Update 9Feb24
diff --git a/CHANGES.md b/CHANGES.md index ce403db..fa4386c 100644 --- a/CHANGES.md +++ b/CHANGES.md
@@ -1,73 +1,44 @@ # **Linux Kernel CVE Changes** -## Last Update - 02Feb24 19:06 +## Last Update - 09Feb24 13:51 ### **New CVEs Added:** -[CVE-2021-33630](cves/CVE-2021-33630) -[CVE-2021-33631](cves/CVE-2021-33631) -[CVE-2023-46343](cves/CVE-2023-46343) -[CVE-2023-46838](cves/CVE-2023-46838) -[CVE-2023-51042](cves/CVE-2023-51042) -[CVE-2023-51043](cves/CVE-2023-51043) -[CVE-2023-52340](cves/CVE-2023-52340) -[CVE-2023-6200](cves/CVE-2023-6200) -[CVE-2023-6915](cves/CVE-2023-6915) -[CVE-2024-0562](cves/CVE-2024-0562) -[CVE-2024-0564](cves/CVE-2024-0564) -[CVE-2024-0565](cves/CVE-2024-0565) -[CVE-2024-0582](cves/CVE-2024-0582) -[CVE-2024-0584](cves/CVE-2024-0584) -[CVE-2024-0607](cves/CVE-2024-0607) -[CVE-2024-0639](cves/CVE-2024-0639) -[CVE-2024-0641](cves/CVE-2024-0641) -[CVE-2024-0646](cves/CVE-2024-0646) -[CVE-2024-0775](cves/CVE-2024-0775) -[CVE-2024-0841](cves/CVE-2024-0841) -[CVE-2024-1085](cves/CVE-2024-1085) -[CVE-2024-1086](cves/CVE-2024-1086) -[CVE-2024-21803](cves/CVE-2024-21803) -[CVE-2024-22099](cves/CVE-2024-22099) -[CVE-2024-22705](cves/CVE-2024-22705) -[CVE-2024-23307](cves/CVE-2024-23307) -[CVE-2024-23848](cves/CVE-2024-23848) -[CVE-2024-23849](cves/CVE-2024-23849) -[CVE-2024-23850](cves/CVE-2024-23850) -[CVE-2024-23851](cves/CVE-2024-23851) +[CVE-2023-6240](cves/CVE-2023-6240) +[CVE-2024-1312](cves/CVE-2024-1312) +[CVE-2024-22386](cves/CVE-2024-22386) +[CVE-2024-23196](cves/CVE-2024-23196) +[CVE-2024-24855](cves/CVE-2024-24855) +[CVE-2024-24857](cves/CVE-2024-24857) +[CVE-2024-24858](cves/CVE-2024-24858) +[CVE-2024-24859](cves/CVE-2024-24859) +[CVE-2024-24860](cves/CVE-2024-24860) +[CVE-2024-24861](cves/CVE-2024-24861) +[CVE-2024-24864](cves/CVE-2024-24864) ### **New Versions Checked:** -[4.19.306](streams/4.19) -[5.10.209](streams/5.10) -[5.15.148](streams/5.15) -[5.4.268](streams/5.4) -[6.1.76](streams/6.1) -[6.6.15](streams/6.6) -[6.7.3](streams/6.7) +[6.1.77](streams/6.1) +[6.6.16](streams/6.6) +[6.7.4](streams/6.7) ### **Updated CVEs:** -[CVE-2017-5753](cves/CVE-2017-5753) -[CVE-2022-36402](cves/CVE-2022-36402) -[CVE-2023-2177](cves/CVE-2023-2177) -[CVE-2023-35827](cves/CVE-2023-35827) -[CVE-2023-39198](cves/CVE-2023-39198) -[CVE-2023-4010](cves/CVE-2023-4010) -[CVE-2023-50431](cves/CVE-2023-50431) -[CVE-2023-6040](cves/CVE-2023-6040) -[CVE-2023-6610](cves/CVE-2023-6610) -[CVE-2023-6622](cves/CVE-2023-6622) -[CVE-2023-6817](cves/CVE-2023-6817) -[CVE-2022-2585](cves/CVE-2022-2585) -[CVE-2022-48619](cves/CVE-2022-48619) -[CVE-2023-39197](cves/CVE-2023-39197) +[CVE-2020-36766](cves/CVE-2020-36766) +[CVE-2023-47233](cves/CVE-2023-47233) +[CVE-2024-0564](cves/CVE-2024-0564) +[CVE-2024-0841](cves/CVE-2024-0841) +[CVE-2024-22705](cves/CVE-2024-22705) +[CVE-2024-23849](cves/CVE-2024-23849) +[CVE-2024-23850](cves/CVE-2024-23850) [CVE-2023-5178](cves/CVE-2023-5178) -[CVE-2023-51780](cves/CVE-2023-51780) -[CVE-2023-51781](cves/CVE-2023-51781) -[CVE-2023-51782](cves/CVE-2023-51782) -[CVE-2023-6531](cves/CVE-2023-6531) -[CVE-2024-0340](cves/CVE-2024-0340) -[CVE-2024-0443](cves/CVE-2024-0443) +[CVE-2023-6238](cves/CVE-2023-6238) +[CVE-2023-6356](cves/CVE-2023-6356) +[CVE-2023-6535](cves/CVE-2023-6535) +[CVE-2023-6536](cves/CVE-2023-6536) +[CVE-2024-1085](cves/CVE-2024-1085) +[CVE-2024-1086](cves/CVE-2024-1086) +[CVE-2024-21803](cves/CVE-2024-21803)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt index 883e2de..dcb5c39 100644 --- a/data/3.12/3.12_CVEs.txt +++ b/data/3.12/3.12_CVEs.txt
@@ -962,7 +962,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1335,6 +1334,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1347,13 +1347,20 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt index 11ffeef..f1c0c07 100644 --- a/data/3.12/3.12_security.txt +++ b/data/3.12/3.12_security.txt
@@ -1101,7 +1101,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1473,6 +1472,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1485,13 +1485,20 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt index 88397cf..1ba79ae 100644 --- a/data/3.14/3.14_CVEs.txt +++ b/data/3.14/3.14_CVEs.txt
@@ -927,7 +927,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1305,6 +1304,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1317,13 +1317,20 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt index c250aaa..cc31917 100644 --- a/data/3.14/3.14_security.txt +++ b/data/3.14/3.14_security.txt
@@ -1061,7 +1061,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1439,6 +1438,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1451,13 +1451,20 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt index 44b5fd9..811a6b4 100644 --- a/data/3.16/3.16_CVEs.txt +++ b/data/3.16/3.16_CVEs.txt
@@ -903,7 +903,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fixed with 3.16.83 @@ -1297,6 +1296,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1309,13 +1309,20 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt index c43bb5e..34922aa 100644 --- a/data/3.16/3.16_security.txt +++ b/data/3.16/3.16_security.txt
@@ -1016,7 +1016,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access @@ -1403,6 +1402,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1415,13 +1415,20 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt index cf80e9c..41840fb 100644 --- a/data/3.18/3.18_CVEs.txt +++ b/data/3.18/3.18_CVEs.txt
@@ -884,7 +884,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1288,6 +1287,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1300,13 +1300,20 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt index 775b3ec..e12afb8 100644 --- a/data/3.18/3.18_security.txt +++ b/data/3.18/3.18_security.txt
@@ -1120,7 +1120,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1524,6 +1523,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1536,13 +1536,20 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt index a01f524..6b98ed3 100644 --- a/data/3.2/3.2_CVEs.txt +++ b/data/3.2/3.2_CVEs.txt
@@ -958,7 +958,6 @@ CVE-2020-36386: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1285,7 +1284,6 @@ CVE-2023-45863: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46838: Fix not seen in stream -CVE-2023-47233: Fix unknown CVE-2023-51043: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream @@ -1294,6 +1292,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1304,12 +1303,19 @@ CVE-2023-6915: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt index c916554..d624df7 100644 --- a/data/3.2/3.2_security.txt +++ b/data/3.2/3.2_security.txt
@@ -1118,7 +1118,6 @@ CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1443,7 +1442,6 @@ CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46838: (unk) xen-netback: don't produce zero-size SKB frags - CVE-2023-47233: (unk) CVE-2023-51043: (unk) drm/atomic: Fix potential use-after-free in nonblocking commits CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1452,6 +1450,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1462,12 +1461,19 @@ CVE-2023-6915: (unk) ida: Fix crash in ida_free when the bitmap is empty CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt index 4481198..7952038 100644 --- a/data/4.1/4.1_CVEs.txt +++ b/data/4.1/4.1_CVEs.txt
@@ -838,7 +838,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1256,6 +1255,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1268,14 +1268,21 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt index dc5d587..1332f84 100644 --- a/data/4.1/4.1_security.txt +++ b/data/4.1/4.1_security.txt
@@ -937,7 +937,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1354,6 +1353,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1366,14 +1366,21 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt index 5f3c044..1ef2720 100644 --- a/data/4.10/4.10_CVEs.txt +++ b/data/4.10/4.10_CVEs.txt
@@ -1176,6 +1176,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1189,15 +1190,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt index 87f9c0d..758a29c 100644 --- a/data/4.10/4.10_security.txt +++ b/data/4.10/4.10_security.txt
@@ -1210,6 +1210,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1223,15 +1224,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt index ac9c142..52a5ff2 100644 --- a/data/4.11/4.11_CVEs.txt +++ b/data/4.11/4.11_CVEs.txt
@@ -1148,6 +1148,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1161,16 +1162,23 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt index b37c933..d8dc760 100644 --- a/data/4.11/4.11_security.txt +++ b/data/4.11/4.11_security.txt
@@ -1170,6 +1170,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1183,16 +1184,23 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt index d09795a..8d15f2b 100644 --- a/data/4.12/4.12_CVEs.txt +++ b/data/4.12/4.12_CVEs.txt
@@ -1135,6 +1135,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1148,16 +1149,23 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt index a119d12..5b326d4 100644 --- a/data/4.12/4.12_security.txt +++ b/data/4.12/4.12_security.txt
@@ -1161,6 +1161,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1174,16 +1175,23 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt index aadc252..bdf35d3 100644 --- a/data/4.13/4.13_CVEs.txt +++ b/data/4.13/4.13_CVEs.txt
@@ -1120,6 +1120,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1137,12 +1138,20 @@ CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt index 39eab7a..6729223 100644 --- a/data/4.13/4.13_security.txt +++ b/data/4.13/4.13_security.txt
@@ -1148,6 +1148,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1165,12 +1166,20 @@ CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt index 9234ad9..2adcb37 100644 --- a/data/4.14/4.14_CVEs.txt +++ b/data/4.14/4.14_CVEs.txt
@@ -1092,6 +1092,7 @@ CVE-2023-5717: Fixed with 4.14.328 CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1109,12 +1110,20 @@ CVE-2024-0584: Fixed with 4.14.332 CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fixed with 4.14.315 -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt index e8235c4..90c88e7 100644 --- a/data/4.14/4.14_security.txt +++ b/data/4.14/4.14_security.txt
@@ -1648,6 +1648,7 @@ CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1661,12 +1662,20 @@ CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() CVE-2024-0564: (unk) CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt index 4775a89..e3bf127 100644 --- a/data/4.15/4.15_CVEs.txt +++ b/data/4.15/4.15_CVEs.txt
@@ -1049,6 +1049,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1066,12 +1067,20 @@ CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt index a19664e..1a49a25 100644 --- a/data/4.15/4.15_security.txt +++ b/data/4.15/4.15_security.txt
@@ -1081,6 +1081,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1098,12 +1099,20 @@ CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt index 3941214..bfeb749 100644 --- a/data/4.16/4.16_CVEs.txt +++ b/data/4.16/4.16_CVEs.txt
@@ -1029,6 +1029,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1046,12 +1047,20 @@ CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt index f975f11..99b235b 100644 --- a/data/4.16/4.16_security.txt +++ b/data/4.16/4.16_security.txt
@@ -1061,6 +1061,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1078,12 +1079,20 @@ CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt index f7d066f..eaeade7 100644 --- a/data/4.17/4.17_CVEs.txt +++ b/data/4.17/4.17_CVEs.txt
@@ -1011,6 +1011,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1028,12 +1029,20 @@ CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt index c0cdefe..6ea03f5 100644 --- a/data/4.17/4.17_security.txt +++ b/data/4.17/4.17_security.txt
@@ -1043,6 +1043,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1060,12 +1061,20 @@ CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt index ddc6301..673a833 100644 --- a/data/4.18/4.18_CVEs.txt +++ b/data/4.18/4.18_CVEs.txt
@@ -989,6 +989,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1006,12 +1007,20 @@ CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt index fb0a881..f436827 100644 --- a/data/4.18/4.18_security.txt +++ b/data/4.18/4.18_security.txt
@@ -1021,6 +1021,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1038,12 +1039,20 @@ CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt index 64e6636..219348b 100644 --- a/data/4.19/4.19_CVEs.txt +++ b/data/4.19/4.19_CVEs.txt
@@ -972,6 +972,7 @@ CVE-2023-5717: Fixed with 4.19.297 CVE-2023-6040: Fixed with 4.19.305 CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -990,12 +991,20 @@ CVE-2024-0584: Fixed with 4.19.301 CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fixed with 4.19.283 -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt index 12d80df..75c2382 100644 --- a/data/4.19/4.19_security.txt +++ b/data/4.19/4.19_security.txt
@@ -1468,6 +1468,7 @@ CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1480,12 +1481,20 @@ CVE-2024-0564: (unk) CVE-2024-0565: (unk) smb: client: fix OOB in receive_encrypted_standard() CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt index d66c1f0..a1e4d45 100644 --- a/data/4.20/4.20_CVEs.txt +++ b/data/4.20/4.20_CVEs.txt
@@ -970,6 +970,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -989,12 +990,20 @@ CVE-2024-0607: Fix not seen in stream CVE-2024-0646: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt index ca2e2c2..d10571e 100644 --- a/data/4.20/4.20_security.txt +++ b/data/4.20/4.20_security.txt
@@ -1002,6 +1002,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1021,12 +1022,20 @@ CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0646: (unk) net: tls, update curr on splice as well CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt index 1ae4a91..68b211e 100644 --- a/data/4.3/4.3_CVEs.txt +++ b/data/4.3/4.3_CVEs.txt
@@ -831,7 +831,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1260,6 +1259,7 @@ CVE-2023-51782: Fix not seen in stream CVE-2023-52340: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1273,14 +1273,21 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt index 73d33da..2ece74b 100644 --- a/data/4.3/4.3_security.txt +++ b/data/4.3/4.3_security.txt
@@ -847,7 +847,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1276,6 +1275,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1289,14 +1289,21 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt index dd3f35b..9ff1281 100644 --- a/data/4.4/4.4_CVEs.txt +++ b/data/4.4/4.4_CVEs.txt
@@ -810,7 +810,6 @@ CVE-2020-36557: Fixed with 4.4.218 CVE-2020-36558: Fixed with 4.4.215 CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fixed with 4.4.284 CVE-2020-4788: Fixed with 4.4.245 CVE-2020-8647: Fixed with 4.4.216 @@ -1243,6 +1242,7 @@ CVE-2023-52340: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1256,14 +1256,21 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt index e00a973..ec2bbd6 100644 --- a/data/4.4/4.4_security.txt +++ b/data/4.4/4.4_security.txt
@@ -1395,7 +1395,6 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-8832: (unk) drm/i915: Record the default hw state after reset upon load CVE-2021-0399: (unk) CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation @@ -1729,6 +1728,7 @@ CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1742,14 +1742,21 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt index 2ffcddf..79326c4 100644 --- a/data/4.5/4.5_CVEs.txt +++ b/data/4.5/4.5_CVEs.txt
@@ -792,7 +792,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1226,6 +1225,7 @@ CVE-2023-52340: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1239,15 +1239,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt index 893a0c9..8ef669a 100644 --- a/data/4.5/4.5_security.txt +++ b/data/4.5/4.5_security.txt
@@ -808,7 +808,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1242,6 +1241,7 @@ CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1255,15 +1255,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt index cebeaf0..3afcece 100644 --- a/data/4.6/4.6_CVEs.txt +++ b/data/4.6/4.6_CVEs.txt
@@ -762,7 +762,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1200,6 +1199,7 @@ CVE-2023-52340: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1213,15 +1213,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt index 1b107ec..a315ecf 100644 --- a/data/4.6/4.6_security.txt +++ b/data/4.6/4.6_security.txt
@@ -780,7 +780,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1218,6 +1217,7 @@ CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1231,15 +1231,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt index 7dad832..f88e5dc 100644 --- a/data/4.7/4.7_CVEs.txt +++ b/data/4.7/4.7_CVEs.txt
@@ -742,7 +742,6 @@ CVE-2020-36557: Fix not seen in stream CVE-2020-36558: Fix not seen in stream CVE-2020-36691: Fix not seen in stream -CVE-2020-36766: Fix not seen in stream CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -1183,6 +1182,7 @@ CVE-2023-52340: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1196,15 +1196,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt index 26029c5..a0af066 100644 --- a/data/4.7/4.7_security.txt +++ b/data/4.7/4.7_security.txt
@@ -762,7 +762,6 @@ CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation - CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1203,6 +1202,7 @@ CVE-2023-52340: (unk) ipv6: remove max_size check inline with ipv4 CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1216,15 +1216,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt index 296c844..9667a1f 100644 --- a/data/4.8/4.8_CVEs.txt +++ b/data/4.8/4.8_CVEs.txt
@@ -1187,6 +1187,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1200,15 +1201,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt index e42d05a..ec79fb8 100644 --- a/data/4.8/4.8_security.txt +++ b/data/4.8/4.8_security.txt
@@ -1217,6 +1217,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1230,15 +1231,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt index c0134ea..8e87613 100644 --- a/data/4.9/4.9_CVEs.txt +++ b/data/4.9/4.9_CVEs.txt
@@ -1191,6 +1191,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -1204,15 +1205,22 @@ CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream CVE-2024-0340: Fix not seen in stream -CVE-2024-0564: Fix unknown CVE-2024-0584: Fix not seen in stream CVE-2024-0607: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt index 5777901..1d015ec 100644 --- a/data/4.9/4.9_security.txt +++ b/data/4.9/4.9_security.txt
@@ -1739,6 +1739,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1752,15 +1753,22 @@ CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() - CVE-2024-0564: (unk) CVE-2024-0584: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt index d6a16d0..4981161 100644 --- a/data/5.0/5.0_CVEs.txt +++ b/data/5.0/5.0_CVEs.txt
@@ -948,6 +948,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -967,12 +968,20 @@ CVE-2024-0607: Fix not seen in stream CVE-2024-0646: Fix not seen in stream CVE-2024-0775: Fix not seen in stream -CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt index 8cceb93..517cc48 100644 --- a/data/5.0/5.0_security.txt +++ b/data/5.0/5.0_security.txt
@@ -996,6 +996,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1015,12 +1016,20 @@ CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0646: (unk) net: tls, update curr on splice as well CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() - CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt index 5dad810..a9e6f35 100644 --- a/data/5.1/5.1_CVEs.txt +++ b/data/5.1/5.1_CVEs.txt
@@ -931,6 +931,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -953,10 +954,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt index 88bf5d1..3fcd531 100644 --- a/data/5.1/5.1_security.txt +++ b/data/5.1/5.1_security.txt
@@ -967,6 +967,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -989,10 +990,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt index b9e64f2..6007b03 100644 --- a/data/5.10/5.10_CVEs.txt +++ b/data/5.10/5.10_CVEs.txt
@@ -691,6 +691,7 @@ CVE-2023-6040: Fixed with 5.10.208 CVE-2023-6121: Fixed with 5.10.203 CVE-2023-6176: Fixed with 5.10.195 +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -715,11 +716,20 @@ CVE-2024-0775: Fixed with 5.10.180 CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt index 12f32b4..41809d0 100644 --- a/data/5.10/5.10_security.txt +++ b/data/5.10/5.10_security.txt
@@ -1016,6 +1016,7 @@ CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) accel/habanalabs: fix information leak in sec_attest_info() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1029,11 +1030,20 @@ CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt index 372794e..befed6c 100644 --- a/data/5.11/5.11_CVEs.txt +++ b/data/5.11/5.11_CVEs.txt
@@ -687,6 +687,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -712,11 +713,20 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt index 9d5a2fc..849cb71 100644 --- a/data/5.11/5.11_security.txt +++ b/data/5.11/5.11_security.txt
@@ -729,6 +729,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -754,11 +755,20 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt index 00e26f1..1a96fba 100644 --- a/data/5.12/5.12_CVEs.txt +++ b/data/5.12/5.12_CVEs.txt
@@ -639,6 +639,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -664,11 +665,20 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt index 2b5f1b3..5aa153a 100644 --- a/data/5.12/5.12_security.txt +++ b/data/5.12/5.12_security.txt
@@ -671,6 +671,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -696,11 +697,20 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt index 9e5015a..26263de 100644 --- a/data/5.13/5.13_CVEs.txt +++ b/data/5.13/5.13_CVEs.txt
@@ -610,6 +610,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -637,11 +638,20 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt index 602c4f6..92138d1 100644 --- a/data/5.13/5.13_security.txt +++ b/data/5.13/5.13_security.txt
@@ -644,6 +644,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -671,11 +672,20 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt index 849170e..80db110 100644 --- a/data/5.14/5.14_CVEs.txt +++ b/data/5.14/5.14_CVEs.txt
@@ -584,6 +584,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -611,11 +612,20 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt index 6a7a390..11255b9 100644 --- a/data/5.14/5.14_security.txt +++ b/data/5.14/5.14_security.txt
@@ -618,6 +618,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -645,11 +646,20 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt index 829cdf6..6bc8ee9 100644 --- a/data/5.15/5.15_CVEs.txt +++ b/data/5.15/5.15_CVEs.txt
@@ -591,6 +591,7 @@ CVE-2023-6040: Fixed with 5.15.147 CVE-2023-6121: Fixed with 5.15.141 CVE-2023-6176: Fixed with 5.15.132 +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -619,11 +620,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fixed with 5.15.148 CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fixed with 5.15.146 +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt index 0ba84ab..26e9f15 100644 --- a/data/5.15/5.15_security.txt +++ b/data/5.15/5.15_security.txt
@@ -844,6 +844,7 @@ CVE-2023-47233: (unk) CVE-2023-50431: (unk) accel/habanalabs: fix information leak in sec_attest_info() CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -856,10 +857,20 @@ CVE-2024-0565: (unk) smb: client: fix OOB in receive_encrypted_standard() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt index 34e3852..45a381d 100644 --- a/data/5.16/5.16_CVEs.txt +++ b/data/5.16/5.16_CVEs.txt
@@ -560,6 +560,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -588,11 +589,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt index 5ae22cc..1499635 100644 --- a/data/5.16/5.16_security.txt +++ b/data/5.16/5.16_security.txt
@@ -596,6 +596,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -624,11 +625,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt index 9b11431..3140b85 100644 --- a/data/5.17/5.17_CVEs.txt +++ b/data/5.17/5.17_CVEs.txt
@@ -506,6 +506,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -534,11 +535,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt index cf2c192..3f93bf9 100644 --- a/data/5.17/5.17_security.txt +++ b/data/5.17/5.17_security.txt
@@ -538,6 +538,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -566,11 +567,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt index 289806d..794f0d5 100644 --- a/data/5.18/5.18_CVEs.txt +++ b/data/5.18/5.18_CVEs.txt
@@ -454,6 +454,7 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -482,11 +483,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt index ecd9d28..6fead16 100644 --- a/data/5.18/5.18_security.txt +++ b/data/5.18/5.18_security.txt
@@ -490,6 +490,7 @@ CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -518,11 +519,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt index 5c6de09..47b86f7 100644 --- a/data/5.19/5.19_CVEs.txt +++ b/data/5.19/5.19_CVEs.txt
@@ -411,6 +411,7 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -439,11 +440,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt index 7cf632f..44056ab 100644 --- a/data/5.19/5.19_security.txt +++ b/data/5.19/5.19_security.txt
@@ -442,6 +442,7 @@ CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -469,11 +470,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt index 50436d0..9863fd3 100644 --- a/data/5.2/5.2_CVEs.txt +++ b/data/5.2/5.2_CVEs.txt
@@ -893,6 +893,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -915,10 +916,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt index 9e54fd2..db92967 100644 --- a/data/5.2/5.2_security.txt +++ b/data/5.2/5.2_security.txt
@@ -931,6 +931,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -953,10 +954,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt index 336f591..78c0eb7 100644 --- a/data/5.3/5.3_CVEs.txt +++ b/data/5.3/5.3_CVEs.txt
@@ -868,6 +868,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -890,10 +891,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt index 9215341..a26380e 100644 --- a/data/5.3/5.3_security.txt +++ b/data/5.3/5.3_security.txt
@@ -904,6 +904,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -926,10 +927,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt index 3fce29d..c3928d4 100644 --- a/data/5.4/5.4_CVEs.txt +++ b/data/5.4/5.4_CVEs.txt
@@ -797,6 +797,7 @@ CVE-2023-5717: Fixed with 5.4.259 CVE-2023-6040: Fixed with 5.4.267 CVE-2023-6121: Fixed with 5.4.263 +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -819,10 +820,19 @@ CVE-2024-0775: Fixed with 5.4.243 CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt index 19dc956..adb00b6 100644 --- a/data/5.4/5.4_security.txt +++ b/data/5.4/5.4_security.txt
@@ -1213,6 +1213,7 @@ CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-50431: (unk) accel/habanalabs: fix information leak in sec_attest_info() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -1227,10 +1228,19 @@ CVE-2024-0607: (unk) netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt index b445787..94b6907 100644 --- a/data/5.5/5.5_CVEs.txt +++ b/data/5.5/5.5_CVEs.txt
@@ -758,6 +758,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -781,10 +782,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt index f346aa5..ecce621 100644 --- a/data/5.5/5.5_security.txt +++ b/data/5.5/5.5_security.txt
@@ -792,6 +792,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -815,10 +816,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt index 62457d6..842fcd4 100644 --- a/data/5.6/5.6_CVEs.txt +++ b/data/5.6/5.6_CVEs.txt
@@ -739,6 +739,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -763,10 +764,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt index 156ea59..395c6c0 100644 --- a/data/5.6/5.6_security.txt +++ b/data/5.6/5.6_security.txt
@@ -773,6 +773,7 @@ CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -797,10 +798,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt index d5b89b7..1e77603 100644 --- a/data/5.7/5.7_CVEs.txt +++ b/data/5.7/5.7_CVEs.txt
@@ -741,6 +741,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -765,10 +766,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt index 1e48674..cc3fa47 100644 --- a/data/5.7/5.7_security.txt +++ b/data/5.7/5.7_security.txt
@@ -775,6 +775,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -799,10 +800,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt index fc6a0a3..1ca6b94 100644 --- a/data/5.8/5.8_CVEs.txt +++ b/data/5.8/5.8_CVEs.txt
@@ -728,6 +728,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -752,10 +753,19 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown +CVE-2024-23849: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt index c92a8ff..3f5fc8c 100644 --- a/data/5.8/5.8_security.txt +++ b/data/5.8/5.8_security.txt
@@ -762,6 +762,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -786,10 +787,19 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt index 37716a5..388fbc5 100644 --- a/data/5.9/5.9_CVEs.txt +++ b/data/5.9/5.9_CVEs.txt
@@ -706,6 +706,7 @@ CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -730,11 +731,20 @@ CVE-2024-0775: Fix not seen in stream CVE-2024-0841: Fix unknown CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown -CVE-2024-22705: Fix not seen in stream +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt index dac4be9..4ffaa93 100644 --- a/data/5.9/5.9_security.txt +++ b/data/5.9/5.9_security.txt
@@ -736,6 +736,7 @@ CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -760,11 +761,20 @@ CVE-2024-0775: (unk) ext4: improve error recovery code paths in __ext4_remount() CVE-2024-0841: (unk) CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) - CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt index 981eef6..247c794 100644 --- a/data/6.0/6.0_CVEs.txt +++ b/data/6.0/6.0_CVEs.txt
@@ -366,6 +366,7 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -393,11 +394,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt index 95a3be0..8a59ee7 100644 --- a/data/6.0/6.0_security.txt +++ b/data/6.0/6.0_security.txt
@@ -400,6 +400,7 @@ CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -427,11 +428,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt index 96ca587..b4c6b8a 100644 --- a/data/6.1/6.1_CVEs.txt +++ b/data/6.1/6.1_CVEs.txt
@@ -311,6 +311,7 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fixed with 6.1.65 CVE-2023-6176: Fixed with 6.1.54 +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fixed with 6.1.68 @@ -339,11 +340,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fixed with 6.1.75 CVE-2024-1086: Fixed with 6.1.76 +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fixed with 6.1.71 +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fixed with 6.1.76 +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt index 93ac34b..37e6855 100644 --- a/data/6.1/6.1_security.txt +++ b/data/6.1/6.1_security.txt
@@ -353,6 +353,7 @@ CVEs fixed in 6.1.76: CVE-2024-1086: 8e34430e33b8a80bc014f3efe29cac76bc30a4b4 netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-23849: 71024928b3f71ce4529426f8692943205c58d30b net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Outstanding CVEs: CVE-2005-3660: (unk) @@ -455,6 +456,7 @@ CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -464,10 +466,19 @@ CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() CVE-2024-0564: (unk) CVE-2024-0841: (unk) + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt index b05087c..b350fc5 100644 --- a/data/6.2/6.2_CVEs.txt +++ b/data/6.2/6.2_CVEs.txt
@@ -259,6 +259,7 @@ CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fix not seen in stream @@ -288,11 +289,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt index ef610f2..746f230 100644 --- a/data/6.2/6.2_security.txt +++ b/data/6.2/6.2_security.txt
@@ -289,6 +289,7 @@ CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets @@ -316,11 +317,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.3/6.3_CVEs.txt b/data/6.3/6.3_CVEs.txt index a0f1d6d..3f57e72 100644 --- a/data/6.3/6.3_CVEs.txt +++ b/data/6.3/6.3_CVEs.txt
@@ -221,6 +221,7 @@ CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fix not seen in stream @@ -249,11 +250,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.3/6.3_security.txt b/data/6.3/6.3_security.txt index 0449509..348cd98 100644 --- a/data/6.3/6.3_security.txt +++ b/data/6.3/6.3_security.txt
@@ -251,6 +251,7 @@ CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets @@ -277,11 +278,21 @@ CVE-2024-0841: (unk) CVE-2024-1085: (unk) netfilter: nf_tables: check if catch-all set element is active in next generation CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-1312: (unk) mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.4/6.4_CVEs.txt b/data/6.4/6.4_CVEs.txt index de071f7..8b6e492 100644 --- a/data/6.4/6.4_CVEs.txt +++ b/data/6.4/6.4_CVEs.txt
@@ -169,6 +169,7 @@ CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fix not seen in stream @@ -195,11 +196,21 @@ CVE-2024-0841: Fix unknown CVE-2024-1085: Fix not seen in stream CVE-2024-1086: Fix not seen in stream +CVE-2024-1312: Fixed with 6.4.10 CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.4/6.4_security.txt b/data/6.4/6.4_security.txt index 3c9d966..60247ae 100644 --- a/data/6.4/6.4_security.txt +++ b/data/6.4/6.4_security.txt
@@ -55,6 +55,7 @@ CVE-2023-4208: 4b717802428fa02cbcbb61209f638f65f9cd4710 net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free CVE-2023-4273: e1a73ba43cf883cb37f6331aca5a4c5be6350982 exfat: check if filename entries exceeds max filename length CVE-2023-6039: a54bf862ccad27c8b91795b69a9ca105f8e6295e net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2024-1312: 93a0b7d43de51b38c4c91d4121e447018132119a mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock CVEs fixed in 6.4.11: CVE-2023-4155: ab8e9a874574ce511eca21caa5d7ef5426963a54 KVM: SEV: only access GHCB fields once @@ -199,6 +200,7 @@ CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets @@ -225,9 +227,18 @@ CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.5/6.5_CVEs.txt b/data/6.5/6.5_CVEs.txt index eda2aeb..95a7241 100644 --- a/data/6.5/6.5_CVEs.txt +++ b/data/6.5/6.5_CVEs.txt
@@ -121,6 +121,7 @@ CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fixed with 6.5.4 CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fix not seen in stream @@ -148,9 +149,18 @@ CVE-2024-1086: Fix not seen in stream CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fix not seen in stream +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fix not seen in stream +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.5/6.5_security.txt b/data/6.5/6.5_security.txt index b2ac33e..ad046b0 100644 --- a/data/6.5/6.5_security.txt +++ b/data/6.5/6.5_security.txt
@@ -143,6 +143,7 @@ CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets @@ -168,9 +169,18 @@ CVE-2024-1086: (unk) netfilter: nf_tables: reject QUEUE/DROP verdict parameters CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) CVE-2024-22705: (unk) ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23849: (unk) net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.6/6.6_CVEs.txt b/data/6.6/6.6_CVEs.txt index 7506757..16bd41d 100644 --- a/data/6.6/6.6_CVEs.txt +++ b/data/6.6/6.6_CVEs.txt
@@ -94,6 +94,7 @@ CVE-2023-6121: Fixed with 6.6.4 CVE-2023-6200: Fixed with 6.6.9 CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6531: Fixed with 6.6.7 @@ -120,9 +121,18 @@ CVE-2024-1086: Fixed with 6.6.15 CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown CVE-2024-22705: Fixed with 6.6.10 +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fixed with 6.6.15 +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.6/6.6_security.txt b/data/6.6/6.6_security.txt index f36abc5..5826612 100644 --- a/data/6.6/6.6_security.txt +++ b/data/6.6/6.6_security.txt
@@ -48,6 +48,7 @@ CVEs fixed in 6.6.15: CVE-2024-1086: 6653118b176a00915125521c6572ae8e507621db netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-23849: 7a73190ea557e7f26914b0fe04c1f57a96cb771f net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Outstanding CVEs: CVE-2005-3660: (unk) @@ -136,6 +137,7 @@ CVE-2023-4010: (unk) CVE-2023-47233: (unk) CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -145,8 +147,16 @@ CVE-2024-0841: (unk) CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/6.7/6.7_CVEs.txt b/data/6.7/6.7_CVEs.txt index 72752d6..c878966 100644 --- a/data/6.7/6.7_CVEs.txt +++ b/data/6.7/6.7_CVEs.txt
@@ -86,6 +86,7 @@ CVE-2023-47233: Fix unknown CVE-2023-50431: Fixed with 6.7.2 CVE-2023-6238: Fix unknown +CVE-2023-6240: Fix unknown CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown @@ -98,8 +99,17 @@ CVE-2024-1086: Fixed with 6.7.3 CVE-2024-21803: Fix unknown CVE-2024-22099: Fix unknown +CVE-2024-22386: Fix unknown +CVE-2024-23196: Fix unknown CVE-2024-23307: Fix unknown CVE-2024-23848: Fix unknown -CVE-2024-23849: Fix unknown -CVE-2024-23850: Fix unknown +CVE-2024-23849: Fixed with 6.7.3 +CVE-2024-23850: Fix not seen in stream CVE-2024-23851: Fix unknown +CVE-2024-24855: Fix unknown +CVE-2024-24857: Fix unknown +CVE-2024-24858: Fix unknown +CVE-2024-24859: Fix unknown +CVE-2024-24860: Fix unknown +CVE-2024-24861: Fix unknown +CVE-2024-24864: Fix unknown
diff --git a/data/6.7/6.7_security.txt b/data/6.7/6.7_security.txt index 1684c25..1d9408b 100644 --- a/data/6.7/6.7_security.txt +++ b/data/6.7/6.7_security.txt
@@ -9,6 +9,7 @@ CVEs fixed in 6.7.3: CVE-2024-1086: f05a497e7bc8851eeeb3a58da180ba469efebb05 netfilter: nf_tables: reject QUEUE/DROP verdict parameters + CVE-2024-23849: 0b787c2dea15e7a2828fa3a74a5447df4ed57711 net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Outstanding CVEs: CVE-2005-3660: (unk) @@ -97,6 +98,7 @@ CVE-2023-4010: (unk) CVE-2023-47233: (unk) CVE-2023-6238: (unk) + CVE-2023-6240: (unk) CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) @@ -106,8 +108,16 @@ CVE-2024-0841: (unk) CVE-2024-21803: (unk) CVE-2024-22099: (unk) + CVE-2024-22386: (unk) + CVE-2024-23196: (unk) CVE-2024-23307: (unk) CVE-2024-23848: (unk) - CVE-2024-23849: (unk) - CVE-2024-23850: (unk) + CVE-2024-23850: (unk) btrfs: do not ASSERT() if the newly created subvolume already got read CVE-2024-23851: (unk) + CVE-2024-24855: (unk) + CVE-2024-24857: (unk) + CVE-2024-24858: (unk) + CVE-2024-24859: (unk) + CVE-2024-24860: (unk) + CVE-2024-24861: (unk) + CVE-2024-24864: (unk)
diff --git a/data/CVEs.txt b/data/CVEs.txt index 8686edf..ce56246 100644 --- a/data/CVEs.txt +++ b/data/CVEs.txt
@@ -1320,7 +1320,7 @@ CVE-2019-15793: Vendor Specific CVE-2019-15794: 2f502839e85ab265f03f25f30d6463154aee5473 - 2896900e22f8212606a1837d89a6bbce314ceeda (v4.19-rc1 to v5.12) CVE-2019-15807: 2908d778ab3e244900c310974e1fc1c69066e450 - 3b0541791453fbe7f42867e310e0c9eb6295364d (v2.6.19-rc1 to v5.2-rc3) -CVE-2019-15902: local - (n/a) (unk to unk) +CVE-2019-15902: (n/a) - (n/a) (unk to unk) CVE-2019-15916: 1d24eb4815d1e0e8b451ecc546645f8ef1176d4f - 895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab (v2.6.38-rc1 to v5.1-rc1) CVE-2019-15917: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56897b217a1d0a91c9920cb418d6b3fe922f590a (v2.6.12-rc2 to v5.1-rc1) CVE-2019-15918: 9764c02fcbad40001fd3f63558d918e4d519bb75 - b57a55e2200ede754e4dc9cce4ba9402544b9365 (v4.14-rc2 to v5.1-rc6) @@ -1720,7 +1720,7 @@ CVE-2020-36558: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6cd1ed50efd88261298577cd92a14f2768eddeeb (v2.6.12-rc2 to v5.6-rc3) CVE-2020-36691: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 7690aa1cdf7c4565ad6b013b324c28b685505e24 (v2.6.12-rc2 to v5.8-rc1) CVE-2020-36694: 80055dab5de0c8677bc148c4717ddfc753a9148e - cc00bcaa589914096edef7fb87ca5cee4a166b5c (v4.15-rc1 to v5.10) -CVE-2020-36766: (n/a) - 6c42227c3467549ddc65efe99c869021d2f4a570 (unk to v5.9-rc1) +CVE-2020-36766: ca684386e6e21ba1511061f71577cdb6c3f2b3d3 - 6c42227c3467549ddc65efe99c869021d2f4a570 (v4.8-rc1 to v5.9-rc1) CVE-2020-3702: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56c5485c9e444c2e85e11694b6c44f1338fc20fd (v2.6.12-rc2 to v5.12-rc1-dontuse) CVE-2020-4788: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f79643787e0a0762d2409b7b8334e83f22d85695 (v2.6.12-rc2 to v5.10-rc5) CVE-2020-7053: 1acfc104cdf8a3408f0e83b4115d4419c6315005 - 7dc40713618c884bf07c030d1ab1f47a9dc1f310 (v4.14-rc1 to v5.2-rc1) @@ -2551,7 +2551,7 @@ CVE-2023-46813: 597cfe48212a3f110ab0f918bf59791f453e65b7 - 63e44bc52047f182601e7817da969a105aa1f721 (v5.10-rc1 to v6.6-rc7) CVE-2023-46838: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c7ec4f2d684e17d69bbdd7c4324db0ef5daac26a (v2.6.12-rc2 to v6.8-rc2) CVE-2023-46862: dbbe9c642411c359ad0a0e32442eb2e11d3811b5 - 7644b1a1c9a7ae8ab99175989bfc8676055edb46 (v5.10-rc1 to v6.6) -CVE-2023-47233: (n/a) - (n/a) (unk to unk) +CVE-2023-47233: e756af5b30b008f6ffcfebf8ad0b477f6f225b62 - (n/a) (v3.7-rc1 to unk) CVE-2023-4732: 5a281062af1d43d3f3956a6b429c2d727bc92603 - 8f34f1eac3820fc2722e5159acceb22545b30b0d (v5.7-rc1 to v5.14-rc1) CVE-2023-4881: 49499c3e6e18b7677a63316f3ff54a16533dc28f - fd94d9dadee58e09b49075240fe83423eb1dcd36 (v4.1-rc1 to v6.6-rc1) CVE-2023-4921: 462dbc9101acd38e92eda93c0726857517a24bbd - 8fc134fee27f2263988ae38920bc03da416b03d8 (v3.8-rc1 to v6.6-rc1) @@ -2578,6 +2578,7 @@ CVE-2023-6176: 635d9398178659d8ddba79dd061f9451cec0b4d1 - cfaa80c91f6f99b9342b6557f0f0e1143e434066 (v5.7-rc7 to v6.6-rc2) CVE-2023-6200: 3dec89b14d37ee635e772636dad3f09f78f1ab87 - dade3f6a1e4e35a5ae916d5e78b3229ec34c78ec (v6.6-rc1 to v6.7-rc7) CVE-2023-6238: 855b7717f44b13e0990aa5ad36bbf9aa35051516 - (n/a) (v6.2-rc1 to unk) +CVE-2023-6240: (n/a) - (n/a) (unk to unk) CVE-2023-6270: (n/a) - (n/a) (unk to unk) CVE-2023-6356: (n/a) - (n/a) (unk to unk) CVE-2023-6531: 0091bfc81741b8d3aeb3b7ab8636f911b2de6e80 - 705318a99a138c29a512a72c3e0043b3cd7f55f4 (v6.1-rc1 to v6.7-rc5) @@ -2599,7 +2600,7 @@ CVE-2024-0340: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 (v2.6.12-rc2 to v6.4-rc6) CVE-2024-0443: 3b8cc6298724021da845f2f9fd7dd4b6829a6817 - 20cb1c2fb7568a6054c55defe044311397e01ddb (v6.2-rc1 to v6.4-rc7) CVE-2024-0562: 45a2966fd64147518dc5bca25f447bd0fb5359ac - f87904c075515f3e1d8f4a7115869d3b914674fd (v5.15-rc1 to v6.0-rc3) -CVE-2024-0564: (n/a) - (n/a) (unk to unk) +CVE-2024-0564: 2c653d0ee2ae78ff3a174cc877a057c8afac7069 - (n/a) (v4.13-rc1 to unk) CVE-2024-0565: b24df3e30cbf48255db866720fb71f14bf9d2f39 - eec04ea119691e65227a97ce53c0da6b9b74b0b7 (v4.19-rc1 to v6.7-rc6) CVE-2024-0582: c56e022c0a27142b7b59ae6bdf45f86bf4b298a1 - c392cbecd8eca4c53f2bf508731257d9d0a21c2d (v6.4-rc1 to v6.7-rc4) CVE-2024-0584: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e2b706c691905fe78468c361aaabc719d0a496f1 (v2.6.12-rc2 to v6.7-rc4) @@ -2608,14 +2609,24 @@ CVE-2024-0641: fc1b6d6de2208774efd2a20bf0daddb02d18b1e0 - 08e50cf071847323414df0835109b6f3560d44f5 (v5.5-rc1 to v6.6-rc5) CVE-2024-0646: d829e9c4112b52f4f00195900fd4c685f61365ab - c5a595000e2677e865a39f249c056bc05d6e55fd (v4.20-rc1 to v6.7-rc5) CVE-2024-0775: 7c319d328505b7781b65238ae9f53293b5ee0ca8 - 4c0b4818b1f636bc96359f7817a2d8bab6370162 (v3.6-rc1 to v6.4-rc2) -CVE-2024-0841: (n/a) - (n/a) (unk to unk) +CVE-2024-0841: 32021982a324dce93b4ae00c06213bf45fb319c8 - (n/a) (v5.1-rc1 to unk) CVE-2024-1085: aaa31047a6d25da0fa101da1ed544e1247949b40 - b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 (v5.13-rc1 to v6.8-rc1) CVE-2024-1086: (n/a) - f342de4e2f33e0e39165d8639387aa6c19dff660 (unk to v6.8-rc2) +CVE-2024-1312: (n/a) - 657b5146955eba331e01b9a6ae89ce2e716ba306 (unk to v6.5-rc4) CVE-2024-21803: (n/a) - (n/a) (unk to unk) CVE-2024-22099: (n/a) - (n/a) (unk to unk) -CVE-2024-22705: (n/a) - d10c77873ba1e9e6b91905018e29e196fd5f863d (unk to v6.7-rc8) +CVE-2024-22386: (n/a) - (n/a) (unk to unk) +CVE-2024-22705: e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - d10c77873ba1e9e6b91905018e29e196fd5f863d (v5.15-rc1 to v6.7-rc8) +CVE-2024-23196: (n/a) - (n/a) (unk to unk) CVE-2024-23307: edbe83ab4c27ea6669eb57adb5ed7eaec1118ceb - (n/a) (v4.1-rc1 to unk) CVE-2024-23848: (n/a) - (n/a) (unk to unk) -CVE-2024-23849: 3289025aedc018f8fd9d0e37fb9efa0c6d531ffa - (n/a) (v4.11-rc1 to unk) -CVE-2024-23850: 2dfb1e43f57dd3aeaa66f7cf05d068db2d4c8788 - (n/a) (v5.9-rc1 to unk) +CVE-2024-23849: 3289025aedc018f8fd9d0e37fb9efa0c6d531ffa - 13e788deb7348cc88df34bed736c3b3b9927ea52 (v4.11-rc1 to v6.8-rc2) +CVE-2024-23850: 2dfb1e43f57dd3aeaa66f7cf05d068db2d4c8788 - e03ee2fe873eb68c1f9ba5112fee70303ebf9dfb (v5.9-rc1 to unk) CVE-2024-23851: (n/a) - (n/a) (unk to unk) +CVE-2024-24855: (n/a) - (n/a) (unk to unk) +CVE-2024-24857: (n/a) - (n/a) (unk to unk) +CVE-2024-24858: (n/a) - (n/a) (unk to unk) +CVE-2024-24859: (n/a) - (n/a) (unk to unk) +CVE-2024-24860: (n/a) - (n/a) (unk to unk) +CVE-2024-24861: (n/a) - (n/a) (unk to unk) +CVE-2024-24864: (n/a) - (n/a) (unk to unk)
diff --git a/data/cmts.json b/data/cmts.json index af318db..f177f8e 100644 --- a/data/cmts.json +++ b/data/cmts.json
@@ -276,6 +276,7 @@ "13c4a90119d28cfcb6b5bdd820c233b86c2b0237": "v4.3-rc1", "13d2b4d11d69a92574a55bfd985cfb0ca77aebdc": "v3.8", "13d518074a952d33d47c428419693f63389547e9": "v3.4-rc5", + "13e788deb7348cc88df34bed736c3b3b9927ea52": "v6.8-rc2", "13ec7f10b87f5fc04c4ccbd491c94c7980236a74": "v5.2-rc6", "140623410536905fa6ab737b625decfde6c64a72": "v4.8-rc1", "14431aa0c5a443d13d24e6f865a8838f97dab973": "v2.6.29-rc1", @@ -634,6 +635,7 @@ "2c2bf01136971c33e3b3fabce23925f372c1017e": "v3.10-rc1", "2c4306f719b083d17df2963bc761777576b8ad1b": "v4.17-rc4", "2c5816b4beccc8ba709144539f6fdd764f8fa49c": "v4.4-rc5", + "2c653d0ee2ae78ff3a174cc877a057c8afac7069": "v4.13-rc1", "2ca13a4cc56c920a6c9fc8ee45d02bccacd7f46c": "v5.11-rc1", "2ca39528c01a933f6689cd6505ce65bd6d68a530": "v3.9-rc3", "2ca492e22cb70a001749377506bd22eb06f60ecc": "v4.9-rc1", @@ -717,6 +719,7 @@ "3194c6870158e305dac2af52f83681e9cb67280f": "v4.4-rc1", "31978b5cc66b8ba8a7e8eef60b12395d41b7b890": "v3.13-rc4", "31e0456de5be379b10fea0fa94a681057114a96e": "v5.2-rc3", + "32021982a324dce93b4ae00c06213bf45fb319c8": "v5.1-rc1", "320b2b8de12698082609ebbc1a17165727f4c893": "v2.6.36-rc1", "321027c1fe77f892f4ea07846aeae08cefbbb290": "v4.10-rc4", "3228cec23b8b29215e18090c6ba635840190993d": "v6.4-rc1", @@ -1458,6 +1461,7 @@ "65117f1aa1b2d145fd5ca376bde642794d0aae1b": "v4.7-rc1", "654b404f2a222f918af9b0cd18ad469d0c941a8e": "v4.11-rc2", "657831ffc38e30092a2d5f03d385d710eb88b09a": "v4.12-rc1", + "657b5146955eba331e01b9a6ae89ce2e716ba306": "v6.5-rc4", "657eb17d87852c42b55c4b06d5425baa08b2ddb3": "v3.13-rc7", "659643f7d81432189c2c87230e2feee4c75c14c1": "v4.10-rc1", "65a01e601dbba8b7a51a2677811f70f783766682": "v5.19-rc6", @@ -2867,6 +2871,7 @@ "ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0": "v4.2-rc5", "ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32": "v4.11-rc1", "ca58fbe06c54795f00db79e447f94c2028d30124": "v5.5-rc1", + "ca684386e6e21ba1511061f71577cdb6c3f2b3d3": "v4.8-rc1", "ca72d88378b2f2444d3ec145dd442d449d3fefbc": "v5.2-rc7", "ca7a03c4175366a92cee0ccc4fec0038c3266e26": "v5.4-rc1", "caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12": "v6.2-rc3", @@ -3216,6 +3221,7 @@ "e6f77540c067b48dee10f1e33678415bfcc89017": "v4.14-rc1", "e6f95ec8db312491235b4f06343fbd991a82ce20": "v2.6.35-rc1", "e72436bc3a5206f95bb384e741154166ddb3202e": "v5.8-rc1", + "e756af5b30b008f6ffcfebf8ad0b477f6f225b62": "v3.7-rc1", "e785fa0a164aa11001cba931367c7f94ffaff888": "v4.14-rc2", "e7af6307a8a54f0b873960b32b6a644f2d0fbd97": "v5.4-rc7", "e7e0c3e26587749b62d17b9dd0532874186c77f7": "v4.6-rc6",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json index 0a75e6d..e2185f0 100644 --- a/data/kernel_cves.json +++ b/data/kernel_cves.json
@@ -62172,8 +62172,8 @@ } }, "CVE-2020-36766": { - "affected_versions": "unk to v5.9-rc1", - "breaks": "", + "affected_versions": "v4.8-rc1 to v5.9-rc1", + "breaks": "ca684386e6e21ba1511061f71577cdb6c3f2b3d3", "cmt_msg": "cec-api: prevent leaking memory through hole in structure", "cvss3": { "Attack Complexity": "Low", @@ -62190,7 +62190,7 @@ "cwe": "Unspecified", "fixes": "6c42227c3467549ddc65efe99c869021d2f4a570", "last_affected_version": "5.8.5", - "last_modified": "2023-12-06", + "last_modified": "2024-02-09", "nvd_text": "An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2020-36766", @@ -89538,8 +89538,8 @@ } }, "CVE-2023-47233": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v3.7-rc1 to unk", + "breaks": "e756af5b30b008f6ffcfebf8ad0b477f6f225b62", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Physical", @@ -89552,8 +89552,8 @@ "raw": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "score": 4.3 }, - "fixes": "", - "last_modified": "2023-12-06", + "fixes": "0f7352557a35ab7888bc7831411ec8a3cbe20d78", + "last_modified": "2024-02-09", "nvd_text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-47233", @@ -89834,8 +89834,8 @@ }, "fixes": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "last_affected_version": "6.5.8", - "last_modified": "2024-02-02", - "nvd_text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", + "last_modified": "2024-02-09", + "nvd_text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-5178", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-5178", @@ -90283,8 +90283,8 @@ "score": 7.8 }, "fixes": "", - "last_modified": "2023-12-06", - "nvd_text": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. An unprivileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.", + "last_modified": "2024-02-09", + "nvd_text": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6238", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6238", @@ -90294,6 +90294,21 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-6238" } }, + "CVE-2023-6240": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6240", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6240", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-6240", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-6240", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-6240", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-6240" + } + }, "CVE-2023-6270": { "affected_versions": "unk to unk", "breaks": "", @@ -90325,7 +90340,8 @@ "affected_versions": "unk to unk", "breaks": "", "fixes": "", - "last_modified": "2023-12-27", + "last_modified": "2024-02-09", + "nvd_text": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6356", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6356", @@ -90368,7 +90384,8 @@ "affected_versions": "unk to unk", "breaks": "", "fixes": "", - "last_modified": "2023-12-27", + "last_modified": "2024-02-09", + "nvd_text": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6535", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6535", @@ -90382,7 +90399,8 @@ "affected_versions": "unk to unk", "breaks": "", "fixes": "", - "last_modified": "2023-12-27", + "last_modified": "2024-02-09", + "nvd_text": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6536", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6536", @@ -90854,10 +90872,22 @@ } }, "CVE-2024-0564": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v4.13-rc1 to unk", + "breaks": "2c653d0ee2ae78ff3a174cc877a057c8afac7069", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Adjacent", + "Availability": "None", + "Confidentiality": "High", + "Integrity": "None", + "Privileges Required": "None", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "score": 6.5 + }, "fixes": "", - "last_modified": "2024-02-02", + "last_modified": "2024-02-09", "nvd_text": "A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is \"max page sharing=256\", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's \"max page share\". Through these operations, the attacker can leak the victim's page.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0564", @@ -91102,6 +91132,108 @@ } }, "CVE-2024-0841": { + "affected_versions": "v5.1-rc1 to unk", + "breaks": "32021982a324dce93b4ae00c06213bf45fb319c8", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0841", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-0841", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-0841", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-0841", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-0841" + } + }, + "CVE-2024-1085": { + "affected_versions": "v5.13-rc1 to v6.8-rc1", + "breaks": "aaa31047a6d25da0fa101da1ed544e1247949b40", + "cmt_msg": "netfilter: nf_tables: check if catch-all set element is active in next generation", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, + "fixes": "b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7", + "last_affected_version": "6.7.1", + "last_modified": "2024-02-09", + "nvd_text": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability.\n\nWe recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-1085", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-1085", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-1085", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-1085", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-1085", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-1085" + } + }, + "CVE-2024-1086": { + "affected_versions": "unk to v6.8-rc2", + "breaks": "", + "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, + "fixes": "f342de4e2f33e0e39165d8639387aa6c19dff660", + "last_affected_version": "6.7.2", + "last_modified": "2024-02-09", + "nvd_text": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-1086", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-1086", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-1086", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-1086", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-1086", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-1086" + } + }, + "CVE-2024-1312": { + "affected_versions": "unk to v6.5-rc4", + "breaks": "", + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock", + "fixes": "657b5146955eba331e01b9a6ae89ce2e716ba306", + "last_affected_version": "6.4.9", + "last_modified": "2024-02-09", + "nvd_text": "A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-1312", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-1312", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-1312", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-1312", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-1312", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-1312" + } + }, + "CVE-2024-21803": { "affected_versions": "unk to unk", "breaks": "", "cvss3": { @@ -91117,56 +91249,7 @@ "score": 7.8 }, "fixes": "", - "last_modified": "2024-02-02", - "nvd_text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", - "ref_urls": { - "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0841", - "ExploitDB": "https://www.exploit-db.com/search?cve=2024-0841", - "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841", - "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-0841", - "SUSE": "https://www.suse.com/security/cve/CVE-2024-0841", - "Ubuntu": "https://ubuntu.com/security/CVE-2024-0841" - } - }, - "CVE-2024-1085": { - "affected_versions": "v5.13-rc1 to v6.8-rc1", - "breaks": "aaa31047a6d25da0fa101da1ed544e1247949b40", - "cmt_msg": "netfilter: nf_tables: check if catch-all set element is active in next generation", - "fixes": "b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7", - "last_affected_version": "6.7.1", - "last_modified": "2024-02-02", - "nvd_text": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability.\n\nWe recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.\n\n", - "ref_urls": { - "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-1085", - "ExploitDB": "https://www.exploit-db.com/search?cve=2024-1085", - "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-1085", - "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-1085", - "SUSE": "https://www.suse.com/security/cve/CVE-2024-1085", - "Ubuntu": "https://ubuntu.com/security/CVE-2024-1085" - } - }, - "CVE-2024-1086": { - "affected_versions": "unk to v6.8-rc2", - "breaks": "", - "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters", - "fixes": "f342de4e2f33e0e39165d8639387aa6c19dff660", - "last_affected_version": "6.7.2", - "last_modified": "2024-02-02", - "nvd_text": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n", - "ref_urls": { - "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-1086", - "ExploitDB": "https://www.exploit-db.com/search?cve=2024-1086", - "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-1086", - "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-1086", - "SUSE": "https://www.suse.com/security/cve/CVE-2024-1086", - "Ubuntu": "https://ubuntu.com/security/CVE-2024-1086" - } - }, - "CVE-2024-21803": { - "affected_versions": "unk to unk", - "breaks": "", - "fixes": "", - "last_modified": "2024-02-02", + "last_modified": "2024-02-09", "nvd_text": "Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C.\n\nThis issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1.\n\n", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-21803", @@ -91204,9 +91287,24 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2024-22099" } }, - "CVE-2024-22705": { - "affected_versions": "unk to v6.7-rc8", + "CVE-2024-22386": { + "affected_versions": "unk to unk", "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's drm/exynos device driver in\u00a0exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-22386", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-22386", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-22386", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-22386", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-22386", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-22386" + } + }, + "CVE-2024-22705": { + "affected_versions": "v5.15-rc1 to v6.7-rc8", + "breaks": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()", "cvss3": { "Attack Complexity": "Low", @@ -91222,7 +91320,7 @@ }, "fixes": "d10c77873ba1e9e6b91905018e29e196fd5f863d", "last_affected_version": "6.6.9", - "last_modified": "2024-02-02", + "last_modified": "2024-02-09", "nvd_text": "An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-22705", @@ -91233,6 +91331,21 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2024-22705" } }, + "CVE-2024-23196": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-23196", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-23196", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-23196", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-23196", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-23196", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-23196" + } + }, "CVE-2024-23307": { "affected_versions": "v4.1-rc1 to unk", "breaks": "edbe83ab4c27ea6669eb57adb5ed7eaec1118ceb", @@ -91288,8 +91401,9 @@ } }, "CVE-2024-23849": { - "affected_versions": "v4.11-rc1 to unk", + "affected_versions": "v4.11-rc1 to v6.8-rc2", "breaks": "3289025aedc018f8fd9d0e37fb9efa0c6d531ffa", + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Local", @@ -91302,8 +91416,9 @@ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "score": 5.5 }, - "fixes": "", - "last_modified": "2024-02-02", + "fixes": "13e788deb7348cc88df34bed736c3b3b9927ea52", + "last_affected_version": "6.7.2", + "last_modified": "2024-02-09", "nvd_text": "In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-23849", @@ -91317,6 +91432,7 @@ "CVE-2024-23850": { "affected_versions": "v5.9-rc1 to unk", "breaks": "2dfb1e43f57dd3aeaa66f7cf05d068db2d4c8788", + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Local", @@ -91330,8 +91446,8 @@ "score": 5.5 }, "cwe": "Unspecified", - "fixes": "", - "last_modified": "2024-02-02", + "fixes": "e03ee2fe873eb68c1f9ba5112fee70303ebf9dfb", + "last_modified": "2024-02-09", "nvd_text": "In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-23850", @@ -91369,5 +91485,110 @@ "SUSE": "https://www.suse.com/security/cve/CVE-2024-23851", "Ubuntu": "https://ubuntu.com/security/CVE-2024-23851" } + }, + "CVE-2024-24855": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24855", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24855", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24855", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24855", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24855", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24855" + } + }, + "CVE-2024-24857": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24857", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24857", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24857", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24857", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24857", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24857" + } + }, + "CVE-2024-24858": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24858", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24858", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24858", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24858", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24858", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24858" + } + }, + "CVE-2024-24859": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.\n\n\n\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24859", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24859", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24859", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24859", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24859", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24859" + } + }, + "CVE-2024-24860": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24860", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24860", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24860", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24860", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24860", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24860" + } + }, + "CVE-2024-24861": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24861", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24861", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24861", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24861", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24861", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24861" + } + }, + "CVE-2024-24864": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2024-02-09", + "nvd_text": "A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write()\u00a0function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-24864", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-24864", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-24864", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-24864", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-24864", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-24864" + } } } \ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json index 68ddf76..3f6550a 100644 --- a/data/stream_data.json +++ b/data/stream_data.json
@@ -2115,6 +2115,9 @@ "CVE-2021-39714": { "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-28388": { "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" }, @@ -2268,9 +2271,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2017-5669": { "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" }, @@ -2694,6 +2694,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -2715,6 +2718,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -3126,6 +3132,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -3276,9 +3285,6 @@ "CVE-2019-20096": { "cmt_msg": "dccp: Fix memleak in __feat_register_sp" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -3525,15 +3531,12 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak" }, "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, - "CVE-2021-20265": { - "cmt_msg": "af_unix: fix struct pid memory leak" - }, "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, @@ -3576,9 +3579,18 @@ "CVE-2017-18216": { "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2015-8374": { "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-3892": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, @@ -3777,6 +3789,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -4161,9 +4176,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2021-4023": { "cmt_msg": "io-wq: fix cancellation on create-worker failure" }, @@ -4350,6 +4362,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -4467,6 +4482,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2023-5178": { "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, @@ -4575,6 +4593,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-14284": { "cmt_msg": "floppy: fix div-by-zero in setup_format_params" }, @@ -4890,9 +4911,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -4920,6 +4938,9 @@ "CVE-2022-21125": { "cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -5034,6 +5055,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2017-17558": { "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" }, @@ -5193,9 +5217,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -5733,6 +5754,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -5766,6 +5790,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -6330,6 +6357,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -6942,6 +6972,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2017-18218": { "cmt_msg": "net: hns: Fix a skb used after free bug" }, @@ -7230,6 +7263,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -7407,6 +7443,9 @@ "CVE-2021-39657": { "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -7725,9 +7764,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -7977,6 +8013,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -8121,6 +8160,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -8259,6 +8301,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -8638,9 +8683,6 @@ "CVE-2020-16166": { "cmt_msg": "random32: update the net random state on interrupt and activity" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -8791,6 +8833,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -9457,6 +9502,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -9490,6 +9538,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -10009,6 +10060,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -10298,7 +10352,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -10570,6 +10624,15 @@ "CVE-2017-18216": { "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2018-5848": { "cmt_msg": "wil6210: missing length check in wmi_set_ie" }, @@ -10819,6 +10882,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -11299,9 +11365,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -11530,6 +11593,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -11671,6 +11737,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2023-5178": { "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, @@ -11791,6 +11860,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2018-8087": { "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" }, @@ -12059,9 +12131,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -12089,6 +12158,9 @@ "CVE-2022-21125": { "cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -12200,6 +12272,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2017-17558": { "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" }, @@ -12362,9 +12437,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -12893,6 +12965,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -12929,6 +13004,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -13472,6 +13550,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -13779,7 +13860,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -14069,6 +14150,9 @@ "CVE-2019-14897": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2017-18218": { "cmt_msg": "net: hns: Fix a skb used after free bug" }, @@ -14327,6 +14411,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -14498,6 +14585,9 @@ "CVE-2021-39657": { "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -14819,9 +14909,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -15062,6 +15149,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -15209,6 +15299,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -15338,6 +15431,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2018-8087": { "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" }, @@ -15743,6 +15839,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -16397,6 +16496,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -16427,6 +16529,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -16925,6 +17030,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -17078,9 +17186,6 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -17193,7 +17298,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -17450,6 +17555,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2018-5848": { "cmt_msg": "wil6210: missing length check in wmi_set_ie" }, @@ -17702,6 +17819,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-2177": { "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free" }, @@ -18161,9 +18281,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -18383,6 +18500,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -18632,6 +18752,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-19531": { "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" }, @@ -22773,9 +22896,6 @@ "CVE-2019-19449": { "cmt_msg": "f2fs: fix to do sanity check on segment/section count" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2020-26541": { "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" }, @@ -22939,7 +23059,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2022-1247": { "cmt_msg": "" @@ -23013,9 +23133,6 @@ "CVE-2021-3669": { "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2019-18885": { "cmt_msg": "btrfs: merge btrfs_find_device and find_device" }, @@ -23034,6 +23151,9 @@ "CVE-2022-4543": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-18680": { "cmt_msg": "" }, @@ -23070,9 +23190,21 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, @@ -23181,6 +23313,15 @@ "CVE-2020-12364": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -23190,6 +23331,9 @@ "CVE-2022-3642": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2020-26141": { "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" }, @@ -23259,6 +23403,9 @@ "CVE-2022-21385": { "cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-6546": { "cmt_msg": "tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux" }, @@ -23427,6 +23574,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2022-39188": { "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas" }, @@ -23834,6 +23984,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -24458,6 +24611,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -24488,6 +24644,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -24977,6 +25136,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -25121,9 +25283,6 @@ "CVE-2018-19985": { "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -25227,7 +25386,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -25475,6 +25634,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-3892": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, @@ -25715,6 +25886,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-2177": { "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free" }, @@ -26369,6 +26543,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2019-3887": { "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" }, @@ -26420,9 +26597,6 @@ "CVE-2019-25045": { "cmt_msg": "xfrm: clean up xfrm protocol checks" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2018-16862": { "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" }, @@ -26609,6 +26783,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-14284": { "cmt_msg": "floppy: fix div-by-zero in setup_format_params" }, @@ -26996,6 +27173,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -27635,6 +27815,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -27668,6 +27851,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -28166,6 +28352,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -28322,9 +28511,6 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -28431,7 +28617,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -28685,6 +28871,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-3892": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, @@ -28928,6 +29126,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-2177": { "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free" }, @@ -29384,9 +29585,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -29603,6 +29801,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2019-3887": { "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" }, @@ -29840,6 +30041,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-19531": { "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" }, @@ -33540,9 +33744,6 @@ "CVE-2019-19449": { "cmt_msg": "f2fs: fix to do sanity check on segment/section count" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2020-24504": { "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" }, @@ -33738,9 +33939,6 @@ "CVE-2021-3669": { "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -33756,6 +33954,9 @@ "CVE-2022-4543": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-19070": { "cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe" }, @@ -33798,9 +33999,21 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, @@ -33897,6 +34110,15 @@ "CVE-2020-12364": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -33909,6 +34131,9 @@ "CVE-2022-3642": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2024-0565": { "cmt_msg": "smb: client: fix OOB in receive_encrypted_standard()" }, @@ -33981,6 +34206,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-6546": { "cmt_msg": "tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux" }, @@ -34096,7 +34324,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2022-1280": { "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" @@ -34125,6 +34353,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -34510,6 +34741,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -35116,6 +35350,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -35146,6 +35383,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -35638,6 +35878,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -35779,9 +36022,6 @@ "CVE-2018-19985": { "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -35882,7 +36122,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -36118,9 +36358,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-11884": { "cmt_msg": "Bluetooth: hidp: fix buffer overflow" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-3892": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, @@ -36364,6 +36613,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-12659": { "cmt_msg": "xsk: Add missing check on user supplied headroom size" }, @@ -36517,6 +36769,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -36994,6 +37249,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2019-3887": { "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" }, @@ -37045,9 +37303,6 @@ "CVE-2019-25045": { "cmt_msg": "xfrm: clean up xfrm protocol checks" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2018-16862": { "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" }, @@ -37234,6 +37489,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-14284": { "cmt_msg": "floppy: fix div-by-zero in setup_format_params" }, @@ -38843,9 +39101,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-28964": { "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" }, @@ -38972,6 +39227,9 @@ "CVE-2017-7518": { "cmt_msg": "KVM: x86: fix singlestepping over syscall" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -39116,9 +39374,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2020-0404": { "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" }, @@ -39584,6 +39839,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -39611,6 +39869,9 @@ "CVE-2023-51780": { "cmt_msg": "atm: Fix Use-After-Free in do_vcc_ioctl" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -40109,6 +40370,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -40571,9 +40835,6 @@ "CVE-2019-15214": { "cmt_msg": "ALSA: core: Fix card races between register and disconnect" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" }, @@ -40640,9 +40901,15 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2015-8374": { "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2018-5848": { "cmt_msg": "wil6210: missing length check in wmi_set_ie" }, @@ -40889,6 +41156,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -41027,6 +41297,12 @@ "CVE-2023-4385": { "cmt_msg": "fs: jfs: fix possible NULL pointer dereference in dbFree()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -41309,9 +41585,6 @@ "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2019-10142": { "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" }, @@ -41519,6 +41792,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -41789,6 +42065,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -42883,9 +43162,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -43039,6 +43315,9 @@ "CVE-2021-39714": { "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-19966": { "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" }, @@ -43198,9 +43477,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2017-5669": { "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" }, @@ -43735,6 +44011,9 @@ "CVE-2023-51780": { "cmt_msg": "atm: Fix Use-After-Free in do_vcc_ioctl" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -44278,6 +44557,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -44797,8 +45079,8 @@ "CVE-2021-20261": { "cmt_msg": "floppy: fix lock_fdc() signal handling" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak" }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" @@ -44809,9 +45091,6 @@ "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, - "CVE-2021-20265": { - "cmt_msg": "af_unix: fix struct pid memory leak" - }, "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, @@ -44875,9 +45154,15 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2015-8374": { "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2017-7533": { "cmt_msg": "dentry name snapshots" }, @@ -44893,6 +45178,9 @@ "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-14416": { "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" }, @@ -45148,6 +45436,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -45301,6 +45592,9 @@ "CVE-2020-25643": { "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -45601,9 +45895,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2019-10142": { "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" }, @@ -45829,6 +46120,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -45988,6 +46282,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-15807": { "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" }, @@ -46123,6 +46420,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -48901,9 +49201,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -48994,6 +49291,9 @@ "CVE-2021-39714": { "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2021-28711": { "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" }, @@ -49099,9 +49399,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, @@ -49420,6 +49717,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-3344": { "cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use" }, @@ -49429,6 +49729,9 @@ "CVE-2020-27786": { "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -49774,6 +50077,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2021-32399": { "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" }, @@ -49792,6 +50098,9 @@ "CVE-2022-24958": { "cmt_msg": "usb: gadget: don't release an existing dev->buf" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, @@ -50035,9 +50344,6 @@ "CVE-2021-20261": { "cmt_msg": "floppy: fix lock_fdc() signal handling" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, @@ -50071,6 +50377,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29265": { "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" }, @@ -50677,6 +50995,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -50719,9 +51040,6 @@ "CVE-2020-0030": { "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, @@ -50854,6 +51172,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -50887,6 +51208,10 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters", "cmt_id": "f05a497e7bc8851eeeb3a58da180ba469efebb05" + }, + "CVE-2024-23849": { + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv", + "cmt_id": "0b787c2dea15e7a2828fa3a74a5447df4ed57711" } }, "outstanding": { @@ -50914,12 +51239,18 @@ "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-24503": { "cmt_msg": "" }, "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2020-11725": { "cmt_msg": "" }, @@ -50954,7 +51285,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -51001,9 +51332,6 @@ "CVE-2020-26142": { "cmt_msg": "" }, - "CVE-2024-23849": { - "cmt_msg": "" - }, "CVE-2024-23848": { "cmt_msg": "" }, @@ -51037,9 +51365,21 @@ "CVE-2013-7445": { "cmt_msg": "" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-6238": { "cmt_msg": "" }, @@ -51085,6 +51425,15 @@ "CVE-2024-0841": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -51187,6 +51536,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -51325,6 +51677,10 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters", "cmt_id": "6653118b176a00915125521c6572ae8e507621db" + }, + "CVE-2024-23849": { + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv", + "cmt_id": "7a73190ea557e7f26914b0fe04c1f57a96cb771f" } }, "outstanding": { @@ -51352,12 +51708,18 @@ "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-24503": { "cmt_msg": "" }, "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2020-11725": { "cmt_msg": "" }, @@ -51392,7 +51754,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -51439,9 +51801,6 @@ "CVE-2020-26142": { "cmt_msg": "" }, - "CVE-2024-23849": { - "cmt_msg": "" - }, "CVE-2024-23848": { "cmt_msg": "" }, @@ -51475,9 +51834,21 @@ "CVE-2013-7445": { "cmt_msg": "" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-6238": { "cmt_msg": "" }, @@ -51523,6 +51894,15 @@ "CVE-2024-0841": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -51625,6 +52005,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -51810,12 +52193,18 @@ "CVE-2024-0646": { "cmt_msg": "net: tls, update curr on splice as well" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-24503": { "cmt_msg": "" }, "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2024-22705": { "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" }, @@ -51856,7 +52245,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -51907,7 +52296,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2024-23848": { "cmt_msg": "" @@ -51957,9 +52346,21 @@ "CVE-2013-7445": { "cmt_msg": "" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-6238": { "cmt_msg": "" }, @@ -52020,6 +52421,15 @@ "CVE-2024-0841": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -52146,6 +52556,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -52324,6 +52737,10 @@ "CVE-2023-40283": { "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb", "cmt_id": "10426afe65c8bf7b24dd0c7be4dcc65f86fc99f9" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock", + "cmt_id": "93a0b7d43de51b38c4c91d4121e447018132119a" } }, "6.4.11": { @@ -52466,12 +52883,18 @@ "CVE-2024-0646": { "cmt_msg": "net: tls, update curr on splice as well" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-24503": { "cmt_msg": "" }, "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2024-22705": { "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" }, @@ -52505,6 +52928,9 @@ "CVE-2022-2209": { "cmt_msg": "" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-7042": { "cmt_msg": "" }, @@ -52515,7 +52941,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -52569,7 +52995,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2024-23848": { "cmt_msg": "" @@ -52634,9 +53060,18 @@ "CVE-2023-34324": { "cmt_msg": "xen/events: replace evtchn_rwlock with RCU" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2023-31085": { "cmt_msg": "ubi: Refuse attaching if mtd's erasesize is 0" }, @@ -52706,6 +53141,15 @@ "CVE-2023-4921": { "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -52847,6 +53291,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-39189": { "cmt_msg": "netfilter: nfnetlink_osf: avoid OOB read" }, @@ -55075,9 +55522,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -55186,6 +55630,9 @@ "CVE-2017-7518": { "cmt_msg": "KVM: x86: fix singlestepping over syscall" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-11477": { "cmt_msg": "tcp: limit payload size of sacked skbs" }, @@ -55324,9 +55771,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2020-0404": { "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" }, @@ -55453,7 +55897,7 @@ "CVE-2020-26560": { "cmt_msg": "" }, - "CVE-2024-0841": { + "CVE-2024-22386": { "cmt_msg": "" }, "CVE-2018-12127": { @@ -55720,6 +56164,9 @@ "CVE-2020-27786": { "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -56074,6 +56521,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -56098,6 +56548,9 @@ "CVE-2022-20166": { "cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, @@ -56440,9 +56893,6 @@ "CVE-2021-20261": { "cmt_msg": "floppy: fix lock_fdc() signal handling" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, @@ -56497,9 +56947,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2017-1000112": { "cmt_msg": "udp: consistently apply ufo or fragmentation" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2018-5848": { "cmt_msg": "wil6210: missing length check in wmi_set_ie" }, @@ -56842,6 +57301,9 @@ "CVE-2023-4385": { "cmt_msg": "fs: jfs: fix possible NULL pointer dereference in dbFree()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2020-4788": { "cmt_msg": "powerpc/64s: flush L1D on kernel entry" }, @@ -56932,9 +57394,6 @@ "CVE-2022-3595": { "cmt_msg": "cifs: fix double-fault crash during ntlmssp" }, - "CVE-2023-47233": { - "cmt_msg": "" - }, "CVE-2020-10769": { "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" }, @@ -57223,6 +57682,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -57442,6 +57904,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-19531": { "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" }, @@ -57890,9 +58355,15 @@ "CVE-2023-51779": { "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" }, - "CVE-2024-23849": { + "CVE-2024-24857": { "cmt_msg": "" }, + "CVE-2024-23849": { + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-38429": { "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]" }, @@ -57971,6 +58442,9 @@ "CVE-2023-25775": { "cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2022-2961": { "cmt_msg": "" }, @@ -57981,7 +58455,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2023-2640": { "cmt_msg": "" @@ -58106,9 +58580,18 @@ "CVE-2023-31248": { "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2023-31085": { "cmt_msg": "ubi: Refuse attaching if mtd's erasesize is 0" }, @@ -58193,6 +58676,9 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-4921": { "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()" }, @@ -58205,9 +58691,15 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-34319": { "cmt_msg": "xen/netback: Fix buffer overrun triggered by unusual packet" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-1206": { "cmt_msg": "tcp: Reduce chance of collisions in inet6_hashfn()." }, @@ -58349,6 +58841,9 @@ "CVE-2023-6817": { "cmt_msg": "netfilter: nft_set_pipapo: skip inactive elements during set walk" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-34255": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -58430,6 +58925,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -59503,6 +60001,10 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters", "cmt_id": "8e34430e33b8a80bc014f3efe29cac76bc30a4b4" + }, + "CVE-2024-23849": { + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv", + "cmt_id": "71024928b3f71ce4529426f8692943205c58d30b" } }, "outstanding": { @@ -59533,12 +60035,18 @@ "CVE-2023-23005": { "cmt_msg": "mm/demotion: fix NULL vs IS_ERR checking in memory_tier_init" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-24503": { "cmt_msg": "" }, "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-39191": { "cmt_msg": "bpf: Fix state pruning for STACK_DYNPTR stack slots" }, @@ -59576,7 +60084,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -59623,9 +60131,6 @@ "CVE-2020-26142": { "cmt_msg": "" }, - "CVE-2024-23849": { - "cmt_msg": "" - }, "CVE-2024-23848": { "cmt_msg": "" }, @@ -59671,9 +60176,21 @@ "CVE-2013-7445": { "cmt_msg": "" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, @@ -59728,6 +60245,15 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -59851,6 +60377,12 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -60248,7 +60780,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2023-1380": { "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" @@ -60331,6 +60863,9 @@ "CVE-2022-23825": { "cmt_msg": "" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, @@ -60373,6 +60908,9 @@ "CVE-2023-51779": { "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-28466": { "cmt_msg": "net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()" }, @@ -60496,6 +61034,9 @@ "CVE-2024-22705": { "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2022-2961": { "cmt_msg": "" }, @@ -60607,6 +61148,9 @@ "CVE-2022-3238": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -60682,9 +61226,18 @@ "CVE-2023-34255": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2023-39192": { "cmt_msg": "netfilter: xt_u32: validate user space input" }, @@ -60811,6 +61364,12 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-2163": { "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints" }, @@ -60904,6 +61463,9 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-3566": { "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops." }, @@ -60949,6 +61511,9 @@ "CVE-2023-32248": { "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-38432": { "cmt_msg": "ksmbd: validate command payload size" }, @@ -61124,7 +61689,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-4881": { "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write" @@ -61464,9 +62029,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -61506,6 +62068,9 @@ "CVE-2017-5551": { "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -61629,6 +62194,9 @@ "CVE-2021-28712": { "cmt_msg": "xen/netfront: harden netfront against event channel storms" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2018-10938": { "cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop" }, @@ -61800,9 +62368,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2017-5669": { "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" }, @@ -62388,6 +62953,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -62970,6 +63538,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2016-0758": { "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing" }, @@ -63540,9 +64111,6 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" }, @@ -63624,6 +64192,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -63648,6 +64219,9 @@ "CVE-2016-4794": { "cmt_msg": "percpu: fix synchronization between chunk->map_extend_work and chunk destruction" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-14416": { "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" }, @@ -63930,6 +64504,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -64119,6 +64696,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -64440,9 +65020,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -64695,6 +65272,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -64842,6 +65422,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-15807": { "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" }, @@ -64977,6 +65560,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -68683,6 +69269,9 @@ "CVE-2018-3646": { "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -68725,6 +69314,9 @@ "CVE-2018-13095": { "cmt_msg": "xfs: More robust inode extent count validation" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2018-13098": { "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" }, @@ -68749,9 +69341,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, @@ -68986,6 +69575,9 @@ "CVE-2022-3344": { "cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -69004,6 +69596,9 @@ "CVE-2019-15223": { "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2019-19815": { "cmt_msg": "f2fs: support swap file w/ DIO" }, @@ -69280,6 +69875,9 @@ "CVE-2019-12382": { "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2017-13166": { "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" }, @@ -69310,9 +69908,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -69442,9 +70037,6 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, @@ -69466,6 +70058,18 @@ "CVE-2022-42895": { "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-39648": { "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" }, @@ -69931,6 +70535,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -69952,9 +70559,6 @@ "CVE-2022-21166": { "cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -70060,6 +70664,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -70270,9 +70877,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -70306,6 +70910,9 @@ "CVE-2017-5551": { "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -70435,6 +71042,9 @@ "CVE-2018-5873": { "cmt_msg": "nsfs: mark dentry with DCACHE_RCUACCESS" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2017-17558": { "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" }, @@ -70594,9 +71204,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -71173,6 +71780,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -71740,6 +72350,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -72298,9 +72911,6 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" }, @@ -72370,6 +72980,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -72394,6 +73007,9 @@ "CVE-2022-3542": { "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-14416": { "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" }, @@ -72670,6 +73286,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -72856,6 +73475,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -73186,9 +73808,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -73438,6 +74057,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -73585,6 +74207,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -73720,6 +74345,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -73989,9 +74617,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -74025,6 +74650,9 @@ "CVE-2017-5551": { "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -74151,6 +74779,9 @@ "CVE-2021-28712": { "cmt_msg": "xen/netfront: harden netfront against event channel storms" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2018-10938": { "cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop" }, @@ -74319,9 +74950,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -74892,6 +75520,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -75459,6 +76090,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -76026,9 +76660,6 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" }, @@ -76101,6 +76732,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -76125,6 +76759,9 @@ "CVE-2022-3542": { "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-14416": { "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" }, @@ -76398,6 +77035,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -76587,6 +77227,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -76917,9 +77560,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -77169,6 +77809,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -77313,6 +77956,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -77451,6 +78097,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -79012,6 +79661,9 @@ "CVE-2021-39714": { "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2019-19966": { "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" }, @@ -79153,9 +79805,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2020-0404": { "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" }, @@ -79618,6 +80267,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2016-10208": { "cmt_msg": "ext4: validate s_first_meta_bg at mount time" }, @@ -79642,6 +80294,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -80086,6 +80741,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2016-0758": { "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing" }, @@ -80236,9 +80894,6 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -80515,9 +81170,6 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" - }, "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, @@ -80572,9 +81224,15 @@ "CVE-2017-1000112": { "cmt_msg": "udp: consistently apply ufo or fragmentation" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2018-5848": { "cmt_msg": "wil6210: missing length check in wmi_set_ie" }, @@ -80803,6 +81461,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -80953,6 +81614,9 @@ "CVE-2020-25643": { "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -81220,9 +81884,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -81433,6 +82094,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -81580,6 +82244,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2023-5178": { "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, @@ -81700,6 +82367,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-19531": { "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" }, @@ -82507,6 +83177,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -82531,6 +83204,9 @@ "CVE-2020-27786": { "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -82930,6 +83606,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -82957,12 +83636,18 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, "CVE-2020-10767": { "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, @@ -83014,9 +83699,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -83105,7 +83787,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -83296,6 +83978,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -83977,6 +84671,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -84157,6 +84854,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -84447,9 +85147,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -84621,6 +85318,9 @@ "CVE-2021-28712": { "cmt_msg": "xen/netfront: harden netfront against event channel storms" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2018-10938": { "cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop" }, @@ -84792,9 +85492,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2017-5669": { "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" }, @@ -85398,6 +86095,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -86004,6 +86704,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2016-0758": { "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing" }, @@ -86586,8 +87289,8 @@ "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, - "CVE-2020-36766": { - "cmt_msg": "cec-api: prevent leaking memory through hole in structure" + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak" }, "CVE-2017-18079": { "cmt_msg": "Input: i8042 - fix crash at boot time" @@ -86598,9 +87301,6 @@ "CVE-2023-28328": { "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()" }, - "CVE-2021-20265": { - "cmt_msg": "af_unix: fix struct pid memory leak" - }, "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, @@ -86673,9 +87373,15 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2017-7533": { "cmt_msg": "dentry name snapshots" }, @@ -86991,6 +87697,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2018-10876": { "cmt_msg": "ext4: only look at the bg_flags field if it is valid" }, @@ -87177,6 +87886,9 @@ "CVE-2020-25643": { "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-11884": { "cmt_msg": "Bluetooth: hidp: fix buffer overflow" }, @@ -87504,9 +88216,6 @@ "CVE-2019-15221": { "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-23042": { "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" }, @@ -87762,6 +88471,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -87777,6 +88489,9 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -87921,6 +88636,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-15807": { "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" }, @@ -88062,6 +88780,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2018-10883": { "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" }, @@ -88848,6 +89569,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -88872,6 +89596,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -89256,6 +89983,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-1990": { "cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition" }, @@ -89280,9 +90010,15 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-0240": { "cmt_msg": "io_uring: COW io_identity on mismatch" }, @@ -89334,9 +90070,6 @@ "CVE-2021-23133": { "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -89422,7 +90155,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -89622,6 +90355,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -90288,6 +91033,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -90465,6 +91213,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -91275,6 +92026,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -91299,6 +92053,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -91689,9 +92446,15 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-0240": { "cmt_msg": "io_uring: COW io_identity on mismatch" }, @@ -91743,9 +92506,6 @@ "CVE-2021-23133": { "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -91828,7 +92588,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -92010,6 +92770,18 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -92256,6 +93028,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -92661,6 +93436,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -92832,6 +93610,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -93252,6 +94033,9 @@ "CVE-2023-51781": { "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-1734": { "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" }, @@ -93609,6 +94393,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-51780": { "cmt_msg": "atm: Fix Use-After-Free in do_vcc_ioctl" }, @@ -94002,6 +94789,9 @@ "CVE-2022-33743": { "cmt_msg": "xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-0240": { "cmt_msg": "io_uring: COW io_identity on mismatch" }, @@ -94053,9 +94843,6 @@ "CVE-2021-23133": { "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -94135,7 +94922,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -94314,6 +95101,18 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -94497,6 +95296,9 @@ "CVE-2022-20166": { "cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-3220": { "cmt_msg": "drm/msm/dpu: Add check for pstates" }, @@ -94557,6 +95359,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -94705,7 +95510,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2020-27815": { "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" @@ -94953,6 +95758,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -95118,6 +95926,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -99161,12 +99972,12 @@ "CVE-2018-13098": { "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-18680": { "cmt_msg": "unknown" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, @@ -99350,6 +100161,9 @@ "CVE-2022-3344": { "cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -99365,6 +100179,9 @@ "CVE-2019-15223": { "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2019-19815": { "cmt_msg": "f2fs: support swap file w/ DIO" }, @@ -99596,9 +100413,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2020-26145": { "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" }, @@ -99728,6 +100542,18 @@ "CVE-2022-21385": { "cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -100073,9 +100899,18 @@ "CVE-2021-39636": { "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-2194": { "cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()" }, @@ -100085,9 +100920,6 @@ "CVE-2022-23222": { "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2022-41848": { "cmt_msg": "" }, @@ -100166,6 +100998,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -100419,9 +101254,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -100455,6 +101287,9 @@ "CVE-2017-5551": { "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -100578,6 +101413,9 @@ "CVE-2021-28712": { "cmt_msg": "xen/netfront: harden netfront against event channel storms" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2017-17558": { "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" }, @@ -100737,9 +101575,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -101322,6 +102157,9 @@ "CVE-2019-14814": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -101886,6 +102724,9 @@ "CVE-2017-7308": { "cmt_msg": "net/packet: fix overflow in check for priv area size" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -102510,6 +103351,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -102534,6 +103378,9 @@ "CVE-2022-3542": { "cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-14416": { "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" }, @@ -102807,6 +103654,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-2194": { "cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()" }, @@ -102993,6 +103843,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -103323,9 +104176,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -103569,6 +104419,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -103716,6 +104569,9 @@ "CVE-2022-41858": { "cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -103857,6 +104713,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2017-16648": { "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" }, @@ -104148,9 +105007,6 @@ "CVE-2018-10124": { "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2022-0487": { "cmt_msg": "moxart: fix potential use-after-free on remove path" }, @@ -104175,6 +105031,9 @@ "CVE-2022-21125": { "cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS" }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, @@ -104289,6 +105148,9 @@ "CVE-2019-11085": { "cmt_msg": "drm/i915/gvt: Fix mmap range check" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2017-17558": { "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" }, @@ -104451,9 +105313,6 @@ "CVE-2022-23037": { "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" }, - "CVE-2024-0564": { - "cmt_msg": "" - }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -104988,6 +105847,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -105021,6 +105883,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -105555,6 +106420,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12769": { "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" }, @@ -105865,7 +106733,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -106167,6 +107035,9 @@ "CVE-2017-1000111": { "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2017-18218": { "cmt_msg": "net: hns: Fix a skb used after free bug" }, @@ -106431,6 +107302,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -106602,6 +107476,9 @@ "CVE-2021-39657": { "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -106920,9 +107797,6 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2020-10942": { "cmt_msg": "vhost: Check docket sk_family instead of call getname" }, @@ -107166,6 +108040,9 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -107313,6 +108190,9 @@ "CVE-2023-46343": { "cmt_msg": "nfc: nci: fix possible NULL pointer dereference in send_acknowledge()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, @@ -107445,6 +108325,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2018-8087": { "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" }, @@ -108482,6 +109365,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -108512,6 +109398,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -108959,6 +109848,9 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-2153": { "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()" }, @@ -108974,6 +109866,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -109001,6 +109896,9 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, @@ -109103,9 +110001,6 @@ "CVE-2019-20096": { "cmt_msg": "dccp: Fix memleak in __feat_register_sp" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -109206,7 +110101,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -109442,6 +110337,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -110273,6 +111180,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -110318,9 +111228,6 @@ "CVE-2020-29374": { "cmt_msg": "gup: document and work around \"COW can break either way\" issue" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, @@ -110486,6 +111393,9 @@ "CVE-2023-31083": { "cmt_msg": "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-14284": { "cmt_msg": "floppy: fix div-by-zero in setup_format_params" }, @@ -111474,6 +112384,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -111901,7 +112814,7 @@ "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-50431": { "cmt_msg": "accel/habanalabs: fix information leak in sec_attest_info()" @@ -111951,6 +112864,9 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-2153": { "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()" }, @@ -111966,6 +112882,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -111993,6 +112912,9 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, @@ -112095,9 +113017,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -112326,6 +113245,9 @@ "CVE-2021-3348": { "cmt_msg": "nbd: freeze the queue while we're adding connections" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-20941": { "cmt_msg": "" }, @@ -112419,6 +113341,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -113253,6 +114187,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -113463,6 +114400,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -114435,6 +115375,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-19048": { "cmt_msg": "virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr" }, @@ -114456,6 +115399,9 @@ "CVE-2020-27786": { "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -114838,7 +115784,7 @@ "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-50431": { "cmt_msg": "accel/habanalabs: fix information leak in sec_attest_info()" @@ -114885,6 +115831,9 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-2153": { "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()" }, @@ -114900,6 +115849,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -114930,6 +115882,9 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, @@ -115011,9 +115966,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -115326,6 +116278,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -116130,6 +117094,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -116328,6 +117295,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -116811,6 +117781,9 @@ "CVE-2023-51781": { "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-1734": { "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" }, @@ -117114,6 +118087,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -117453,6 +118429,9 @@ "CVE-2022-25375": { "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-3903": { "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines" }, @@ -117486,9 +118465,6 @@ "CVE-2021-41073": { "cmt_msg": "io_uring: ensure symmetry in handling iter types in loop_rw_iter()" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -117571,7 +118547,7 @@ "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -117729,6 +118705,18 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-1508": { "cmt_msg": "io_uring: reexpand under-reexpanded iters" }, @@ -117879,6 +118867,9 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-3220": { "cmt_msg": "drm/msm/dpu: Add check for pstates" }, @@ -117933,6 +118924,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -118075,7 +119069,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -118284,6 +119278,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -118443,6 +119440,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -118858,6 +119858,9 @@ "CVE-2023-51781": { "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-1734": { "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" }, @@ -119149,6 +120152,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -119485,6 +120491,9 @@ "CVE-2022-25375": { "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-3903": { "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines" }, @@ -119515,9 +120524,6 @@ "CVE-2021-41073": { "cmt_msg": "io_uring: ensure symmetry in handling iter types in loop_rw_iter()" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2023-28410": { "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" }, @@ -119597,7 +120603,7 @@ "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -119752,6 +120758,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-1508": { "cmt_msg": "io_uring: reexpand under-reexpanded iters" }, @@ -119908,6 +120926,9 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-3220": { "cmt_msg": "drm/msm/dpu: Add check for pstates" }, @@ -119959,6 +120980,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -120098,7 +121122,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -120298,6 +121322,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -120460,6 +121487,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -123075,6 +124105,9 @@ "CVE-2023-23000": { "cmt_msg": "phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-1872": { "cmt_msg": "io_uring: propagate issue_flags state down to file assignment" }, @@ -123084,8 +124117,8 @@ "CVE-2020-24502": { "cmt_msg": "" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" + "CVE-2023-6240": { + "cmt_msg": "" }, "CVE-2020-24504": { "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" @@ -123142,7 +124175,7 @@ "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -123214,7 +124247,7 @@ "cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2024-23848": { "cmt_msg": "" @@ -123285,9 +124318,21 @@ "CVE-2022-39188": { "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, @@ -123360,6 +124405,12 @@ "CVE-2022-0500": { "cmt_msg": "bpf: Introduce MEM_RDONLY flag" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -123450,6 +124501,9 @@ "CVE-2021-3542": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, @@ -123513,6 +124567,12 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -124050,6 +125110,9 @@ "CVE-2023-51781": { "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-1734": { "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" }, @@ -124389,6 +125452,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -124746,6 +125812,9 @@ "CVE-2022-25375": { "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2021-35039": { "cmt_msg": "module: limit enabling module.sig_enforce" }, @@ -124794,9 +125863,6 @@ "CVE-2021-41073": { "cmt_msg": "io_uring: ensure symmetry in handling iter types in loop_rw_iter()" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -124879,7 +125945,7 @@ "cmt_msg": "floppy: use a statically allocated error counter" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -125049,6 +126115,18 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-1508": { "cmt_msg": "io_uring: reexpand under-reexpanded iters" }, @@ -125205,6 +126283,9 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-3220": { "cmt_msg": "drm/msm/dpu: Add check for pstates" }, @@ -125259,6 +126340,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -125404,7 +126488,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -125619,6 +126703,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -125787,6 +126874,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -126463,6 +127553,9 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -126613,6 +127706,9 @@ "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -126877,6 +127973,12 @@ "CVE-2022-48619": { "cmt_msg": "Input: add bounds checking to input_set_capability()" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-2308": { "cmt_msg": "vduse: prevent uninitialized memory accesses" }, @@ -126992,7 +128094,7 @@ "cmt_msg": "floppy: use a statically allocated error counter" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -127123,6 +128225,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -127291,6 +128405,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -127406,7 +128523,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -127582,6 +128699,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -127714,6 +128834,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -128315,6 +129438,9 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -128456,6 +129582,9 @@ "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -128696,6 +129825,12 @@ "CVE-2022-4662": { "cmt_msg": "USB: core: Prevent nested device-reset calls" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-2308": { "cmt_msg": "vduse: prevent uninitialized memory accesses" }, @@ -128805,7 +129940,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -128933,6 +130068,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -129086,6 +130233,9 @@ "CVE-2022-25265": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -129192,7 +130342,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -129344,6 +130494,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -129464,6 +130617,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -129877,6 +131033,9 @@ "CVE-2023-51781": { "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2022-1734": { "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" }, @@ -130162,6 +131321,9 @@ "CVE-2023-23002": { "cmt_msg": "Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -130495,6 +131657,9 @@ "CVE-2022-25375": { "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-3903": { "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines" }, @@ -130522,9 +131687,6 @@ "CVE-2023-21102": { "cmt_msg": "efi: rt-wrapper: Add missing include" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2023-28410": { "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" }, @@ -130601,7 +131763,7 @@ "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -130738,6 +131900,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-1508": { "cmt_msg": "io_uring: reexpand under-reexpanded iters" }, @@ -130876,6 +132050,9 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-3220": { "cmt_msg": "drm/msm/dpu: Add check for pstates" }, @@ -130924,6 +132101,9 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -131054,7 +132234,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -131242,6 +132422,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, @@ -131404,6 +132587,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -133645,6 +134831,9 @@ "CVE-2023-23000": { "cmt_msg": "phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-1872": { "cmt_msg": "io_uring: propagate issue_flags state down to file assignment" }, @@ -133654,6 +134843,9 @@ "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-6610": { "cmt_msg": "smb: client: fix potential OOB in smb2_dump_detail()" }, @@ -133706,7 +134898,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -133766,7 +134958,7 @@ "cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2024-23848": { "cmt_msg": "" @@ -133819,9 +135011,21 @@ "CVE-2022-39188": { "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, @@ -133876,6 +135080,15 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -134020,6 +135233,12 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -134984,6 +136203,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-9466": { "cmt_msg": "brcmfmac: add subtype check for event handling in data path" }, @@ -135017,6 +136239,9 @@ "CVE-2019-14815": { "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -135476,6 +136701,9 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2022-23036": { "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" }, @@ -135494,6 +136722,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -135629,9 +136860,6 @@ "CVE-2019-20096": { "cmt_msg": "dccp: Fix memleak in __feat_register_sp" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -135732,7 +136960,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -135971,9 +137199,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, "CVE-2019-11884": { "cmt_msg": "Bluetooth: hidp: fix buffer overflow" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2019-3892": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, @@ -136214,6 +137451,9 @@ "CVE-2019-16413": { "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-12659": { "cmt_msg": "xsk: Add missing check on user supplied headroom size" }, @@ -136376,6 +137616,9 @@ "CVE-2023-4387": { "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()" }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -136844,6 +138087,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2019-3887": { "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" }, @@ -136898,9 +138144,6 @@ "CVE-2019-25045": { "cmt_msg": "xfrm: clean up xfrm protocol checks" }, - "CVE-2024-0841": { - "cmt_msg": "" - }, "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, @@ -137075,6 +138318,9 @@ "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2019-14284": { "cmt_msg": "floppy: fix div-by-zero in setup_format_params" }, @@ -140130,12 +141376,12 @@ "CVE-2020-24502": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2019-19449": { "cmt_msg": "f2fs: fix to do sanity check on segment/section count" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2020-24504": { "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" }, @@ -140275,7 +141521,7 @@ "cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2024-23848": { "cmt_msg": "" @@ -140352,9 +141598,21 @@ "CVE-2022-39188": { "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, @@ -140421,6 +141679,9 @@ "CVE-2023-20928": { "cmt_msg": "android: binder: stop saving a pointer to the VMA" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2020-12362": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" }, @@ -140436,6 +141697,12 @@ "CVE-2022-3176": { "cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -140514,6 +141781,9 @@ "CVE-2021-20239": { "cmt_msg": "net: pass a sockptr_t into ->setsockopt" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2021-39801": { "cmt_msg": "" }, @@ -140547,6 +141817,9 @@ "CVE-2021-3542": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-1281": { "cmt_msg": "net/sched: tcindex: update imperfect hash filters respecting rcu" }, @@ -140619,6 +141892,9 @@ "CVE-2022-3606": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3640": { "cmt_msg": "" } @@ -141082,6 +142358,9 @@ "CVE-2022-3707": { "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2024-0562": { "cmt_msg": "writeback: avoid use-after-free after removing device" }, @@ -141271,6 +142550,9 @@ "CVE-2023-23004": { "cmt_msg": "malidp: Fix NULL vs IS_ERR() checking" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -141590,7 +142872,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -141715,6 +142997,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -141874,6 +143168,9 @@ "CVE-2022-25265": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -141974,7 +143271,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -142105,6 +143402,15 @@ "CVE-2023-2860": { "cmt_msg": "ipv6: sr: fix out-of-bounds read when setting HMAC data." }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-2194": { "cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()" }, @@ -142204,6 +143510,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -142581,6 +143890,9 @@ "CVE-2022-3707": { "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2024-0564": { "cmt_msg": "" }, @@ -142758,6 +144070,9 @@ "CVE-2023-32250": { "cmt_msg": "ksmbd: fix racy issue from session setup and logoff" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -142767,6 +144082,9 @@ "CVE-2023-44466": { "cmt_msg": "libceph: harden msgr2.1 frame segment length checks" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2019-19814": { "cmt_msg": "" }, @@ -143050,7 +144368,7 @@ "cmt_msg": "" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" @@ -143166,6 +144484,18 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -143407,7 +144737,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2024-23851": { "cmt_msg": "" @@ -143547,6 +144877,15 @@ "CVE-2023-2860": { "cmt_msg": "ipv6: sr: fix out-of-bounds read when setting HMAC data." }, + "CVE-2024-24860": { + "cmt_msg": "" + }, + "CVE-2024-24861": { + "cmt_msg": "" + }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-2194": { "cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()" }, @@ -143640,6 +144979,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" } @@ -144683,6 +146025,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -144704,6 +146049,9 @@ "CVE-2020-27786": { "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -145124,6 +146472,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2020-12768": { "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" }, @@ -145154,12 +146505,18 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-10766": { "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" }, "CVE-2020-10767": { "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, @@ -145217,9 +146574,6 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -145314,7 +146668,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -145526,6 +146880,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -146267,6 +147633,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -146453,6 +147822,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -147216,6 +148588,9 @@ "CVE-2024-1086": { "cmt_msg": "netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2019-15794": { "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" }, @@ -147237,6 +148612,9 @@ "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2023-23559": { "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, @@ -147624,6 +149002,9 @@ "CVE-2018-12931": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-1990": { "cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition" }, @@ -147648,9 +149029,15 @@ "CVE-2021-3732": { "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-0240": { "cmt_msg": "io_uring: COW io_identity on mismatch" }, @@ -147702,9 +149089,6 @@ "CVE-2021-23133": { "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" }, - "CVE-2024-22705": { - "cmt_msg": "ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()" - }, "CVE-2021-0920": { "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" }, @@ -147793,7 +149177,7 @@ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, "CVE-2024-23849": { - "cmt_msg": "" + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" }, "CVE-2020-29568": { "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" @@ -147984,6 +149368,18 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, + "CVE-2024-24855": { + "cmt_msg": "" + }, + "CVE-2024-24857": { + "cmt_msg": "" + }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -148662,6 +150058,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -148839,6 +150238,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-3338": { "cmt_msg": "Remove DECnet support from kernel" }, @@ -149246,9 +150648,15 @@ "CVE-2022-2209": { "cmt_msg": "" }, - "CVE-2024-23849": { + "CVE-2024-24857": { "cmt_msg": "" }, + "CVE-2024-23849": { + "cmt_msg": "net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv" + }, + "CVE-2024-1312": { + "cmt_msg": "mm: lock_vma_under_rcu() must check vma->anon_vma under vma lock" + }, "CVE-2023-51043": { "cmt_msg": "drm/atomic: Fix potential use-after-free in nonblocking commits" }, @@ -149268,7 +150676,7 @@ "cmt_msg": "" }, "CVE-2024-23850": { - "cmt_msg": "" + "cmt_msg": "btrfs: do not ASSERT() if the newly created subvolume already got read" }, "CVE-2023-40283": { "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb" @@ -149312,6 +150720,9 @@ "CVE-2023-25775": { "cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration" }, + "CVE-2024-24861": { + "cmt_msg": "" + }, "CVE-2023-20941": { "cmt_msg": "" }, @@ -149420,9 +150831,18 @@ "CVE-2023-31248": { "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id" }, + "CVE-2024-24859": { + "cmt_msg": "" + }, + "CVE-2024-24858": { + "cmt_msg": "" + }, "CVE-2005-3660": { "cmt_msg": "" }, + "CVE-2024-24855": { + "cmt_msg": "" + }, "CVE-2023-31085": { "cmt_msg": "ubi: Refuse attaching if mtd's erasesize is 0" }, @@ -149498,6 +150918,9 @@ "CVE-2024-0841": { "cmt_msg": "" }, + "CVE-2024-22386": { + "cmt_msg": "" + }, "CVE-2023-4921": { "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()" }, @@ -149507,6 +150930,9 @@ "CVE-2024-23851": { "cmt_msg": "" }, + "CVE-2024-24860": { + "cmt_msg": "" + }, "CVE-2023-34319": { "cmt_msg": "xen/netback: Fix buffer overrun triggered by unusual packet" }, @@ -149528,6 +150954,9 @@ "CVE-2022-3642": { "cmt_msg": "" }, + "CVE-2023-6240": { + "cmt_msg": "" + }, "CVE-2024-0584": { "cmt_msg": "ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet" }, @@ -149645,6 +151074,9 @@ "CVE-2015-2877": { "cmt_msg": "" }, + "CVE-2024-24864": { + "cmt_msg": "" + }, "CVE-2023-26242": { "cmt_msg": "" }, @@ -149699,6 +151131,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2024-23196": { + "cmt_msg": "" + }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" },
diff --git a/data/stream_fixes.json b/data/stream_fixes.json index 66ba899..8a8cc83 100644 --- a/data/stream_fixes.json +++ b/data/stream_fixes.json
@@ -42187,6 +42187,12 @@ "fixed_version": "6.7.3" } }, + "CVE-2024-1312": { + "6.4": { + "cmt_id": "93a0b7d43de51b38c4c91d4121e447018132119a", + "fixed_version": "6.4.10" + } + }, "CVE-2024-22705": { "5.15": { "cmt_id": "d739f2b6d8f57aa9377362cd8c0b1152a4dd6bd5", @@ -42200,5 +42206,19 @@ "cmt_id": "7d5f219f1ef69f27eb8cbfb794d634fc9c4d24ac", "fixed_version": "6.6.10" } + }, + "CVE-2024-23849": { + "6.1": { + "cmt_id": "71024928b3f71ce4529426f8692943205c58d30b", + "fixed_version": "6.1.76" + }, + "6.6": { + "cmt_id": "7a73190ea557e7f26914b0fe04c1f57a96cb771f", + "fixed_version": "6.6.15" + }, + "6.7": { + "cmt_id": "0b787c2dea15e7a2828fa3a74a5447df4ed57711", + "fixed_version": "6.7.3" + } } } \ No newline at end of file