.kernel.org/stable/c/b751c50e19d66cfb7360c0b55cf17b0722252d12"
},
{
"url": "https://git.kernel.org/stable/c/737f34137844d6572ab7d473c998c7f977ff30eb"
}
],
"title": "ocfs2: uncache inode which has failed entering the group",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53112",
"datePublished": "2024-12-02T13:44:44.387Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-05T11:30:00.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53115
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "36f64da08055",
"status": "affected",
"version": "d6667f0ddf46",
"versionType": "git"
},
{
"lessThan": "93d1f41a82de",
"status": "affected",
"version": "d6667f0ddf46",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.11"
},
{
"lessThan": "6.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle\n\nThe \u0027vmw_user_object_buffer\u0027 function may return NULL with incorrect\ninputs. To avoid possible null pointer dereference, add a check whether\nthe \u0027bo\u0027 is NULL in the vmw_framebuffer_surface_create_handle."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:47.046Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/36f64da080555175b58d85f99f5f90435e274e56"
},
{
"url": "https://git.kernel.org/stable/c/93d1f41a82de382845af460bf03bcb17dcbf08c5"
}
],
"title": "drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53115",
"datePublished": "2024-12-02T13:44:47.046Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:47.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53111
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
mm/mremap: fix address wraparound in move_page_tables()
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/mremap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "909543dc279a",
"status": "affected",
"version": "af8ca1c14906",
"versionType": "git"
},
{
"lessThan": "a4a282daf1a1",
"status": "affected",
"version": "af8ca1c14906",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/mremap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mremap: fix address wraparound in move_page_tables()\n\nOn 32-bit platforms, it is possible for the expression `len + old_addr \u003c\nold_end` to be false-positive if `len + old_addr` wraps around. \n`old_addr` is the cursor in the old range up to which page table entries\nhave been moved; so if the operation succeeded, `old_addr` is the *end* of\nthe old region, and adding `len` to it can wrap.\n\nThe overflow causes mremap() to mistakenly believe that PTEs have been\ncopied; the consequence is that mremap() bails out, but doesn\u0027t move the\nPTEs back before the new VMA is unmapped, causing anonymous pages in the\nregion to be lost. So basically if userspace tries to mremap() a\nprivate-anon region and hits this bug, mremap() will return an error and\nthe private-anon region\u0027s contents appear to have been zeroed.\n\nThe idea of this check is that `old_end - len` is the original start\naddress, and writing the check that way also makes it easier to read; so\nfix the check by rearranging the comparison accordingly.\n\n(An alternate fix would be to refactor this function by introducing an\n\"orig_old_start\" variable or such.)\n\n\nTested in a VM with a 32-bit X86 kernel; without the patch:\n\n```\nuser@horn:~/big_mremap$ cat test.c\n#define _GNU_SOURCE\n#include \u003cstdlib.h\u003e\n#include \u003cstdio.h\u003e\n#include \u003cerr.h\u003e\n#include \u003csys/mman.h\u003e\n\n#define ADDR1 ((void*)0x60000000)\n#define ADDR2 ((void*)0x10000000)\n#define SIZE 0x50000000uL\n\nint main(void) {\n unsigned char *p1 = mmap(ADDR1, SIZE, PROT_READ|PROT_WRITE,\n MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED_NOREPLACE, -1, 0);\n if (p1 == MAP_FAILED)\n err(1, \"mmap 1\");\n unsigned char *p2 = mmap(ADDR2, SIZE, PROT_NONE,\n MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED_NOREPLACE, -1, 0);\n if (p2 == MAP_FAILED)\n err(1, \"mmap 2\");\n *p1 = 0x41;\n printf(\"first char is 0x%02hhx\\n\", *p1);\n unsigned char *p3 = mremap(p1, SIZE, SIZE,\n MREMAP_MAYMOVE|MREMAP_FIXED, p2);\n if (p3 == MAP_FAILED) {\n printf(\"mremap() failed; first char is 0x%02hhx\\n\", *p1);\n } else {\n printf(\"mremap() succeeded; first char is 0x%02hhx\\n\", *p3);\n }\n}\nuser@horn:~/big_mremap$ gcc -static -o test test.c\nuser@horn:~/big_mremap$ setarch -R ./test\nfirst char is 0x41\nmremap() failed; first char is 0x00\n```\n\nWith the patch:\n\n```\nuser@horn:~/big_mremap$ setarch -R ./test\nfirst char is 0x41\nmremap() succeeded; first char is 0x41\n```"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:43.478Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/909543dc279a91122fb08e4653a72b82f0ad28f4"
},
{
"url": "https://git.kernel.org/stable/c/a4a282daf1a190f03790bf163458ea3c8d28d217"
}
],
"title": "mm/mremap: fix address wraparound in move_page_tables()",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53111",
"datePublished": "2024-12-02T13:44:43.478Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:43.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53123
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
mptcp: error out earlier on disconnect
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a749b23059b4",
"status": "affected",
"version": "ec9bc89a0188",
"versionType": "git"
},
{
"lessThan": "a66805c9b22c",
"status": "affected",
"version": "419ce133ab92",
"versionType": "git"
},
{
"lessThan": "955388e1d5d2",
"status": "affected",
"version": "419ce133ab92",
"versionType": "git"
},
{
"lessThan": "581302298524",
"status": "affected",
"version": "419ce133ab92",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: error out earlier on disconnect\n\nEric reported a division by zero splat in the MPTCP protocol:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted\n6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nRIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163\nCode: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8\n0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 \u003cf7\u003e 7c\n24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89\nRSP: 0018:ffffc900041f7930 EFLAGS: 00010293\nRAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b\nRDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004\nRBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67\nR10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80\nR13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000\nFS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n__tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493\nmptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline]\nmptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289\ninet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885\nsock_recvmsg_nosec net/socket.c:1051 [inline]\nsock_recvmsg+0x1b2/0x250 net/socket.c:1073\n__sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265\n__do_sys_recvfrom net/socket.c:2283 [inline]\n__se_sys_recvfrom net/socket.c:2279 [inline]\n__x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7feb5d857559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d\n01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559\nRDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000\nR10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c\nR13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef\n\nand provided a nice reproducer.\n\nThe root cause is the current bad handling of racing disconnect.\nAfter the blamed commit below, sk_wait_data() can return (with\nerror) with the underlying socket disconnected and a zero rcv_mss.\n\nCatch the error and return without performing any additional\noperations on the current socket."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:53.598Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a749b23059b43a9b1787eb36c5d9d44150a34238"
},
{
"url": "https://git.kernel.org/stable/c/a66805c9b22caf4e42af7a616f6c6b83c90d1010"
},
{
"url": "https://git.kernel.org/stable/c/955388e1d5d222c4101c596b536d41b91a8b212e"
},
{
"url": "https://git.kernel.org/stable/c/581302298524e9d77c4c44ff5156a6cd112227ae"
}
],
"title": "mptcp: error out earlier on disconnect",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53123",
"datePublished": "2024-12-02T13:44:53.598Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:53.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53108
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
drm/amd/display: Adjust VSDB parser for replay feature
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0a326fbc8f72",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "8db867061f4c",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "16dd2825c235",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Adjust VSDB parser for replay feature\n\nAt some point, the IEEE ID identification for the replay check in the\nAMD EDID was added. However, this check causes the following\nout-of-bounds issues when using KASAN:\n\n[ 27.804016] BUG: KASAN: slab-out-of-bounds in amdgpu_dm_update_freesync_caps+0xefa/0x17a0 [amdgpu]\n[ 27.804788] Read of size 1 at addr ffff8881647fdb00 by task systemd-udevd/383\n\n...\n\n[ 27.821207] Memory state around the buggy address:\n[ 27.821215] ffff8881647fda00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 27.821224] ffff8881647fda80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 27.821234] \u003effff8881647fdb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[ 27.821243] ^\n[ 27.821250] ffff8881647fdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[ 27.821259] ffff8881647fdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 27.821268] ==================================================================\n\nThis is caused because the ID extraction happens outside of the range of\nthe edid lenght. This commit addresses this issue by considering the\namd_vsdb_block size.\n\n(cherry picked from commit b7e381b1ccd5e778e3d9c44c669ad38439a861d8)"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:40.707Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a326fbc8f72a320051f27328d4d4e7abdfe68d7"
},
{
"url": "https://git.kernel.org/stable/c/8db867061f4c76505ad62422b65d666b45289217"
},
{
"url": "https://git.kernel.org/stable/c/16dd2825c23530f2259fc671960a3a65d2af69bd"
}
],
"title": "drm/amd/display: Adjust VSDB parser for replay feature",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53108",
"datePublished": "2024-12-02T13:44:40.707Z",
"dateReserved": "2024-11-19T17:17:24.992Z",
"dateUpdated": "2024-12-02T13:44:40.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53116
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
drm/panthor: Fix handling of partial GPU mapping of BOs
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d3e61af64b77",
"status": "affected",
"version": "647810ec2476",
"versionType": "git"
},
{
"lessThan": "3387e043918e",
"status": "affected",
"version": "647810ec2476",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.10"
},
{
"lessThan": "6.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix handling of partial GPU mapping of BOs\n\nThis commit fixes the bug in the handling of partial mapping of the\nbuffer objects to the GPU, which caused kernel warnings.\n\nPanthor didn\u0027t correctly handle the case where the partial mapping\nspanned multiple scatterlists and the mapping offset didn\u0027t point\nto the 1st page of starting scatterlist. The offset variable was\nnot cleared after reaching the starting scatterlist.\n\nFollowing warning messages were seen.\nWARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0\n\u003csnip\u003e\npc : __arm_lpae_unmap+0x254/0x5a0\nlr : __arm_lpae_unmap+0x2cc/0x5a0\n\u003csnip\u003e\nCall trace:\n __arm_lpae_unmap+0x254/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n arm_lpae_unmap_pages+0x80/0xa0\n panthor_vm_unmap_pages+0xac/0x1c8 [panthor]\n panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor]\n op_unmap_cb.isra.23.constprop.30+0x54/0x80\n __drm_gpuvm_sm_unmap+0x184/0x1c8\n drm_gpuvm_sm_unmap+0x40/0x60\n panthor_vm_exec_op+0xa8/0x120 [panthor]\n panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor]\n panthor_ioctl_vm_bind+0x10c/0x170 [panthor]\n drm_ioctl_kernel+0xbc/0x138\n drm_ioctl+0x210/0x4b0\n __arm64_sys_ioctl+0xb0/0xf8\n invoke_syscall+0x4c/0x110\n el0_svc_common.constprop.1+0x98/0xf8\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0xc8\n el0t_64_sync_handler+0xa0/0xc8\n el0t_64_sync+0x174/0x178\n\u003csnip\u003e\npanthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount)\nWARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n\u003csnip\u003e\npc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\nlr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n\u003csnip\u003e\npanthor : [drm] *ERROR* failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:47.958Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d3e61af64b770e0038470c81f42bd1d0598f6bcc"
},
{
"url": "https://git.kernel.org/stable/c/3387e043918e154ca08d83954966a8b087fe2835"
}
],
"title": "drm/panthor: Fix handling of partial GPU mapping of BOs",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53116",
"datePublished": "2024-12-02T13:44:47.958Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:47.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53105
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
mm: page_alloc: move mlocked flag clearance into free_pages_prepare()
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/page_alloc.c",
"mm/swap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7873d11911cd",
"status": "affected",
"version": "b109b87050df",
"versionType": "git"
},
{
"lessThan": "66edc3a5894c",
"status": "affected",
"version": "b109b87050df",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/page_alloc.c",
"mm/swap.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: page_alloc: move mlocked flag clearance into free_pages_prepare()\n\nSyzbot reported a bad page state problem caused by a page being freed\nusing free_page() still having a mlocked flag at free_pages_prepare()\nstage:\n\n BUG: Bad page state in process syz.5.504 pfn:61f45\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45\n flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff)\n raw: 00fff00000080204 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n page_owner tracks the page as allocated\n page last allocated via order 0, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 8443, tgid 8442 (syz.5.504), ts 201884660643, free_ts 201499827394\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537\n prep_new_page mm/page_alloc.c:1545 [inline]\n get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457\n __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733\n alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265\n kvm_coalesced_mmio_init+0x1f/0xf0 virt/kvm/coalesced_mmio.c:99\n kvm_create_vm virt/kvm/kvm_main.c:1235 [inline]\n kvm_dev_ioctl_create_vm virt/kvm/kvm_main.c:5488 [inline]\n kvm_dev_ioctl+0x12dc/0x2240 virt/kvm/kvm_main.c:5530\n __do_compat_sys_ioctl fs/ioctl.c:1007 [inline]\n __se_compat_sys_ioctl+0x510/0xc90 fs/ioctl.c:950\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n page last free pid 8399 tgid 8399 stack trace:\n reset_page_owner include/linux/page_owner.h:25 [inline]\n free_pages_prepare mm/page_alloc.c:1108 [inline]\n free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686\n folios_put_refs+0x76c/0x860 mm/swap.c:1007\n free_pages_and_swap_cache+0x5c8/0x690 mm/swap_state.c:335\n __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline]\n tlb_batch_pages_flush mm/mmu_gather.c:149 [inline]\n tlb_flush_mmu_free mm/mmu_gather.c:366 [inline]\n tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373\n tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465\n exit_mmap+0x496/0xc40 mm/mmap.c:1926\n __mmput+0x115/0x390 kernel/fork.c:1348\n exit_mm+0x220/0x310 kernel/exit.c:571\n do_exit+0x9b2/0x28e0 kernel/exit.c:926\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [inline]\n __se_sys_exit_group kernel/exit.c:1097 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n Modules linked in:\n CPU: 0 UID: 0 PID: 8442 Comm: syz.5.504 Not tainted 6.12.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n bad_page+0x176/0x1d0 mm/page_alloc.c:501\n free_page_is_bad mm/page_alloc.c:918 [inline]\n free_pages_prepare mm/page_alloc.c:1100 [inline]\n free_unref_page+0xed0/0xf20 mm/page_alloc.c:2638\n kvm_destroy_vm virt/kvm/kvm_main.c:1327 [inline]\n kvm_put_kvm+0xc75/0x1350 virt/kvm/kvm_main.c:1386\n kvm_vcpu_release+0x54/0x60 virt/kvm/kvm_main.c:4143\n __fput+0x23f/0x880 fs/file_table.c:431\n task_work_run+0x24f/0x310 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:43 [inline]\n do_exit+0xa2f/0x28e0 kernel/exit.c:939\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [in\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:38.257Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7873d11911cd1d21e25c354eb130d8c3b5cb3ca5"
},
{
"url": "https://git.kernel.org/stable/c/66edc3a5894c74f8887c8af23b97593a0dd0df4d"
}
],
"title": "mm: page_alloc: move mlocked flag clearance into free_pages_prepare()",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53105",
"datePublished": "2024-12-02T13:44:38.257Z",
"dateReserved": "2024-11-19T17:17:24.992Z",
"dateUpdated": "2024-12-02T13:44:38.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53106
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
ima: fix buffer overrun in ima_eventdigest_init_common
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"security/integrity/ima/ima_template_lib.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e01aae58e818",
"status": "affected",
"version": "9fab303a2cb3",
"versionType": "git"
},
{
"lessThan": "8a84765c62cc",
"status": "affected",
"version": "9fab303a2cb3",
"versionType": "git"
},
{
"lessThan": "1ecf0df5205c",
"status": "affected",
"version": "9fab303a2cb3",
"versionType": "git"
},
{
"lessThan": "923168a0631b",
"status": "affected",
"version": "9fab303a2cb3",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"security/integrity/ima/ima_template_lib.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: fix buffer overrun in ima_eventdigest_init_common\n\nFunction ima_eventdigest_init() calls ima_eventdigest_init_common()\nwith HASH_ALGO__LAST which is then used to access the array\nhash_digest_size[] leading to buffer overrun. Have a conditional\nstatement to handle this."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:39.117Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e01aae58e818503f2ffcd34c6f7dc6f90af1057e"
},
{
"url": "https://git.kernel.org/stable/c/8a84765c62cc0469864e2faee43aae253ad16082"
},
{
"url": "https://git.kernel.org/stable/c/1ecf0df5205cfb0907eb7984b8671257965a5232"
},
{
"url": "https://git.kernel.org/stable/c/923168a0631bc42fffd55087b337b1b6c54dcff5"
}
],
"title": "ima: fix buffer overrun in ima_eventdigest_init_common",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53106",
"datePublished": "2024-12-02T13:44:39.117Z",
"dateReserved": "2024-11-19T17:17:24.992Z",
"dateUpdated": "2024-12-02T13:44:39.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53120
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
net/mlx5e: CT: Fix null-ptr-deref in add rule err flow
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0c7c70ff8b69",
"status": "affected",
"version": "7fac5c2eced3",
"versionType": "git"
},
{
"lessThan": "06dc488a5930",
"status": "affected",
"version": "7fac5c2eced3",
"versionType": "git"
},
{
"lessThan": "6030f8bd7902",
"status": "affected",
"version": "7fac5c2eced3",
"versionType": "git"
},
{
"lessThan": "e99c6873229f",
"status": "affected",
"version": "7fac5c2eced3",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: CT: Fix null-ptr-deref in add rule err flow\n\nIn error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add()\ncallback returns error, zone_rule-\u003eattr is used uninitiated. Fix it to\nuse attr which has the needed pointer value.\n\nKernel log:\n BUG: kernel NULL pointer dereference, address: 0000000000000110\n RIP: 0010:mlx5_tc_ct_entry_add_rule+0x2b1/0x2f0 [mlx5_core]\n\u2026\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x70\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x140\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_tc_ct_entry_add_rule+0x2b1/0x2f0 [mlx5_core]\n ? mlx5_tc_ct_entry_add_rule+0x1d5/0x2f0 [mlx5_core]\n mlx5_tc_ct_block_flow_offload+0xc6a/0xf90 [mlx5_core]\n ? nf_flow_offload_tuple+0xd8/0x190 [nf_flow_table]\n nf_flow_offload_tuple+0xd8/0x190 [nf_flow_table]\n flow_offload_work_handler+0x142/0x320 [nf_flow_table]\n ? finish_task_switch.isra.0+0x15b/0x2b0\n process_one_work+0x16c/0x320\n worker_thread+0x28c/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xb8/0xf0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:51.098Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0c7c70ff8b696cfedba350411dca736361ef9a0f"
},
{
"url": "https://git.kernel.org/stable/c/06dc488a593020bd2f006798557d2a32104d8359"
},
{
"url": "https://git.kernel.org/stable/c/6030f8bd7902e9e276a0edc09bf11979e4e2bc2e"
},
{
"url": "https://git.kernel.org/stable/c/e99c6873229fe0482e7ceb7d5600e32d623ed9d9"
}
],
"title": "net/mlx5e: CT: Fix null-ptr-deref in add rule err flow",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53120",
"datePublished": "2024-12-02T13:44:51.098Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:51.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53122
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
mptcp: cope racing subflow creation in mptcp_rcv_space_adjust
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "24995851d58c",
"status": "affected",
"version": "c76c6956566f",
"versionType": "git"
},
{
"lessThan": "ff825ab2f455",
"status": "affected",
"version": "c76c6956566f",
"versionType": "git"
},
{
"lessThan": "aad6412c63ba",
"status": "affected",
"version": "c76c6956566f",
"versionType": "git"
},
{
"lessThan": "ce7356ae3594",
"status": "affected",
"version": "c76c6956566f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/mptcp/protocol.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: cope racing subflow creation in mptcp_rcv_space_adjust\n\nAdditional active subflows - i.e. created by the in kernel path\nmanager - are included into the subflow list before starting the\n3whs.\n\nA racing recvmsg() spooling data received on an already established\nsubflow would unconditionally call tcp_cleanup_rbuf() on all the\ncurrent subflows, potentially hitting a divide by zero error on\nthe newly created ones.\n\nExplicitly check that the subflow is in a suitable state before\ninvoking tcp_cleanup_rbuf()."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:52.678Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/24995851d58c4a205ad0ffa7b2f21e479a9c8527"
},
{
"url": "https://git.kernel.org/stable/c/ff825ab2f455299c0c7287550915a8878e2a66e0"
},
{
"url": "https://git.kernel.org/stable/c/aad6412c63baa39dd813e81f16a14d976b3de2e8"
},
{
"url": "https://git.kernel.org/stable/c/ce7356ae35943cc6494cc692e62d51a734062b7d"
}
],
"title": "mptcp: cope racing subflow creation in mptcp_rcv_space_adjust",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53122",
"datePublished": "2024-12-02T13:44:52.678Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:52.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53121
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
net/mlx5: fs, lock FTE when checking if active
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/fs_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "bfba288f5319",
"status": "affected",
"version": "718ce4d601db",
"versionType": "git"
},
{
"lessThan": "094d1a2121ce",
"status": "affected",
"version": "718ce4d601db",
"versionType": "git"
},
{
"lessThan": "933ef0d17f01",
"status": "affected",
"version": "718ce4d601db",
"versionType": "git"
},
{
"lessThan": "9ca314419930",
"status": "affected",
"version": "718ce4d601db",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/fs_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: fs, lock FTE when checking if active\n\nThe referenced commits introduced a two-step process for deleting FTEs:\n\n- Lock the FTE, delete it from hardware, set the hardware deletion function\n to NULL and unlock the FTE.\n- Lock the parent flow group, delete the software copy of the FTE, and\n remove it from the xarray.\n\nHowever, this approach encounters a race condition if a rule with the same\nmatch value is added simultaneously. In this scenario, fs_core may set the\nhardware deletion function to NULL prematurely, causing a panic during\nsubsequent rule deletions.\n\nTo prevent this, ensure the active flag of the FTE is checked under a lock,\nwhich will prevent the fs_core layer from attaching a new steering rule to\nan FTE that is in the process of deletion.\n\n[ 438.967589] MOSHE: 2496 mlx5_del_flow_rules del_hw_func\n[ 438.968205] ------------[ cut here ]------------\n[ 438.968654] refcount_t: decrement hit 0; leaking memory.\n[ 438.969249] WARNING: CPU: 0 PID: 8957 at lib/refcount.c:31 refcount_warn_saturate+0xfb/0x110\n[ 438.970054] Modules linked in: act_mirred cls_flower act_gact sch_ingress openvswitch nsh mlx5_vdpa vringh vhost_iotlb vdpa mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core zram zsmalloc fuse [last unloaded: cls_flower]\n[ 438.973288] CPU: 0 UID: 0 PID: 8957 Comm: tc Not tainted 6.12.0-rc1+ #8\n[ 438.973888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 438.974874] RIP: 0010:refcount_warn_saturate+0xfb/0x110\n[ 438.975363] Code: 40 66 3b 82 c6 05 16 e9 4d 01 01 e8 1f 7c a0 ff 0f 0b c3 cc cc cc cc 48 c7 c7 10 66 3b 82 c6 05 fd e8 4d 01 01 e8 05 7c a0 ff \u003c0f\u003e 0b c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90\n[ 438.976947] RSP: 0018:ffff888124a53610 EFLAGS: 00010286\n[ 438.977446] RAX: 0000000000000000 RBX: ffff888119d56de0 RCX: 0000000000000000\n[ 438.978090] RDX: ffff88852c828700 RSI: ffff88852c81b3c0 RDI: ffff88852c81b3c0\n[ 438.978721] RBP: ffff888120fa0e88 R08: 0000000000000000 R09: ffff888124a534b0\n[ 438.979353] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888119d56de0\n[ 438.979979] R13: ffff888120fa0ec0 R14: ffff888120fa0ee8 R15: ffff888119d56de0\n[ 438.980607] FS: 00007fe6dcc0f800(0000) GS:ffff88852c800000(0000) knlGS:0000000000000000\n[ 438.983984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 438.984544] CR2: 00000000004275e0 CR3: 0000000186982001 CR4: 0000000000372eb0\n[ 438.985205] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 438.985842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 438.986507] Call Trace:\n[ 438.986799] \u003cTASK\u003e\n[ 438.987070] ? __warn+0x7d/0x110\n[ 438.987426] ? refcount_warn_saturate+0xfb/0x110\n[ 438.987877] ? report_bug+0x17d/0x190\n[ 438.988261] ? prb_read_valid+0x17/0x20\n[ 438.988659] ? handle_bug+0x53/0x90\n[ 438.989054] ? exc_invalid_op+0x14/0x70\n[ 438.989458] ? asm_exc_invalid_op+0x16/0x20\n[ 438.989883] ? refcount_warn_saturate+0xfb/0x110\n[ 438.990348] mlx5_del_flow_rules+0x2f7/0x340 [mlx5_core]\n[ 438.990932] __mlx5_eswitch_del_rule+0x49/0x170 [mlx5_core]\n[ 438.991519] ? mlx5_lag_is_sriov+0x3c/0x50 [mlx5_core]\n[ 438.992054] ? xas_load+0x9/0xb0\n[ 438.992407] mlx5e_tc_rule_unoffload+0x45/0xe0 [mlx5_core]\n[ 438.993037] mlx5e_tc_del_fdb_flow+0x2a6/0x2e0 [mlx5_core]\n[ 438.993623] mlx5e_flow_put+0x29/0x60 [mlx5_core]\n[ 438.994161] mlx5e_delete_flower+0x261/0x390 [mlx5_core]\n[ 438.994728] tc_setup_cb_destroy+0xb9/0x190\n[ 438.995150] fl_hw_destroy_filter+0x94/0xc0 [cls_flower]\n[ 438.995650] fl_change+0x11a4/0x13c0 [cls_flower]\n[ 438.996105] tc_new_tfilter+0x347/0xbc0\n[ 438.996503] ? __\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:51.864Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/bfba288f53192db08c68d4c568db9783fb9cb838"
},
{
"url": "https://git.kernel.org/stable/c/094d1a2121cee1e85ab07d74388f94809dcfb5b9"
},
{
"url": "https://git.kernel.org/stable/c/933ef0d17f012b653e9e6006e3f50c8d0238b5ed"
},
{
"url": "https://git.kernel.org/stable/c/9ca314419930f9135727e39d77e66262d5f7bef6"
}
],
"title": "net/mlx5: fs, lock FTE when checking if active",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53121",
"datePublished": "2024-12-02T13:44:51.864Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:51.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53107
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/proc/task_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "adee03f8903c",
"status": "affected",
"version": "52526ca7fdb9",
"versionType": "git"
},
{
"lessThan": "669b0cb81e4e",
"status": "affected",
"version": "52526ca7fdb9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/proc/task_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()\n\nThe \"arg-\u003evec_len\" variable is a u64 that comes from the user at the start\nof the function. The \"arg-\u003evec_len * sizeof(struct page_region))\"\nmultiplication can lead to integer wrapping. Use size_mul() to avoid\nthat.\n\nAlso the size_add/mul() functions work on unsigned long so for 32bit\nsystems we need to ensure that \"arg-\u003evec_len\" fits in an unsigned long."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:39.811Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/adee03f8903c58a6a559f21388a430211fac8ce9"
},
{
"url": "https://git.kernel.org/stable/c/669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e"
}
],
"title": "fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53107",
"datePublished": "2024-12-02T13:44:39.811Z",
"dateReserved": "2024-11-19T17:17:24.992Z",
"dateUpdated": "2024-12-02T13:44:39.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53114
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/cpu/amd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "00c713f84f47",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "a5ca1dc46a6b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/cpu/amd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client\n\nA number of Zen4 client SoCs advertise the ability to use virtualized\nVMLOAD/VMSAVE, but using these instructions is reported to be a cause\nof a random host reboot.\n\nThese instructions aren\u0027t intended to be advertised on Zen4 client\nso clear the capability."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:46.142Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0"
},
{
"url": "https://git.kernel.org/stable/c/a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0"
}
],
"title": "x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53114",
"datePublished": "2024-12-02T13:44:46.142Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:46.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53117
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
virtio/vsock: Improve MSG_ZEROCOPY error handling
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "50061d7319e2",
"status": "affected",
"version": "581512a6dc93",
"versionType": "git"
},
{
"lessThan": "60cf6206a1f5",
"status": "affected",
"version": "581512a6dc93",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio/vsock: Improve MSG_ZEROCOPY error handling\n\nAdd a missing kfree_skb() to prevent memory leaks."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:48.788Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/50061d7319e21165d04e3024354c1b43b6137821"
},
{
"url": "https://git.kernel.org/stable/c/60cf6206a1f513512f5d73fa4d3dbbcad2e7dcd6"
}
],
"title": "virtio/vsock: Improve MSG_ZEROCOPY error handling",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53117",
"datePublished": "2024-12-02T13:44:48.788Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:48.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53119
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
virtio/vsock: Fix accept_queue memory leak
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "946c7600fa22",
"status": "affected",
"version": "3fe356d58efa",
"versionType": "git"
},
{
"lessThan": "897617a413e0",
"status": "affected",
"version": "3fe356d58efa",
"versionType": "git"
},
{
"lessThan": "241534504224",
"status": "affected",
"version": "3fe356d58efa",
"versionType": "git"
},
{
"lessThan": "d7b0ff5a8667",
"status": "affected",
"version": "3fe356d58efa",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio/vsock: Fix accept_queue memory leak\n\nAs the final stages of socket destruction may be delayed, it is possible\nthat virtio_transport_recv_listen() will be called after the accept_queue\nhas been flushed, but before the SOCK_DONE flag has been set. As a result,\nsockets enqueued after the flush would remain unremoved, leading to a\nmemory leak.\n\nvsock_release\n __vsock_release\n lock\n virtio_transport_release\n virtio_transport_close\n schedule_delayed_work(close_work)\n sk_shutdown = SHUTDOWN_MASK\n(!) flush accept_queue\n release\n virtio_transport_recv_pkt\n vsock_find_bound_socket\n lock\n if flag(SOCK_DONE) return\n virtio_transport_recv_listen\n child = vsock_create_connected\n (!) vsock_enqueue_accept(child)\n release\nclose_work\n lock\n virtio_transport_do_close\n set_flag(SOCK_DONE)\n virtio_transport_remove_sock\n vsock_remove_sock\n vsock_remove_bound\n release\n\nIntroduce a sk_shutdown check to disallow vsock_enqueue_accept() during\nsocket destruction.\n\nunreferenced object 0xffff888109e3f800 (size 2040):\n comm \"kworker/5:2\", pid 371, jiffies 4294940105\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 28 00 0b 40 00 00 00 00 00 00 00 00 00 00 00 00 (..@............\n backtrace (crc 9e5f4e84):\n [\u003cffffffff81418ff1\u003e] kmem_cache_alloc_noprof+0x2c1/0x360\n [\u003cffffffff81d27aa0\u003e] sk_prot_alloc+0x30/0x120\n [\u003cffffffff81d2b54c\u003e] sk_alloc+0x2c/0x4b0\n [\u003cffffffff81fe049a\u003e] __vsock_create.constprop.0+0x2a/0x310\n [\u003cffffffff81fe6d6c\u003e] virtio_transport_recv_pkt+0x4dc/0x9a0\n [\u003cffffffff81fe745d\u003e] vsock_loopback_work+0xfd/0x140\n [\u003cffffffff810fc6ac\u003e] process_one_work+0x20c/0x570\n [\u003cffffffff810fce3f\u003e] worker_thread+0x1bf/0x3a0\n [\u003cffffffff811070dd\u003e] kthread+0xdd/0x110\n [\u003cffffffff81044fdd\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff8100785a\u003e] ret_from_fork_asm+0x1a/0x30"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:50.438Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/946c7600fa2207cc8d3fbc86a518ec56f98a5813"
},
{
"url": "https://git.kernel.org/stable/c/897617a413e0bf1c6380e3b34b2f28f450508549"
},
{
"url": "https://git.kernel.org/stable/c/2415345042245de7601dcc6eafdbe3a3dcc9e379"
},
{
"url": "https://git.kernel.org/stable/c/d7b0ff5a866724c3ad21f2628c22a63336deec3f"
}
],
"title": "virtio/vsock: Fix accept_queue memory leak",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53119",
"datePublished": "2024-12-02T13:44:50.438Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:50.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53109
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
nommu: pass NULL argument to vma_iter_prealloc()
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"mm/nommu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8bbf0ab631cd",
"status": "affected",
"version": "b5df09226450",
"versionType": "git"
},
{
"lessThan": "aceaf33b7666",
"status": "affected",
"version": "b5df09226450",
"versionType": "git"
},
{
"lessThan": "247d720b2c5d",
"status": "affected",
"version": "b5df09226450",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"mm/nommu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.6"
},
{
"lessThan": "6.6",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnommu: pass NULL argument to vma_iter_prealloc()\n\nWhen deleting a vma entry from a maple tree, it has to pass NULL to\nvma_iter_prealloc() in order to calculate internal state of the tree, but\nit passed a wrong argument. As a result, nommu kernels crashed upon\naccessing a vma iterator, such as acct_collect() reading the size of vma\nentries after do_munmap().\n\nThis commit fixes this issue by passing a right argument to the\npreallocation call."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:41.622Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8bbf0ab631cdf1dade6745f137cff98751e6ced7"
},
{
"url": "https://git.kernel.org/stable/c/aceaf33b7666b72dfb86e0aa977be81e3bcbc727"
},
{
"url": "https://git.kernel.org/stable/c/247d720b2c5d22f7281437fd6054a138256986ba"
}
],
"title": "nommu: pass NULL argument to vma_iter_prealloc()",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53109",
"datePublished": "2024-12-02T13:44:41.622Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:41.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53124
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
net: fix data-races around sk->sk_forward_alloc
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/dccp/ipv6.c",
"net/ipv6/tcp_ipv6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d285eb9d0641",
"status": "affected",
"version": "e994b2f0fb92",
"versionType": "git"
},
{
"lessThan": "073d89808c06",
"status": "affected",
"version": "e994b2f0fb92",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/dccp/ipv6.c",
"net/ipv6/tcp_ipv6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.4"
},
{
"lessThan": "4.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv()."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:54.257Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d285eb9d0641c8344f2836081b4ccb7b3c5cc1b6"
},
{
"url": "https://git.kernel.org/stable/c/073d89808c065ac4c672c0a613a71b27a80691cb"
}
],
"title": "net: fix data-races around sk-\u003esk_forward_alloc",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53124",
"datePublished": "2024-12-02T13:44:54.257Z",
"dateReserved": "2024-11-19T17:17:24.995Z",
"dateUpdated": "2024-12-02T13:44:54.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53110
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
vp_vdpa: fix id_table array not null terminated error
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/virtio_pci/vp_vdpa.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "870d68fe17b5",
"status": "affected",
"version": "ffbda8e9df10",
"versionType": "git"
},
{
"lessThan": "c4d64534d4b1",
"status": "affected",
"version": "ffbda8e9df10",
"versionType": "git"
},
{
"lessThan": "0a886489d274",
"status": "affected",
"version": "ffbda8e9df10",
"versionType": "git"
},
{
"lessThan": "4e39ecadf1d2",
"status": "affected",
"version": "ffbda8e9df10",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/vdpa/virtio_pci/vp_vdpa.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvp_vdpa: fix id_table array not null terminated error\n\nAllocate one extra virtio_device_id as null terminator, otherwise\nvdpa_mgmtdev_get_classes() may iterate multiple times and visit\nundefined memory."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:42.542Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/870d68fe17b5d9032049dcad98b5781a344a8657"
},
{
"url": "https://git.kernel.org/stable/c/c4d64534d4b1c47d2f1ce427497f971ad4735aae"
},
{
"url": "https://git.kernel.org/stable/c/0a886489d274596ad1a80789d3a773503210a615"
},
{
"url": "https://git.kernel.org/stable/c/4e39ecadf1d2a08187139619f1f314b64ba7d947"
}
],
"title": "vp_vdpa: fix id_table array not null terminated error",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53110",
"datePublished": "2024-12-02T13:44:42.542Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:42.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-53118
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
vsock: Fix sk_error_queue memory leak
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/af_vsock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "bea4779a45f4",
"status": "affected",
"version": "581512a6dc93",
"versionType": "git"
},
{
"lessThan": "fbf7085b3ad1",
"status": "affected",
"version": "581512a6dc93",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/af_vsock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.7"
},
{
"lessThan": "6.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix sk_error_queue memory leak\n\nKernel queues MSG_ZEROCOPY completion notifications on the error queue.\nWhere they remain, until explicitly recv()ed. To prevent memory leaks,\nclean up the queue when the socket is destroyed.\n\nunreferenced object 0xffff8881028beb00 (size 224):\n comm \"vsock_test\", pid 1218, jiffies 4294694897\n hex dump (first 32 bytes):\n 90 b0 21 17 81 88 ff ff 90 b0 21 17 81 88 ff ff ..!.......!.....\n 00 00 00 00 00 00 00 00 00 b0 21 17 81 88 ff ff ..........!.....\n backtrace (crc 6c7031ca):\n [\u003cffffffff81418ef7\u003e] kmem_cache_alloc_node_noprof+0x2f7/0x370\n [\u003cffffffff81d35882\u003e] __alloc_skb+0x132/0x180\n [\u003cffffffff81d2d32b\u003e] sock_omalloc+0x4b/0x80\n [\u003cffffffff81d3a8ae\u003e] msg_zerocopy_realloc+0x9e/0x240\n [\u003cffffffff81fe5cb2\u003e] virtio_transport_send_pkt_info+0x412/0x4c0\n [\u003cffffffff81fe6183\u003e] virtio_transport_stream_enqueue+0x43/0x50\n [\u003cffffffff81fe0813\u003e] vsock_connectible_sendmsg+0x373/0x450\n [\u003cffffffff81d233d5\u003e] ____sys_sendmsg+0x365/0x3a0\n [\u003cffffffff81d246f4\u003e] ___sys_sendmsg+0x84/0xd0\n [\u003cffffffff81d26f47\u003e] __sys_sendmsg+0x47/0x80\n [\u003cffffffff820d3df3\u003e] do_syscall_64+0x93/0x180\n [\u003cffffffff8220012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:49.658Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/bea4779a45f49275b1e1b1bd9de03cd3727244d8"
},
{
"url": "https://git.kernel.org/stable/c/fbf7085b3ad1c7cc0677834c90f985f1b4f77a33"
}
],
"title": "vsock: Fix sk_error_queue memory leak",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53118",
"datePublished": "2024-12-02T13:44:49.658Z",
"dateReserved": "2024-11-19T17:17:24.994Z",
"dateUpdated": "2024-12-02T13:44:49.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.