Update 27Jan23
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index 8825297..a1e340c 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,45 +1,39 @@
# **Linux Kernel CVE Changes**
-## Last Update - 20Jan23 15:39
+## Last Update - 27Jan23 13:54
### **New CVEs Added:**
-[CVE-2022-47929](cves/CVE-2022-47929)
-[CVE-2023-0179](cves/CVE-2023-0179)
-[CVE-2023-0266](cves/CVE-2023-0266)
-[CVE-2023-0394](cves/CVE-2023-0394)
-[CVE-2023-23559](cves/CVE-2023-23559)
+[CVE-2023-0468](cves/CVE-2023-0468)
+[CVE-2023-0469](cves/CVE-2023-0469)
### **New Versions Checked:**
-[4.14.303](streams/4.14)
-[4.19.270](streams/4.19)
-[5.10.164](streams/5.10)
-[5.15.89](streams/5.15)
-[5.4.229](streams/5.4)
-[6.1.7](streams/6.1)
+[4.14.304](streams/4.14)
+[4.19.271](streams/4.19)
+[5.10.165](streams/5.10)
+[5.15.90](streams/5.15)
+[5.4.230](streams/5.4)
+[6.1.8](streams/6.1)
### **Updated CVEs:**
-[CVE-2022-3424](cves/CVE-2022-3424)
-[CVE-2022-3534](cves/CVE-2022-3534)
-[CVE-2022-3545](cves/CVE-2022-3545)
-[CVE-2022-36280](cves/CVE-2022-36280)
-[CVE-2022-41218](cves/CVE-2022-41218)
-[CVE-2022-45934](cves/CVE-2022-45934)
-[CVE-2022-47946](cves/CVE-2022-47946)
-[CVE-2023-0210](cves/CVE-2023-0210)
+[CVE-2022-3565](cves/CVE-2022-3565)
+[CVE-2022-3623](cves/CVE-2022-3623)
+[CVE-2022-4696](cves/CVE-2022-4696)
+[CVE-2022-47929](cves/CVE-2022-47929)
+[CVE-2022-4842](cves/CVE-2022-4842)
+[CVE-2023-0179](cves/CVE-2023-0179)
+[CVE-2023-23559](cves/CVE-2023-23559)
+[CVE-2022-3522](cves/CVE-2022-3522)
+[CVE-2022-3628](cves/CVE-2022-3628)
+[CVE-2022-3977](cves/CVE-2022-3977)
+[CVE-2022-41858](cves/CVE-2022-41858)
+[CVE-2023-0122](cves/CVE-2023-0122)
+[CVE-2023-0394](cves/CVE-2023-0394)
[CVE-2023-20928](cves/CVE-2023-20928)
[CVE-2023-23454](cves/CVE-2023-23454)
[CVE-2023-23455](cves/CVE-2023-23455)
-[CVE-2022-2196](cves/CVE-2022-2196)
-[CVE-2022-23816](cves/CVE-2022-23816)
-[CVE-2022-41858](cves/CVE-2022-41858)
-[CVE-2022-4379](cves/CVE-2022-4379)
-[CVE-2022-4382](cves/CVE-2022-4382)
-[CVE-2022-4543](cves/CVE-2022-4543)
-[CVE-2022-4696](cves/CVE-2022-4696)
-[CVE-2023-0122](cves/CVE-2023-0122)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 4e0342c..13bc573 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1231,12 +1231,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index 5ecf2a7..36519b1 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1369,12 +1369,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 2481063..4fd2af9 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1200,12 +1200,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index 83b51ef..b45ae06 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1334,12 +1334,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index f7224a2..fbc1079 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1185,12 +1185,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index d4fccc6..5c9ea22 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1291,12 +1291,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index c8fe472..2d56ccb 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1170,12 +1170,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index 54844bb..e02325a 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1404,12 +1404,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index a6a2e80..e5c474e 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1203,12 +1203,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index d705a04..e144aec 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1359,12 +1359,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 90ce6ba..f5c6c47 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1135,12 +1135,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
-CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index b7d33f4..fbc165c 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1231,12 +1231,11 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
- CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index b2f6215..6d62bd4 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -1035,13 +1035,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index f4a7627..c92e17f 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -1069,13 +1069,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index d8b7638..e2e2e37 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -1007,13 +1007,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index 17ab954..48c8683 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -1029,13 +1029,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index 676ac13..c46ebda 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -991,13 +991,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 646ee37..8248163 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -1017,13 +1017,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index e9a0cd8..b1bcd56 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -974,13 +974,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 815c78b..3645fdd 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -1002,13 +1002,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index f6ee64a..57af1d8 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -943,13 +943,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fixed with 4.14.303
CVE-2022-4662: Fixed with 4.14.293
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fixed with 4.14.303
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fixed with 4.14.256
CVE-2023-0266: Fixed with 4.14.303
CVE-2023-0394: Fixed with 4.14.303
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fixed with 4.14.303
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index d24e202..1939bf9 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1450,8 +1450,8 @@
CVE-2022-45886: (unk)
CVE-2022-45887: (unk)
CVE-2022-45919: (unk)
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index 5354931..4872014 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -894,13 +894,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index d104c20..4a6ad8e 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -926,13 +926,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index cb061b5..79b31b3 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -874,13 +874,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 1a1df60..87fcb5c 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -906,13 +906,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 892f952..0dfdb36 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -854,13 +854,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 16b1f3d..e5fe371 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -886,13 +886,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 35bb4c4..d35706b 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -832,13 +832,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index 9c2fcdd..ba33226 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -864,13 +864,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 25a9771..58f7657 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -811,13 +811,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fixed with 4.19.270
CVE-2022-4662: Fixed with 4.19.258
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fixed with 4.19.270
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fixed with 4.19.218
CVE-2023-0266: Fixed with 4.19.270
CVE-2023-0394: Fixed with 4.19.270
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fixed with 4.19.270
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 0edcb74..fcb6e40 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -1246,8 +1246,8 @@
CVE-2022-45886: (unk)
CVE-2022-45887: (unk)
CVE-2022-45919: (unk)
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index 2e6ddab..7c25b48 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -800,14 +800,14 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index ce383d7..7c0e9bc 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -832,14 +832,14 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index bd18138..15c07fb 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1132,13 +1132,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 925cdc8..9ccd5e1 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1148,13 +1148,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 99bc2b2..b85e42d 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1113,13 +1113,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index 6d11e62..c613142 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1597,13 +1597,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index a1e5ca4..71b09a4 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1095,13 +1095,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 619d814..d52d1a7 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1111,13 +1111,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 6e4e784..fcef98c 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -1068,13 +1068,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index 89a91c5..c72ba1f 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -1086,13 +1086,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index d4f0c1b..0f197fc 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -1051,13 +1051,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index d0c9196..b4286f7 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -1071,13 +1071,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 4363dcc..173211a 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -1055,13 +1055,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index 974a721..93b8eae 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -1085,13 +1085,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index 84509e4..2c6529a 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -1054,13 +1054,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fixed with 4.9.337
CVE-2022-4662: Fixed with 4.9.328
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0030: Fix not seen in stream
CVE-2023-0047: Fixed with 4.9.291
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index b79aaab..d6c243c 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1599,12 +1599,12 @@
CVE-2022-45886: (unk)
CVE-2022-45887: (unk)
CVE-2022-45919: (unk)
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index c9bdce0..d452bcb 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -780,13 +780,13 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index 6362951..3c2ffd3 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -828,13 +828,13 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index d8b0e55..e1d3a4a 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -756,14 +756,14 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index 2242ecc..7123942 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -792,14 +792,14 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index b61bfd4..7b4f866 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -492,10 +492,11 @@
CVE-2022-47929: Fixed with 5.10.163
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fixed with 5.10.80
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fixed with 5.10.164
CVE-2023-0266: Fixed with 5.10.163
CVE-2023-0394: Fixed with 5.10.164
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fixed with 5.10.163
CVE-2023-23455: Fixed with 5.10.163
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index e8b4c86..6dd296d 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -610,6 +610,7 @@
CVE-2023-23455: 5f65f48516bfeebaab1ccc52c8fad698ddf21282 net: sched: atm: dont intepret cls results when asked to drop
CVEs fixed in 5.10.164:
+ CVE-2023-0179: 550efeff989b041f3746118c0ddd863c39ddc1aa netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0394: 6c9e2c11c33c35563d34d12b343d43b5c12200b5 ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
Outstanding CVEs:
@@ -736,6 +737,6 @@
CVE-2022-45919: (unk)
CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
- CVE-2023-0179: (unk)
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index 2ed703a..0d26e92 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -484,10 +484,11 @@
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 2674174..143aadb 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -524,10 +524,11 @@
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 412ad6b..4d6d811 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -435,10 +435,11 @@
CVE-2022-47521: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index e02af71..71de44a 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -467,10 +467,11 @@
CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 70402a6..28d829c 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -403,10 +403,11 @@
CVE-2022-47521: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index 07218e9..f8a1e35 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -435,10 +435,11 @@
CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index e473a18..7bd24cd 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -376,10 +376,11 @@
CVE-2022-47521: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2023-0047: Fixed with 5.14.19
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 1fec7b6..b02dee1 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -410,10 +410,11 @@
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 7ab2e75..2227c75 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -352,13 +352,14 @@
CVE-2022-47941: Fixed with 5.15.61
CVE-2022-47942: Fixed with 5.15.62
CVE-2022-47943: Fixed with 5.15.62
-CVE-2022-4842: Fix not seen in stream
+CVE-2022-4842: Fixed with 5.15.90
CVE-2023-0047: Fixed with 5.15.3
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fixed with 5.15.89
CVE-2023-0210: Fixed with 5.15.87
CVE-2023-0266: Fixed with 5.15.88
CVE-2023-0394: Fixed with 5.15.89
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fixed with 5.15.61
CVE-2023-23454: Fixed with 5.15.87
CVE-2023-23455: Fixed with 5.15.87
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index 3ca2a2f..469d87d 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -398,8 +398,12 @@
CVE-2023-0266: 26350c21bc5e97a805af878e092eb8125843fe2c ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVEs fixed in 5.15.89:
+ CVE-2023-0179: a8acfe2c6fb99f9375a9325807a179cd8c32e6e3 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0394: 456e3794e08a0b59b259da666e31d0884b376bcf ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+CVEs fixed in 5.15.90:
+ CVE-2022-4842: 9cca110cf8bb0653b423dba7a7c4cc23ccf91b28 fs/ntfs3: Fix attr_punch_hole() null pointer derenference
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -501,6 +505,5 @@
CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition
CVE-2022-45919: (unk)
CVE-2022-47940: (unk) ksmbd: validate length in smb2_write()
- CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
- CVE-2023-23559: (unk)
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index 57db59c..b9de9b7 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -322,11 +322,12 @@
CVE-2022-47942: Fix not seen in stream
CVE-2022-47943: Fix not seen in stream
CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0210: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 97be77c..574d8f2 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -358,11 +358,12 @@
CVE-2022-47942: (unk) ksmbd: fix heap-based overflow in set_ntacl_dacl()
CVE-2022-47943: (unk) ksmbd: prevent out of bound read for SMB2_WRITE
CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0210: (unk) ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index fc5b201..26d955c 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -268,11 +268,13 @@
CVE-2022-47942: Fix not seen in stream
CVE-2022-47943: Fix not seen in stream
CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0210: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0468: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index b702f7e..a60d94b 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -300,11 +300,13 @@
CVE-2022-47942: (unk) ksmbd: fix heap-based overflow in set_ntacl_dacl()
CVE-2022-47943: (unk) ksmbd: prevent out of bound read for SMB2_WRITE
CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0210: (unk) ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0468: (unk) io_uring: make poll refs more robust
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index 1d79f4e..aa08e4d 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -223,11 +223,13 @@
CVE-2022-47942: Fixed with 5.18.18
CVE-2022-47943: Fixed with 5.18.18
CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0210: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0468: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fixed with 5.18.18
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index c624a50..31b00f8 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -256,10 +256,12 @@
CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0210: (unk) ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0468: (unk) io_uring: make poll refs more robust
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 79055fc..fa3c3bf 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -96,7 +96,7 @@
CVE-2022-3544: Fix unknown
CVE-2022-3545: Fix not seen in stream
CVE-2022-3564: Fix not seen in stream
-CVE-2022-3565: Fix not seen in stream
+CVE-2022-3565: Fixed with 5.19.17
CVE-2022-3566: Fix not seen in stream
CVE-2022-3567: Fix not seen in stream
CVE-2022-3586: Fixed with 5.19.9
@@ -104,7 +104,7 @@
CVE-2022-3595: Fix not seen in stream
CVE-2022-3619: Fix not seen in stream
CVE-2022-3621: Fixed with 5.19.16
-CVE-2022-3623: Fix not seen in stream
+CVE-2022-3623: Fixed with 5.19.17
CVE-2022-3624: Fix not seen in stream
CVE-2022-3625: Fix not seen in stream
CVE-2022-3628: Fix not seen in stream
@@ -177,11 +177,13 @@
CVE-2022-47942: Fixed with 5.19.2
CVE-2022-47943: Fixed with 5.19.2
CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0210: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0468: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index 94d762d..ce07096 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -55,7 +55,9 @@
CVEs fixed in 5.19.17:
CVE-2022-3542: 96c0c14135f5803f9e94e6da2ee9c4b012fdcb20 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
+ CVE-2022-3565: 1f76323ac43fe0b00677794c930dee9f66ea2999 mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3594: 2e896abccf99fef76691d8e1019bd44105a12e1f r8152: Rate limit overflow messages
+ CVE-2022-3623: 86a913d55c89dd13ba070a87f61a493563e94b54 mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-43945: c2a878095b5c6f04f90553a3c45872f990dab14e NFSD: Protect against send buffer overflow in NFSv2 READDIR
Outstanding CVEs:
@@ -142,12 +144,10 @@
CVE-2022-3544: (unk)
CVE-2022-3545: (unk) nfp: fix use-after-free in area_cache_get()
CVE-2022-3564: (unk) Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
- CVE-2022-3565: (unk) mISDN: fix use-after-free bugs in l1oip timer handlers
CVE-2022-3566: (unk) tcp: Fix data races around icsk->icsk_af_ops.
CVE-2022-3567: (unk) ipv6: Fix data races around sk->sk_prot.
CVE-2022-3595: (unk) cifs: fix double-fault crash during ntlmssp
CVE-2022-3619: (unk) Bluetooth: L2CAP: Fix memory leak in vhci_write
- CVE-2022-3623: (unk) mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
CVE-2022-3624: (unk) bonding: fix reference count leak in balance-alb mode
CVE-2022-3625: (unk) devlink: Fix use-after-free after a failed reload
CVE-2022-3628: (unk) wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
@@ -203,11 +203,13 @@
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47939: (unk) ksmbd: fix use-after-free bug in smb2_tree_disconect
CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0210: (unk) ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0468: (unk) io_uring: make poll refs more robust
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index f6ab586..f5c9d04 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -718,14 +718,14 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index e708e40..5aa96a9 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -756,14 +756,14 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index 74c5081..bafecec 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -690,14 +690,14 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 9ced0f4..b6c1423 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -726,14 +726,14 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index 1fa3661..09bac42 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -619,14 +619,14 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fixed with 5.4.229
CVE-2022-4662: Fixed with 5.4.213
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fixed with 5.4.229
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fixed with 5.4.160
CVE-2023-0266: Fixed with 5.4.229
CVE-2023-0394: Fixed with 5.4.229
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fixed with 5.4.229
CVE-2023-23455: Fixed with 5.4.229
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index f58c18d..51c3ff2 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -971,8 +971,8 @@
CVE-2022-45886: (unk)
CVE-2022-45887: (unk)
CVE-2022-45919: (unk)
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 8dc58c8..a83eae2 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -579,15 +579,15 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index d7185b0..f96a8c6 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -613,15 +613,15 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index aab0523..0058848 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -555,15 +555,15 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index d1644e6..ea4ee1c 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -589,15 +589,15 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index 8b26e89..a8beeda 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -546,7 +546,6 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47518: Fix not seen in stream
CVE-2022-47519: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
@@ -554,10 +553,11 @@
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index e202d7c..920e6fe 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -580,7 +580,6 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47518: (unk) wifi: wilc1000: validate number of channels
CVE-2022-47519: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
@@ -588,10 +587,11 @@
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index 4a6cff5..b71d048 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -531,7 +531,6 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47518: Fix not seen in stream
CVE-2022-47519: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
@@ -539,10 +538,11 @@
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index 6a9aed9..341bf66 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -565,7 +565,6 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47518: (unk) wifi: wilc1000: validate number of channels
CVE-2022-47519: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
@@ -573,10 +572,11 @@
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index 7b7c276..c0d1c1c 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -504,7 +504,6 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fix not seen in stream
CVE-2022-4662: Fix not seen in stream
-CVE-2022-4696: Fix not seen in stream
CVE-2022-47518: Fix not seen in stream
CVE-2022-47519: Fix not seen in stream
CVE-2022-47520: Fix not seen in stream
@@ -512,10 +511,11 @@
CVE-2022-47929: Fix not seen in stream
CVE-2022-47946: Fix not seen in stream
CVE-2023-0047: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0469: Fix not seen in stream
CVE-2023-20928: Fix not seen in stream
CVE-2023-23454: Fix not seen in stream
CVE-2023-23455: Fix not seen in stream
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index 5e0b630..e9e9586 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -534,7 +534,6 @@
CVE-2022-45919: (unk)
CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow
CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls
- CVE-2022-4696: (unk) io_uring: remove any grabbing of context
CVE-2022-47518: (unk) wifi: wilc1000: validate number of channels
CVE-2022-47519: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets
@@ -542,10 +541,11 @@
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting
CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt
index 3b00899..3270955 100644
--- a/data/6.0/6.0_CVEs.txt
+++ b/data/6.0/6.0_CVEs.txt
@@ -143,10 +143,12 @@
CVE-2022-47521: Fixed with 6.0.11
CVE-2022-47929: Fix not seen in stream
CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2023-0179: Fix not seen in stream
CVE-2023-0210: Fixed with 6.0.19
CVE-2023-0266: Fix not seen in stream
CVE-2023-0394: Fix not seen in stream
+CVE-2023-0468: Fixed with 6.0.11
+CVE-2023-0469: Fixed with 6.0.11
CVE-2023-23454: Fixed with 6.0.19
CVE-2023-23455: Fixed with 6.0.19
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt
index 73bfaa8..c82ea27 100644
--- a/data/6.0/6.0_security.txt
+++ b/data/6.0/6.0_security.txt
@@ -54,6 +54,8 @@
CVE-2022-47519: c4b629c29a51344a99f279e0bc0caffd25897725 wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
CVE-2022-47520: b3ac275fe82fb2e52085dace26ab65c91b3434b8 wifi: wilc1000: validate pairwise and authentication suite offsets
CVE-2022-47521: 0269a353bb4bf49902c702e0b55dcab0d470f5aa wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
+ CVE-2023-0468: bc4e6ee16778149811333a969a7a893d4cc110c5 io_uring: make poll refs more robust
+ CVE-2023-0469: 77a467a3e20978607c56aa4886f46f78ca287054 io_uring/filetable: fix file reference underflow
CVEs fixed in 6.0.12:
CVE-2022-3435: bb20a2ae241be846bc3c11ea4b3a3c69e41d51f2 ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
@@ -176,7 +178,7 @@
CVE-2022-45919: (unk)
CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes
CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
+ CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVE-2023-0394: (unk) ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt
index c4fdc43..426e1ac 100644
--- a/data/6.1/6.1_CVEs.txt
+++ b/data/6.1/6.1_CVEs.txt
@@ -95,11 +95,11 @@
CVE-2022-45919: Fix unknown
CVE-2022-45934: Fixed with 6.1
CVE-2022-47929: Fixed with 6.1.6
-CVE-2022-4842: Fix not seen in stream
-CVE-2023-0179: Fix unknown
+CVE-2022-4842: Fixed with 6.1.8
+CVE-2023-0179: Fixed with 6.1.7
CVE-2023-0210: Fixed with 6.1.5
CVE-2023-0266: Fixed with 6.1.6
CVE-2023-0394: Fixed with 6.1.7
CVE-2023-23454: Fixed with 6.1.5
CVE-2023-23455: Fixed with 6.1.5
-CVE-2023-23559: Fix unknown
+CVE-2023-23559: Fix not seen in stream
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt
index 2f6f9c7..e7960d7 100644
--- a/data/6.1/6.1_security.txt
+++ b/data/6.1/6.1_security.txt
@@ -30,8 +30,12 @@
CVE-2023-0266: d6ad4bd1d896ae1daffd7628cd50f124280fb8b1 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
CVEs fixed in 6.1.7:
+ CVE-2023-0179: 76ef74d4a379faa451003621a84e3498044e7aa3 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
CVE-2023-0394: 0afa5f0736584411771299074bbeca8c1f9706d4 ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
+CVEs fixed in 6.1.8:
+ CVE-2022-4842: ff3b1a624380c14b81f4e51c48e404a45f047aab fs/ntfs3: Fix attr_punch_hole() null pointer derenference
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -116,6 +120,4 @@
CVE-2022-45887: (unk)
CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition
CVE-2022-45919: (unk)
- CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference
- CVE-2023-0179: (unk)
- CVE-2023-23559: (unk)
+ CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
diff --git a/data/CVEs.txt b/data/CVEs.txt
index b5cb65b..8f84b2b 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2258,12 +2258,12 @@
CVE-2022-45919: (n/a) - (n/a) (unk to unk)
CVE-2022-45934: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - bcd70260ef56e0aee8a4fc6cd214a419900b0765 (v2.6.12-rc2 to v6.1)
CVE-2022-4662: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9c6d778800b921bde3bff3cff5003d1650f942d1 (v2.6.12-rc2 to v6.0-rc4)
-CVE-2022-4696: (n/a) - 44526bedc2ff8fcd58552e3c5bae928524b6f13c (unk to v5.12-rc1-dontuse)
+CVE-2022-4696: 0f203765880c4416675726be558b65da4a7604e2 - 44526bedc2ff8fcd58552e3c5bae928524b6f13c (v5.10-rc1 to v5.12-rc1-dontuse)
CVE-2022-47518: 4fb8b5aa2a1126783ae00bae544d6f3c519408ef - 0cdfa9e6f0915e3d243e2393bfa8a22e12d553b0 (v5.7-rc1 to v6.1-rc8)
CVE-2022-47519: 4fb8b5aa2a1126783ae00bae544d6f3c519408ef - 051ae669e4505abbe05165bebf6be7922de11f41 (v5.7-rc1 to v6.1-rc8)
CVE-2022-47520: c5c77ba18ea66aa05441c71e38473efb787705a4 - cd21d99e595ec1d8721e1058dcdd4f1f7de1d793 (v4.2-rc1 to v6.1-rc8)
CVE-2022-47521: 4fb8b5aa2a1126783ae00bae544d6f3c519408ef - f9b62f9843c7b0afdaecabbcebf1dbba18599408 (v5.7-rc1 to v6.1-rc8)
-CVE-2022-47929: (n/a) - 96398560f26aa07e8f2969d73c8197e6a6d10407 (unk to v6.2-rc4)
+CVE-2022-47929: d66d6c3152e8d5a6db42a56bf7ae1c6cae87ba48 - 96398560f26aa07e8f2969d73c8197e6a6d10407 (v4.3-rc1 to v6.2-rc4)
CVE-2022-47938: e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - 824d4f64c20093275f72fc8101394d75ff6a249e (v5.15-rc1 to v6.0-rc1)
CVE-2022-47939: e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - cf6531d98190fa2cf92a6d8bbc8af0a4740a223c (v5.15-rc1 to v6.0-rc1)
CVE-2022-47940: e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - 158a66b245739e15858de42c0ba60fcf3de9b8e6 (v5.15-rc1 to v5.19-rc1)
@@ -2275,11 +2275,13 @@
CVE-2023-0030: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 729eba3355674f2d9524629b73683ba1d1cd3f10 (v2.6.12-rc2 to v5.0-rc1)
CVE-2023-0047: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 60e2793d440a3ec95abb5d6d4fc034a4b480472d (v2.6.12-rc2 to v5.16-rc1)
CVE-2023-0122: db1312dd95488b5e6ff362ff66fcf953a46b1821 - da0342a3aa0357795224e6283df86444e1117168 (v6.0-rc1 to v6.0-rc4)
-CVE-2023-0179: f6ae9f120dada00abfb47313364c35118469455f - (n/a) (v5.5-rc1 to unk)
+CVE-2023-0179: f6ae9f120dada00abfb47313364c35118469455f - 696e1a48b1a1b01edad542a1ef293665864a4dd0 (v5.5-rc1 to v6.2-rc5)
CVE-2023-0210: e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - 797805d81baa814f76cf7bdab35f86408a79d707 (v5.15-rc1 to v6.2-rc4)
CVE-2023-0266: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56b88b50565cd8b946a2d00b0c83927b7ebb055e (v2.6.12-rc2 to v6.2-rc4)
CVE-2023-0394: 357b40a18b04c699da1d45608436e9b76b50e251 - cb3e9864cdbe35ff6378966660edbcbac955fe17 (v2.6.12-rc3 to v6.2-rc4)
+CVE-2023-0468: aa43477b040251f451db0d844073ac00a8ab66ee - a26a35e9019fd70bf3cf647dcfdae87abc7bacea (v5.17-rc1 to v6.1-rc7)
+CVE-2023-0469: (n/a) - 9d94c04c0db024922e886c9fd429659f22f48ea4 (unk to v6.1-rc7)
CVE-2023-20928: dd2283f2605e3b3e9c61bcae844b34f2afa4813f - a43cfc87caaf46710c8027a8c23b8a55f1078f19 (v4.20-rc1 to v6.0-rc1)
CVE-2023-23454: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 (v2.6.12-rc2 to v6.2-rc3)
CVE-2023-23455: b0188d4dbe5f4285372dd033acf7c92a97006629 - a2965c7be0522eaa18808684b7b82b248515511b (v2.6.23-rc1 to v6.2-rc3)
-CVE-2023-23559: (n/a) - (n/a) (unk to unk)
+CVE-2023-23559: 80f8c5b434f94926c6489d7350d58aecb53ab70f - b870e73a56c4cccbec33224233eaf295839f228c (v2.6.35-rc1 to v6.2-rc5)
diff --git a/data/cmts.json b/data/cmts.json
index 6d1aa69..9a3f79f 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -175,6 +175,7 @@
"0eab121ef8750a5c8637d51534d5e9143fb0633f": "v4.9",
"0efe125cfb99e6773a7434f3463f7c2fa28f3a43": "v6.0-rc5",
"0f12156dff2862ac54235fc72703f18770769042": "v5.15-rc1",
+ "0f203765880c4416675726be558b65da4a7604e2": "v5.10-rc1",
"0f2122045b946241a9e549c2a76cea54fa58a7ff": "v5.10-rc1",
"0f2af21aae11972fa924374ddcf52e88347cf5a8": "v4.1-rc1",
"0f2ff82e11c86c05d051cae32b58226392d33bbf": "v4.10-rc6",
@@ -1278,6 +1279,7 @@
"690b2549b19563ec5ad53e5c82f6a944d910086e": "v5.19-rc1",
"6934da9238da947628be83635e365df41064b09b": "v4.4-rc1",
"69664cf16af4f31cd54d77948a4baf9c7e0ca7b9": "v2.6.26-rc1",
+ "696e1a48b1a1b01edad542a1ef293665864a4dd0": "v6.2-rc5",
"6994eefb0053799d2e07cd140df6c2ea106c41ee": "v5.2",
"69ae4f6aac1578575126319d3f55550e7e440449": "v5.2-rc6",
"69c433ed2ecd2d3264efd7afec4439524b319121": "v3.18-rc2",
@@ -1567,6 +1569,7 @@
"80c802f3073e84c956846e921e8a0b02dfa3755f": "v2.6.35-rc1",
"80c9abaabf4283f7cf4a0b3597cd302506635b7f": "v2.6.21-rc1",
"80caf43549e7e41a695c6d1e11066286538b336f": "v5.2-rc4",
+ "80f8c5b434f94926c6489d7350d58aecb53ab70f": "v2.6.35-rc1",
"810bc075f78ff2c221536eb3008eac6a492dba2d": "v4.2-rc3",
"81196976ed946cbf36bb41ddda402853c7df7cfa": "v4.16-rc1",
"8148a73c9901a8794a50f950083c00ccf97d43b3": "v4.6-rc7",
@@ -1894,6 +1897,7 @@
"9d47964bfd471f0dd4c89f28556aec68bffa0020": "v4.9-rc1",
"9d538fa60bad4f7b23193c89e843797a1cf71ef3": "v4.14-rc4",
"9d71dd0c70099914fcd063135da3c580865e924c": "v5.4-rc1",
+ "9d94c04c0db024922e886c9fd429659f22f48ea4": "v6.1-rc7",
"9dc956b2c8523aed39d1e6508438be9fea28c8fc": "v4.19-rc1",
"9dd78194a3722fa6712192cdd4f7032d45112a9a": "v5.17-rc8",
"9de4ee40547fd315d4a0ed1dd15a2fa3559ad707": "v4.17-rc3",
@@ -1952,6 +1956,7 @@
"a23740ec43ba022dbfd139d0fe3eff193216272b": "v5.5-rc1",
"a246b4d547708f33ff4d4b9a7a5dbac741dc89d8": "v5.7-rc1",
"a24fa22ce22ae302b3bf8f7008896d52d5d57b8d": "v4.12-rc7",
+ "a26a35e9019fd70bf3cf647dcfdae87abc7bacea": "v6.1-rc7",
"a27a94c2b0c727517c17cf2ca3a9f7291caadfbc": "v4.20-rc1",
"a2855afc7ee88475e8feb16840b23f787bfc994d": "v5.12-rc1-dontuse",
"a28ebea2adc4a2bef5989a5a181ec238f59fbcad": "v4.8-rc2",
@@ -2051,6 +2056,7 @@
"a9e7f6544b9cebdae54d29f87a7ba2a83c0471b5": "v4.13-rc1",
"a9ed4a6560b8562b7e2e2bed9527e88001f7b682": "v5.9-rc2",
"aa184e8671f0f911fc2fb3f68cd506e4d7838faa": "v5.18",
+ "aa43477b040251f451db0d844073ac00a8ab66ee": "v5.17-rc1",
"aa5873e96271611ae55586f65e49ea1fab90cb88": "v2.6.36-rc1",
"aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba": "v5.13-rc1",
"aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13": "v5.17-rc8",
@@ -2217,6 +2223,7 @@
"b8670c09f37bdf2847cc44f36511a53afc6161fd": "v4.6",
"b86dab054059b970111b5516ae548efaae5b3aae": "v5.8-rc1",
"b86e33075ed1909d8002745b56ecf73b833db143": "v4.11-rc1",
+ "b870e73a56c4cccbec33224233eaf295839f228c": "v6.2-rc5",
"b892bf75b2034e0e4af23da9a276160b8ad26c15": "v3.14-rc1",
"b8a8684502a0fc852afa0056c6bb2a9273f6fcc0": "v3.15-rc1",
"b8d17e7d93d2beb89e4f34c59996376b8b544792": "v5.5-rc1",
@@ -2606,6 +2613,7 @@
"d64a1f574a2957b4bcb06452d36cc1c6bf16e9fc": "v5.3-rc1",
"d64c2a76123f0300b08d0557ad56e9d599872a36": "v4.17-rc1",
"d661684cf6820331feae71146c35da83d794467e": "v3.11",
+ "d66d6c3152e8d5a6db42a56bf7ae1c6cae87ba48": "v4.3-rc1",
"d67ae825a59d639e4d8b82413af84d854617a87e": "v4.0-rc1",
"d6d86830705f173fca6087a3e67ceaf68db80523": "v5.16",
"d6de3097592b7ae7f8e233a4dafb088e2aa8170f": "v2.6.25-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index ffb1933..5489202 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -75999,8 +75999,8 @@
},
"cwe": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"fixes": "f9bf6c03eca1077cae8de0e6d86427656fa42a9b",
- "last_modified": "2023-01-02",
- "nvd_text": "A vulnerability was found in Linux Kernel and classified as problematic. This issue affects the function hugetlb_no_page of the file mm/hugetlb.c. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211019.",
+ "last_modified": "2023-01-27",
+ "nvd_text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3522",
"ExploitDB": "https://www.exploit-db.com/search?cve=2022-3522",
@@ -76008,7 +76008,8 @@
"Red Hat": "https://access.redhat.com/security/cve/CVE-2022-3522",
"SUSE": "https://www.suse.com/security/cve/CVE-2022-3522",
"Ubuntu": "https://ubuntu.com/security/CVE-2022-3522"
- }
+ },
+ "rejected": true
},
"CVE-2022-3523": {
"affected_versions": "v2.6.12-rc2 to v6.1-rc1",
@@ -76368,7 +76369,7 @@
"cwe": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"fixes": "2568a7e0832ee30b0a351016d03062ab4e0e0a3f",
"last_affected_version": "6.0.2",
- "last_modified": "2023-01-02",
+ "last_modified": "2023-01-27",
"nvd_text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3565",
@@ -76667,7 +76668,7 @@
"cwe": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"fixes": "fac35ba763ed07ba93154c95ffc0c4a55023707f",
"last_affected_version": "6.0.2",
- "last_modified": "2023-01-02",
+ "last_modified": "2023-01-27",
"nvd_text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3623",
@@ -76742,10 +76743,22 @@
"affected_versions": "v3.8-rc1 to v6.1-rc5",
"breaks": "5c36b99add5c3212b6cdb97cc206e1e3e0fa1e3c",
"cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Physical",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 6.6
+ },
"cwe": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"fixes": "6788ba8aed4e28e90f72d68a9d794e34eac17295",
"last_affected_version": "6.0.7",
- "last_modified": "2023-01-13",
+ "last_modified": "2023-01-27",
"nvd_text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3628",
@@ -77383,10 +77396,22 @@
"affected_versions": "v5.18-rc1 to v6.1-rc1",
"breaks": "63ed1aab3d40aa61aaa66819bdce9377ac7f40fa",
"cmt_msg": "mctp: prevent double key removal and unref",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"cwe": "Use After Free",
"fixes": "3a732b46736cd8a29092e4b0b1a9ba83e672bf89",
"last_affected_version": "6.0.1",
- "last_modified": "2023-01-13",
+ "last_modified": "2023-01-27",
"nvd_text": "A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3977",
@@ -77845,10 +77870,22 @@
"affected_versions": "v2.6.12-rc2 to v5.18-rc2",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "drivers: net: slip: fix NPD bug in sl_tx_timeout()",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
+ "score": 7.1
+ },
"cwe": "Use After Free",
"fixes": "ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
"last_affected_version": "5.17.3",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-41858",
@@ -78677,8 +78714,8 @@
}
},
"CVE-2022-4696": {
- "affected_versions": "unk to v5.12-rc1-dontuse",
- "breaks": "",
+ "affected_versions": "v5.10-rc1 to v5.12-rc1-dontuse",
+ "breaks": "0f203765880c4416675726be558b65da4a7604e2",
"cmt_msg": "io_uring: remove any grabbing of context",
"cvss3": {
"Attack Complexity": "Low",
@@ -78694,7 +78731,7 @@
},
"cwe": "Use After Free",
"fixes": "44526bedc2ff8fcd58552e3c5bae928524b6f13c",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag, which signals that the operation won't use current->nsproxy, so its reference counter is not increased. This assumption is not always true as calling io_splice on specific files will call the get_uts function which will use current->nsproxy leading to invalidly decreasing its reference counter later causing the use-after-free vulnerability. We recommend upgrading to version 5.10.160 or above",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-4696",
@@ -78826,12 +78863,25 @@
}
},
"CVE-2022-47929": {
- "affected_versions": "unk to v6.2-rc4",
- "breaks": "",
+ "affected_versions": "v4.3-rc1 to v6.2-rc4",
+ "breaks": "d66d6c3152e8d5a6db42a56bf7ae1c6cae87ba48",
"cmt_msg": "net: sched: disallow noqueue for qdisc classes",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
+ "cwe": "NULL Pointer Dereference",
"fixes": "96398560f26aa07e8f2969d73c8197e6a6d10407",
"last_affected_version": "6.1.5",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with \"tc qdisc\" and \"tc class\" commands. This affects qdisc_graft in net/sched/sch_api.c.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-47929",
@@ -79055,9 +79105,22 @@
"affected_versions": "v5.15-rc1 to v6.2-rc1",
"breaks": "be71b5cba2e6485e8959da7a9f9a44461a1bb074",
"cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
"cwe": "NULL Pointer Dereference",
"fixes": "6d5c9e79b726cc473d40e9cb60976dbe8e669624",
- "last_modified": "2023-01-13",
+ "last_affected_version": "6.1.7",
+ "last_modified": "2023-01-27",
"nvd_text": "A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-4842",
@@ -79102,9 +79165,21 @@
"CVE-2023-0122": {
"affected_versions": "v6.0-rc1 to v6.0-rc4",
"breaks": "db1312dd95488b5e6ff362ff66fcf953a46b1821",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Network",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "score": 7.5
+ },
"cwe": "NULL Pointer Dereference",
"fixes": "da0342a3aa0357795224e6283df86444e1117168",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0122",
@@ -79116,10 +79191,12 @@
}
},
"CVE-2023-0179": {
- "affected_versions": "v5.5-rc1 to unk",
+ "affected_versions": "v5.5-rc1 to v6.2-rc5",
"breaks": "f6ae9f120dada00abfb47313364c35118469455f",
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits",
"fixes": "696e1a48b1a1b01edad542a1ef293665864a4dd0",
- "last_modified": "2023-01-20",
+ "last_affected_version": "6.1.6",
+ "last_modified": "2023-01-27",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0179",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-0179",
@@ -79165,9 +79242,11 @@
"affected_versions": "v2.6.12-rc3 to v6.2-rc4",
"breaks": "357b40a18b04c699da1d45608436e9b76b50e251",
"cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames",
+ "cwe": "NULL Pointer Dereference",
"fixes": "cb3e9864cdbe35ff6378966660edbcbac955fe17",
"last_affected_version": "6.1.6",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
+ "nvd_text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0394",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-0394",
@@ -79177,13 +79256,49 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-0394"
}
},
+ "CVE-2023-0468": {
+ "affected_versions": "v5.17-rc1 to v6.1-rc7",
+ "breaks": "aa43477b040251f451db0d844073ac00a8ab66ee",
+ "cmt_msg": "io_uring: make poll refs more robust",
+ "fixes": "a26a35e9019fd70bf3cf647dcfdae87abc7bacea",
+ "last_affected_version": "6.0.10",
+ "last_modified": "2023-01-27",
+ "nvd_text": "A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0468",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-0468",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-0468",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-0468",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-0468",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-0468"
+ }
+ },
+ "CVE-2023-0469": {
+ "affected_versions": "unk to v6.1-rc7",
+ "breaks": "",
+ "cmt_msg": "io_uring/filetable: fix file reference underflow",
+ "cwe": "Integer Underflow (Wrap or Wraparound)",
+ "fixes": "9d94c04c0db024922e886c9fd429659f22f48ea4",
+ "last_affected_version": "6.0.10",
+ "last_modified": "2023-01-27",
+ "nvd_text": "A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0469",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-0469",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-0469",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-0469",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-0469",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-0469"
+ }
+ },
"CVE-2023-20928": {
"affected_versions": "v4.20-rc1 to v6.0-rc1",
"breaks": "dd2283f2605e3b3e9c61bcae844b34f2afa4813f",
"cmt_msg": "android: binder: stop saving a pointer to the VMA",
"fixes": "a43cfc87caaf46710c8027a8c23b8a55f1078f19",
"last_affected_version": "5.18.17",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
+ "nvd_text": "In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-20928",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-20928",
@@ -79197,9 +79312,22 @@
"affected_versions": "v2.6.12-rc2 to v6.2-rc3",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
+ "cwe": "Access of Resource Using Incompatible Type ('Type Confusion')",
"fixes": "caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12",
"last_affected_version": "6.1.4",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-23454",
@@ -79214,9 +79342,22 @@
"affected_versions": "v2.6.23-rc1 to v6.2-rc3",
"breaks": "b0188d4dbe5f4285372dd033acf7c92a97006629",
"cmt_msg": "net: sched: atm: dont intepret cls results when asked to drop",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
+ "cwe": "Access of Resource Using Incompatible Type ('Type Confusion')",
"fixes": "a2965c7be0522eaa18808684b7b82b248515511b",
"last_affected_version": "6.1.4",
- "last_modified": "2023-01-20",
+ "last_modified": "2023-01-27",
"nvd_text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-23455",
@@ -79228,10 +79369,24 @@
}
},
"CVE-2023-23559": {
- "affected_versions": "unk to unk",
- "breaks": "",
- "fixes": "",
- "last_modified": "2023-01-20",
+ "affected_versions": "v2.6.35-rc1 to v6.2-rc5",
+ "breaks": "80f8c5b434f94926c6489d7350d58aecb53ab70f",
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "cwe": "Integer Overflow or Wraparound",
+ "fixes": "b870e73a56c4cccbec33224233eaf295839f228c",
+ "last_modified": "2023-01-27",
"nvd_text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-23559",
diff --git a/data/stream_data.json b/data/stream_data.json
index 4431cea..7feb117 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -2613,7 +2613,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -3371,9 +3371,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-18683": {
"cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop"
},
@@ -3698,9 +3695,6 @@
"CVE-2016-5243": {
"cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2019-16746": {
"cmt_msg": "nl80211: validate beacon head"
},
@@ -3950,6 +3944,9 @@
"CVE-2019-16230": {
"cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -5256,7 +5253,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -5666,6 +5663,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -6305,9 +6305,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -8512,7 +8509,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -8871,6 +8868,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -9453,9 +9453,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -11474,7 +11471,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -11863,6 +11860,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -12472,9 +12472,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -14471,7 +14468,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -14818,6 +14815,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -15361,9 +15361,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -19953,7 +19950,7 @@
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
@@ -20048,9 +20045,6 @@
"CVE-2018-7754": {
"cmt_msg": "printk: hash addresses printed with %p"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-20855": {
"cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace"
},
@@ -20426,6 +20420,9 @@
"CVE-2021-32078": {
"cmt_msg": "ARM: footbridge: remove personal server platform"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
@@ -21371,7 +21368,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -21715,6 +21712,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -22216,9 +22216,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -24035,7 +24032,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -24382,6 +24379,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -24910,9 +24910,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -29039,9 +29036,6 @@
"CVE-2019-20908": {
"cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-15239": {
"cmt_msg": "unknown"
},
@@ -29253,7 +29247,7 @@
"cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
@@ -29378,6 +29372,9 @@
"CVE-2021-32078": {
"cmt_msg": "ARM: footbridge: remove personal server platform"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-10220": {
"cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()"
},
@@ -30277,7 +30274,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -30627,6 +30624,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -31110,9 +31110,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-19073": {
"cmt_msg": "ath9k_htc: release allocated buffer if timed out"
},
@@ -34255,7 +34252,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -35187,9 +35184,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -35580,9 +35574,6 @@
"CVE-2019-15216": {
"cmt_msg": "USB: yurex: Fix protection fault after device removal"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2019-16746": {
"cmt_msg": "nl80211: validate beacon head"
},
@@ -35892,6 +35883,9 @@
"CVE-2020-10742": {
"cmt_msg": "new helper: iov_iter_get_pages_alloc()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -38030,7 +38024,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -39061,9 +39055,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -39487,9 +39478,6 @@
"CVE-2019-15216": {
"cmt_msg": "USB: yurex: Fix protection fault after device removal"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2019-16746": {
"cmt_msg": "nl80211: validate beacon head"
},
@@ -39841,6 +39829,9 @@
"CVE-2020-10742": {
"cmt_msg": "new helper: iov_iter_get_pages_alloc()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -43332,7 +43323,7 @@
"cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -43877,9 +43868,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -44126,9 +44114,6 @@
"CVE-2021-35477": {
"cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2022-2209": {
"cmt_msg": ""
},
@@ -44330,6 +44315,9 @@
"CVE-2019-16230": {
"cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -47302,7 +47290,7 @@
"cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -47610,9 +47598,6 @@
"CVE-2022-23036": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2022-20566": {
"cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"
},
@@ -48336,9 +48321,6 @@
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2019-16746": {
"cmt_msg": "nl80211: validate beacon head"
},
@@ -48567,6 +48549,9 @@
"CVE-2020-10742": {
"cmt_msg": "new helper: iov_iter_get_pages_alloc()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -48901,96 +48886,127 @@
}
},
"6.1.7": {
+ "CVE-2023-0179": {
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits",
+ "cmt_id": "76ef74d4a379faa451003621a84e3498044e7aa3"
+ },
"CVE-2023-0394": {
"cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames",
"cmt_id": "0afa5f0736584411771299074bbeca8c1f9706d4"
}
},
+ "6.1.8": {
+ "CVE-2022-4842": {
+ "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference",
+ "cmt_id": "ff3b1a624380c14b81f4e51c48e404a45f047aab"
+ }
+ },
"outstanding": {
- "CVE-2020-26556": {
+ "CVE-2018-17977": {
"cmt_msg": ""
},
- "CVE-2020-26557": {
- "cmt_msg": ""
- },
- "CVE-2019-20794": {
- "cmt_msg": ""
- },
- "CVE-2020-26559": {
- "cmt_msg": ""
- },
- "CVE-2020-35501": {
- "cmt_msg": ""
- },
- "CVE-2022-38457": {
- "cmt_msg": ""
- },
- "CVE-2018-1121": {
- "cmt_msg": ""
- },
- "CVE-2019-19378": {
- "cmt_msg": ""
- },
- "CVE-2020-24503": {
- "cmt_msg": ""
- },
- "CVE-2020-24502": {
- "cmt_msg": ""
- },
- "CVE-2023-23559": {
- "cmt_msg": ""
- },
- "CVE-2020-11725": {
- "cmt_msg": ""
- },
- "CVE-2022-23825": {
- "cmt_msg": ""
- },
- "CVE-2023-0179": {
- "cmt_msg": ""
- },
- "CVE-2021-3864": {
- "cmt_msg": ""
- },
- "CVE-2019-19814": {
- "cmt_msg": ""
- },
- "CVE-2022-2209": {
- "cmt_msg": ""
- },
- "CVE-2021-26934": {
- "cmt_msg": ""
- },
- "CVE-2016-8660": {
+ "CVE-2022-26878": {
"cmt_msg": ""
},
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2022-36402": {
+ "CVE-2020-26557": {
"cmt_msg": ""
},
"CVE-2008-2544": {
"cmt_msg": ""
},
+ "CVE-2010-5321": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12930": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12931": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-35501": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-44034": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26556": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-15902": {
+ "cmt_msg": "unknown"
+ },
+ "CVE-2022-38096": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2209": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-39801": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-39800": {
+ "cmt_msg": ""
+ },
"CVE-2022-2196": {
"cmt_msg": "KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS"
},
"CVE-2019-15239": {
"cmt_msg": "unknown"
},
- "CVE-2007-3719": {
+ "CVE-2018-1121": {
"cmt_msg": ""
},
- "CVE-2022-2961": {
+ "CVE-2007-3719": {
"cmt_msg": ""
},
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2022-36402": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-19378": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-45884": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-4269": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-4543": {
+ "cmt_msg": ""
+ },
+ "CVE-2008-4609": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-14304": {
+ "cmt_msg": ""
+ },
+ "CVE-2005-3660": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3544": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-45888": {
+ "cmt_msg": "char: xillybus: Prevent use-after-free due to race condition"
+ },
+ "CVE-2021-3542": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-0347": {
+ "cmt_msg": ""
+ },
"CVE-2022-40133": {
"cmt_msg": ""
},
+ "CVE-2022-38457": {
+ "cmt_msg": ""
+ },
"CVE-2010-4563": {
"cmt_msg": ""
},
@@ -49003,61 +49019,10 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-1247": {
+ "CVE-2020-24503": {
"cmt_msg": ""
},
- "CVE-2022-4842": {
- "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference"
- },
- "CVE-2020-10708": {
- "cmt_msg": ""
- },
- "CVE-2022-4543": {
- "cmt_msg": ""
- },
- "CVE-2017-13693": {
- "cmt_msg": ""
- },
- "CVE-2021-0399": {
- "cmt_msg": ""
- },
- "CVE-2017-13694": {
- "cmt_msg": ""
- },
- "CVE-2020-36516": {
- "cmt_msg": ""
- },
- "CVE-2012-4542": {
- "cmt_msg": ""
- },
- "CVE-2022-4382": {
- "cmt_msg": ""
- },
- "CVE-2013-7445": {
- "cmt_msg": ""
- },
- "CVE-2005-3660": {
- "cmt_msg": ""
- },
- "CVE-2022-38096": {
- "cmt_msg": ""
- },
- "CVE-2022-3544": {
- "cmt_msg": ""
- },
- "CVE-2022-3238": {
- "cmt_msg": ""
- },
- "CVE-2008-4609": {
- "cmt_msg": ""
- },
- "CVE-2020-14304": {
- "cmt_msg": ""
- },
- "CVE-2020-0347": {
- "cmt_msg": ""
- },
- "CVE-2021-3714": {
+ "CVE-2020-24502": {
"cmt_msg": ""
},
"CVE-2019-12456": {
@@ -49069,64 +49034,10 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
- "CVE-2022-3642": {
+ "CVE-2019-20794": {
"cmt_msg": ""
},
- "CVE-2011-4917": {
- "cmt_msg": ""
- },
- "CVE-2019-15902": {
- "cmt_msg": "unknown"
- },
- "CVE-2019-15290": {
- "cmt_msg": ""
- },
- "CVE-2018-17977": {
- "cmt_msg": ""
- },
- "CVE-2022-26878": {
- "cmt_msg": ""
- },
- "CVE-2022-41848": {
- "cmt_msg": ""
- },
- "CVE-2022-1116": {
- "cmt_msg": ""
- },
- "CVE-2010-5321": {
- "cmt_msg": ""
- },
- "CVE-2018-12930": {
- "cmt_msg": ""
- },
- "CVE-2018-12931": {
- "cmt_msg": ""
- },
- "CVE-2021-39801": {
- "cmt_msg": ""
- },
- "CVE-2021-39800": {
- "cmt_msg": ""
- },
- "CVE-2022-4269": {
- "cmt_msg": ""
- },
- "CVE-2022-45885": {
- "cmt_msg": ""
- },
- "CVE-2022-45884": {
- "cmt_msg": ""
- },
- "CVE-2022-45887": {
- "cmt_msg": ""
- },
- "CVE-2022-45886": {
- "cmt_msg": ""
- },
- "CVE-2022-45888": {
- "cmt_msg": "char: xillybus: Prevent use-after-free due to race condition"
- },
- "CVE-2021-3542": {
+ "CVE-2021-3714": {
"cmt_msg": ""
},
"CVE-2018-12929": {
@@ -49135,35 +49046,113 @@
"CVE-2018-12928": {
"cmt_msg": ""
},
+ "CVE-2020-11725": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26559": {
+ "cmt_msg": ""
+ },
"CVE-2020-25220": {
"cmt_msg": ""
},
+ "CVE-2022-1116": {
+ "cmt_msg": ""
+ },
"CVE-2015-2877": {
"cmt_msg": ""
},
+ "CVE-2022-23825": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-45885": {
+ "cmt_msg": ""
+ },
"CVE-2019-16089": {
"cmt_msg": ""
},
+ "CVE-2022-41848": {
+ "cmt_msg": ""
+ },
"CVE-2022-0400": {
"cmt_msg": ""
},
- "CVE-2022-44034": {
+ "CVE-2021-3864": {
"cmt_msg": ""
},
"CVE-2022-44033": {
"cmt_msg": ""
},
- "CVE-2022-44032": {
+ "CVE-2019-19814": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-10708": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3238": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3642": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-1247": {
"cmt_msg": ""
},
"CVE-2021-3847": {
"cmt_msg": ""
},
+ "CVE-2022-2961": {
+ "cmt_msg": ""
+ },
+ "CVE-2017-13693": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-0399": {
+ "cmt_msg": ""
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
+ "CVE-2011-4917": {
+ "cmt_msg": ""
+ },
"CVE-2011-4916": {
"cmt_msg": ""
+ },
+ "CVE-2020-36516": {
+ "cmt_msg": ""
+ },
+ "CVE-2017-13694": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-45886": {
+ "cmt_msg": ""
+ },
+ "CVE-2012-4542": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-15290": {
+ "cmt_msg": ""
+ },
+ "CVE-2016-8660": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-26934": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-4382": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-45887": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-23559": {
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
+ },
+ "CVE-2013-7445": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-44032": {
+ "cmt_msg": ""
}
}
},
@@ -49335,6 +49324,14 @@
"cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use",
"cmt_id": "5ca2721b7d3ed4d3da6323a2ea7339f745866d83"
},
+ "CVE-2023-0468": {
+ "cmt_msg": "io_uring: make poll refs more robust",
+ "cmt_id": "bc4e6ee16778149811333a969a7a893d4cc110c5"
+ },
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow",
+ "cmt_id": "77a467a3e20978607c56aa4886f46f78ca287054"
+ },
"CVE-2022-47519": {
"cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute",
"cmt_id": "c4b629c29a51344a99f279e0bc0caffd25897725"
@@ -49452,7 +49449,7 @@
"cmt_msg": ""
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-11725": {
"cmt_msg": ""
@@ -49461,7 +49458,7 @@
"cmt_msg": ""
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-47929": {
"cmt_msg": "net: sched: disallow noqueue for qdisc classes"
@@ -50816,7 +50813,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -51244,6 +51241,9 @@
"CVE-2016-7913": {
"cmt_msg": "[media] xc2028: avoid use after free"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -51922,9 +51922,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -56905,6 +56902,9 @@
"CVE-2022-30594": {
"cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-4662": {
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
@@ -56957,7 +56957,7 @@
"cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -57145,8 +57145,8 @@
"CVE-2018-7273": {
"cmt_msg": "printk: hash addresses printed with %p"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
+ "CVE-2022-2153": {
+ "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()"
},
"CVE-2022-20566": {
"cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"
@@ -57301,9 +57301,6 @@
"CVE-2019-16921": {
"cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext"
},
- "CVE-2022-2153": {
- "cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -58718,7 +58715,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -59131,6 +59128,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -59785,9 +59785,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -62002,7 +61999,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -62415,6 +62412,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -63081,9 +63081,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -66310,7 +66307,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -67128,9 +67125,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -67494,9 +67488,6 @@
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
"CVE-2019-16746": {
"cmt_msg": "nl80211: validate beacon head"
},
@@ -67791,6 +67782,9 @@
"CVE-2019-16230": {
"cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2017-12168": {
"cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access"
},
@@ -68355,7 +68349,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -68718,7 +68712,7 @@
"cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -69320,9 +69314,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -69773,6 +69764,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -71069,7 +71063,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -72001,6 +71995,9 @@
"CVE-2017-15129": {
"cmt_msg": "net: Fix double free and memory corruption in get_net_ns_by_id()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-4037": {
"cmt_msg": "xfs: fix up non-directory creation in SGID directories"
},
@@ -72214,9 +72211,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -73676,7 +73670,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -74021,7 +74015,7 @@
"cmt_msg": "usb: gadget: function: printer: fix use-after-free in __lock_acquire"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -74575,9 +74569,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2022-20568": {
"cmt_msg": "Merge tag 'io_uring-worker.v3-2021-02-25' of git://git.kernel.dk/linux-block"
},
@@ -75019,6 +75010,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -75469,7 +75463,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -75802,7 +75796,7 @@
"cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -76320,9 +76314,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -76749,6 +76740,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -77146,7 +77140,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -77470,7 +77464,7 @@
"cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -77976,9 +77970,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -78384,6 +78375,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -82588,9 +82582,6 @@
"CVE-2018-7754": {
"cmt_msg": "printk: hash addresses printed with %p"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-1121": {
"cmt_msg": ""
},
@@ -82913,7 +82904,7 @@
"cmt_msg": "printk: hash addresses printed with %p"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
@@ -83086,6 +83077,9 @@
"CVE-2021-32078": {
"cmt_msg": "ARM: footbridge: remove personal server platform"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
@@ -84153,7 +84147,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -84563,6 +84557,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -85211,9 +85208,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -87399,7 +87393,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -87788,6 +87782,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -88418,9 +88415,6 @@
"CVE-2018-14633": {
"cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2018-12896": {
"cmt_msg": "posix-timers: Sanitize overrun handling"
},
@@ -90389,7 +90383,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -90727,6 +90721,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-34918": {
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
@@ -91174,9 +91171,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-19073": {
"cmt_msg": "ath9k_htc: release allocated buffer if timed out"
},
@@ -92805,7 +92799,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -93140,6 +93134,9 @@
"CVE-2022-1055": {
"cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-34918": {
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
@@ -93566,9 +93563,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-19073": {
"cmt_msg": "ath9k_htc: release allocated buffer if timed out"
},
@@ -95153,7 +95147,7 @@
"cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -95479,6 +95473,9 @@
"CVE-2022-1055": {
"cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2022-20008": {
"cmt_msg": "mmc: block: fix read single on recovery logic"
},
@@ -95887,9 +95884,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-19073": {
"cmt_msg": "ath9k_htc: release allocated buffer if timed out"
},
@@ -96955,7 +96949,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -97201,7 +97195,7 @@
"cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -97923,6 +97917,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -98305,7 +98302,7 @@
"cmt_msg": ""
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -98536,7 +98533,7 @@
"cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -99231,6 +99228,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -101108,6 +101108,10 @@
}
},
"5.10.164": {
+ "CVE-2023-0179": {
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits",
+ "cmt_id": "550efeff989b041f3746118c0ddd863c39ddc1aa"
+ },
"CVE-2023-0394": {
"cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames",
"cmt_id": "6c9e2c11c33c35563d34d12b343d43b5c12200b5"
@@ -101177,9 +101181,6 @@
"CVE-2022-1263": {
"cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push"
},
- "CVE-2023-0179": {
- "cmt_msg": ""
- },
"CVE-2021-3864": {
"cmt_msg": ""
},
@@ -101339,6 +101340,9 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -101391,7 +101395,7 @@
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
@@ -101847,7 +101851,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -102144,7 +102148,7 @@
"cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -102923,6 +102927,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
@@ -103539,7 +103546,7 @@
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -103554,7 +103561,7 @@
"cmt_msg": "ixgbe: add improvement for MDD response functionality"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-3521": {
"cmt_msg": "kcm: avoid potential race in kcm_tx_work"
@@ -103913,6 +103920,9 @@
"CVE-2022-1943": {
"cmt_msg": "udf: Avoid using stale lengthOfImpUse"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -104582,7 +104592,7 @@
"cmt_msg": ""
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -104597,7 +104607,7 @@
"cmt_msg": "ixgbe: add improvement for MDD response functionality"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-3521": {
"cmt_msg": "kcm: avoid potential race in kcm_tx_work"
@@ -104902,6 +104912,12 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0468": {
+ "cmt_msg": "io_uring: make poll refs more robust"
+ },
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -105384,7 +105400,7 @@
"cmt_msg": ""
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -105603,7 +105619,7 @@
"cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -106226,6 +106242,9 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -107546,11 +107565,21 @@
}
},
"5.15.89": {
+ "CVE-2023-0179": {
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits",
+ "cmt_id": "a8acfe2c6fb99f9375a9325807a179cd8c32e6e3"
+ },
"CVE-2023-0394": {
"cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames",
"cmt_id": "456e3794e08a0b59b259da666e31d0884b376bcf"
}
},
+ "5.15.90": {
+ "CVE-2022-4842": {
+ "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference",
+ "cmt_id": "9cca110cf8bb0653b423dba7a7c4cc23ccf91b28"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -107586,7 +107615,7 @@
"cmt_msg": ""
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-11725": {
"cmt_msg": ""
@@ -107597,9 +107626,6 @@
"CVE-2021-33061": {
"cmt_msg": "ixgbe: add improvement for MDD response functionality"
},
- "CVE-2023-0179": {
- "cmt_msg": ""
- },
"CVE-2021-3864": {
"cmt_msg": ""
},
@@ -107669,9 +107695,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-4842": {
- "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference"
- },
"CVE-2022-47940": {
"cmt_msg": "ksmbd: validate length in smb2_write()"
},
@@ -107735,6 +107758,9 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -108703,7 +108729,7 @@
"cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-10720": {
"cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()"
@@ -109053,6 +109079,9 @@
"CVE-2021-4002": {
"cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-38204": {
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
@@ -109527,9 +109556,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-19073": {
"cmt_msg": "ath9k_htc: release allocated buffer if timed out"
},
@@ -112803,9 +112829,6 @@
"CVE-2022-34918": {
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2019-15239": {
"cmt_msg": "unknown"
},
@@ -112932,6 +112955,9 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -112987,7 +113013,7 @@
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
@@ -113444,7 +113470,7 @@
"cmt_msg": ""
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -113456,7 +113482,7 @@
"cmt_msg": ""
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-3521": {
"cmt_msg": "kcm: avoid potential race in kcm_tx_work"
@@ -113716,6 +113742,12 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0468": {
+ "cmt_msg": "io_uring: make poll refs more robust"
+ },
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -114051,10 +114083,18 @@
"cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR",
"cmt_id": "c2a878095b5c6f04f90553a3c45872f990dab14e"
},
+ "CVE-2022-3623": {
+ "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page",
+ "cmt_id": "86a913d55c89dd13ba070a87f61a493563e94b54"
+ },
"CVE-2022-3594": {
"cmt_msg": "r8152: Rate limit overflow messages",
"cmt_id": "2e896abccf99fef76691d8e1019bd44105a12e1f"
},
+ "CVE-2022-3565": {
+ "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers",
+ "cmt_id": "1f76323ac43fe0b00677794c930dee9f66ea2999"
+ },
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()",
"cmt_id": "96c0c14135f5803f9e94e6da2ee9c4b012fdcb20"
@@ -114110,7 +114150,7 @@
"cmt_msg": ""
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2020-11725": {
"cmt_msg": ""
@@ -114119,7 +114159,7 @@
"cmt_msg": ""
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-3521": {
"cmt_msg": "kcm: avoid potential race in kcm_tx_work"
@@ -114232,9 +114272,6 @@
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
- "CVE-2022-3623": {
- "cmt_msg": "mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page"
- },
"CVE-2022-3435": {
"cmt_msg": "ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference"
},
@@ -114343,6 +114380,12 @@
"CVE-2021-3714": {
"cmt_msg": ""
},
+ "CVE-2023-0468": {
+ "cmt_msg": "io_uring: make poll refs more robust"
+ },
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-12456": {
"cmt_msg": ""
},
@@ -114403,8 +114446,8 @@
"CVE-2022-41849": {
"cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
- "CVE-2022-3565": {
- "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
+ "CVE-2022-41848": {
+ "cmt_msg": ""
},
"CVE-2022-1116": {
"cmt_msg": ""
@@ -114424,9 +114467,6 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
- "CVE-2022-4269": {
- "cmt_msg": ""
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -114439,7 +114479,7 @@
"CVE-2022-3564": {
"cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
},
- "CVE-2022-41848": {
+ "CVE-2022-4269": {
"cmt_msg": ""
},
"CVE-2022-36280": {
@@ -115379,7 +115419,7 @@
"cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -116065,9 +116105,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2022-3707": {
"cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry"
},
@@ -116575,6 +116612,9 @@
"CVE-2019-16230": {
"cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2019-16232": {
"cmt_msg": "libertas: fix a potential NULL pointer dereference"
},
@@ -116985,7 +117025,7 @@
"cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap"
},
"CVE-2023-0179": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
@@ -117333,7 +117373,7 @@
"cmt_msg": "usb: gadget: function: printer: fix use-after-free in __lock_acquire"
},
"CVE-2023-23559": {
- "cmt_msg": ""
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
},
"CVE-2022-39842": {
"cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
@@ -117908,9 +117948,6 @@
"CVE-2021-0512": {
"cmt_msg": "HID: make arrays usage and value to be the same"
},
- "CVE-2022-4696": {
- "cmt_msg": "io_uring: remove any grabbing of context"
- },
"CVE-2020-0347": {
"cmt_msg": ""
},
@@ -118358,6 +118395,9 @@
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
+ "CVE-2023-0469": {
+ "cmt_msg": "io_uring/filetable: fix file reference underflow"
+ },
"CVE-2021-3894": {
"cmt_msg": "sctp: account stream padding length for reconf chunk"
},
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index 374ff3f..71b847b 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -34510,6 +34510,10 @@
"cmt_id": "7bfa18b05f381162c9d38192bbf0179f1142dd38",
"fixed_version": "5.15.75"
},
+ "5.19": {
+ "cmt_id": "1f76323ac43fe0b00677794c930dee9f66ea2999",
+ "fixed_version": "5.19.17"
+ },
"5.4": {
"cmt_id": "466ed722f205c2cf8caba5982f3cd9729e767903",
"fixed_version": "5.4.220"
@@ -34694,6 +34698,10 @@
"cmt_id": "3a44ae4afaa5318baed3c6e2959f24454e0ae4ff",
"fixed_version": "5.15.78"
},
+ "5.19": {
+ "cmt_id": "86a913d55c89dd13ba070a87f61a493563e94b54",
+ "fixed_version": "5.19.17"
+ },
"5.4": {
"cmt_id": "176ba4c19d1bb153aa6baaa61d586e785b7d736c",
"fixed_version": "5.4.228"
@@ -35831,6 +35839,16 @@
"fixed_version": "5.19.2"
}
},
+ "CVE-2022-4842": {
+ "5.15": {
+ "cmt_id": "9cca110cf8bb0653b423dba7a7c4cc23ccf91b28",
+ "fixed_version": "5.15.90"
+ },
+ "6.1": {
+ "cmt_id": "ff3b1a624380c14b81f4e51c48e404a45f047aab",
+ "fixed_version": "6.1.8"
+ }
+ },
"CVE-2023-0047": {
"4.14": {
"cmt_id": "bed55513692e0dc720f02ad7da3e528c55e0b663",
@@ -35861,6 +35879,20 @@
"fixed_version": "5.4.160"
}
},
+ "CVE-2023-0179": {
+ "5.10": {
+ "cmt_id": "550efeff989b041f3746118c0ddd863c39ddc1aa",
+ "fixed_version": "5.10.164"
+ },
+ "5.15": {
+ "cmt_id": "a8acfe2c6fb99f9375a9325807a179cd8c32e6e3",
+ "fixed_version": "5.15.89"
+ },
+ "6.1": {
+ "cmt_id": "76ef74d4a379faa451003621a84e3498044e7aa3",
+ "fixed_version": "6.1.7"
+ }
+ },
"CVE-2023-0210": {
"5.15": {
"cmt_id": "e32f867b37da7902685c9a106bef819506aa1a92",
@@ -35927,6 +35959,18 @@
"fixed_version": "6.1.7"
}
},
+ "CVE-2023-0468": {
+ "6.0": {
+ "cmt_id": "bc4e6ee16778149811333a969a7a893d4cc110c5",
+ "fixed_version": "6.0.11"
+ }
+ },
+ "CVE-2023-0469": {
+ "6.0": {
+ "cmt_id": "77a467a3e20978607c56aa4886f46f78ca287054",
+ "fixed_version": "6.0.11"
+ }
+ },
"CVE-2023-20928": {
"5.15": {
"cmt_id": "622ef885a89ad04cfb76ee478fb44f051125d1f1",
