Update 30May22 [ci skip]
diff --git a/CHANGES.md b/CHANGES.md index 63f6c51..4ecb305 100644 --- a/CHANGES.md +++ b/CHANGES.md
@@ -1,18 +1,54 @@ # **Linux Kernel CVE Changes** -## Last Update - 26May22 10:27 +## Last Update - 31May22 07:07 + +### **New CVEs Added:** + +[CVE-2022-1462](cves/CVE-2022-1462) +[CVE-2022-1882](cves/CVE-2022-1882) + ### **New Versions Checked:** -[4.14.281](streams/4.14) +[3.12.74](streams/3.12) +[3.14.79](streams/3.14) +[3.16.85](streams/3.16) +[3.18.140](streams/3.18) +[3.2.102](streams/3.2) +[4.10.17](streams/4.10) +[4.11.12](streams/4.11) +[4.12.14](streams/4.12) +[4.13.16](streams/4.13) +[4.15.18](streams/4.15) +[4.16.18](streams/4.16) +[4.17.19](streams/4.17) +[4.18.20](streams/4.18) [4.19.245](streams/4.19) -[4.4.302](streams/4.4) -[4.9.316](streams/4.9) -[5.10.118](streams/5.10) -[5.15.43](streams/5.15) -[5.16.20](streams/5.16) -[5.17.11](streams/5.17) -[5.4.196](streams/5.4) +[4.20.17](streams/4.20) +[4.3.6](streams/4.3) +[4.5.7](streams/4.5) +[4.6.7](streams/4.6) +[4.7.10](streams/4.7) +[4.8.17](streams/4.8) +[5.0.21](streams/5.0) +[5.11.22](streams/5.11) +[5.12.19](streams/5.12) +[5.13.19](streams/5.13) +[5.14.21](streams/5.14) +[5.18](streams/5.18) +[5.2.21](streams/5.2) +[5.3.18](streams/5.3) +[5.5.19](streams/5.5) +[5.6.19](streams/5.6) +[5.7.19](streams/5.7) +[5.8.18](streams/5.8) +[5.9.16](streams/5.9) +### **Updated CVEs:** + +[CVE-2021-1048](cves/CVE-2021-1048) +[CVE-2021-39634](cves/CVE-2021-39634) +[CVE-2022-0812](cves/CVE-2022-0812) +[CVE-2022-1419](cves/CVE-2022-1419)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt index 0904d6f..435c479 100644 --- a/data/3.12/3.12_CVEs.txt +++ b/data/3.12/3.12_CVEs.txt
@@ -622,6 +622,7 @@ CVE-2018-20855: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -725,7 +726,6 @@ CVE-2019-15291: Fix not seen in stream CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -867,7 +867,7 @@ CVE-2020-11669: Fix not seen in stream CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -905,7 +905,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -939,7 +938,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -959,6 +958,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -971,22 +971,22 @@ CVE-2021-0447: Fix not seen in stream CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fixed with 3.12.56 CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream -CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -996,6 +996,9 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -1009,10 +1012,12 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -1022,29 +1027,145 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream -CVE-2021-3760: Fix not seen in stream CVE-2021-3772: Fix not seen in stream CVE-2021-38160: Fix not seen in stream CVE-2021-38198: Fix not seen in stream CVE-2021-38205: Fix not seen in stream CVE-2021-38208: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt index 5f68f7d..15a0d18 100644 --- a/data/3.12/3.12_security.txt +++ b/data/3.12/3.12_security.txt
@@ -761,6 +761,7 @@ CVE-2018-20855: (unk) IB/mlx5: Fix leaking stack memory to userspace CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -864,7 +865,6 @@ CVE-2019-15291: (unk) media: b2c2-flexcop-usb: add sanity checking CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -1006,7 +1006,7 @@ CVE-2020-11669: (unk) powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -1044,7 +1044,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -1078,7 +1077,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -1098,6 +1097,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1110,21 +1110,21 @@ CVE-2021-0447: (unk) l2tp: protect sock pointer of struct pppol2tp_session with RCU CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer - CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -1134,6 +1134,9 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -1147,10 +1150,12 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -1160,29 +1165,145 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow - CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object CVE-2021-3772: (unk) sctp: use init_tag from inithdr for ABORT chunk CVE-2021-38160: (unk) virtio_console: Assure used length from device is limited CVE-2021-38198: (unk) KVM: X86: MMU: Use the correct inherited permissions to get shadow page CVE-2021-38205: (unk) net: xilinx_emaclite: Do not print real IOMEM pointer CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt index 7d4a175..f437fdd 100644 --- a/data/3.14/3.14_CVEs.txt +++ b/data/3.14/3.14_CVEs.txt
@@ -580,6 +580,7 @@ CVE-2018-20855: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -687,7 +688,6 @@ CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -832,7 +832,7 @@ CVE-2020-11669: Fix not seen in stream CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -870,7 +870,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -904,7 +903,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -924,6 +923,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -937,22 +937,22 @@ CVE-2021-0447: Fix not seen in stream CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream -CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -962,6 +962,9 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -975,10 +978,12 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -988,29 +993,145 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream -CVE-2021-3760: Fix not seen in stream CVE-2021-3772: Fix not seen in stream CVE-2021-38160: Fix not seen in stream CVE-2021-38198: Fix not seen in stream CVE-2021-38205: Fix not seen in stream CVE-2021-38208: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt index 70143e1..4ba24a9 100644 --- a/data/3.14/3.14_security.txt +++ b/data/3.14/3.14_security.txt
@@ -714,6 +714,7 @@ CVE-2018-20855: (unk) IB/mlx5: Fix leaking stack memory to userspace CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -821,7 +822,6 @@ CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -966,7 +966,7 @@ CVE-2020-11669: (unk) powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -1004,7 +1004,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -1038,7 +1037,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -1058,6 +1057,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1071,22 +1071,22 @@ CVE-2021-0447: (unk) l2tp: protect sock pointer of struct pppol2tp_session with RCU CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20265: (unk) af_unix: fix struct pid memory leak CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer - CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -1096,6 +1096,9 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -1109,10 +1112,12 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -1122,29 +1127,145 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow - CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object CVE-2021-3772: (unk) sctp: use init_tag from inithdr for ABORT chunk CVE-2021-38160: (unk) virtio_console: Assure used length from device is limited CVE-2021-38198: (unk) KVM: X86: MMU: Use the correct inherited permissions to get shadow page CVE-2021-38205: (unk) net: xilinx_emaclite: Do not print real IOMEM pointer CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt index caf0ec7..2529470 100644 --- a/data/3.16/3.16_CVEs.txt +++ b/data/3.16/3.16_CVEs.txt
@@ -548,6 +548,7 @@ CVE-2018-20855: Fix not seen in stream CVE-2018-20976: Fixed with 3.16.74 CVE-2018-21008: Fixed with 3.16.74 +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fixed with 3.16.59 CVE-2018-3646: Fix not seen in stream @@ -655,7 +656,6 @@ CVE-2019-15292: Fixed with 3.16.74 CVE-2019-15505: Fixed with 3.16.77 CVE-2019-15666: Fixed with 3.16.72 -CVE-2019-15794: Fix unknown CVE-2019-15807: Fixed with 3.16.74 CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fixed with 3.16.70 @@ -805,7 +805,7 @@ CVE-2020-11669: Fix not seen in stream CVE-2020-12114: Fixed with 3.16.84 CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fixed with 3.16.85 @@ -844,7 +844,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -879,7 +878,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -899,6 +898,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fixed with 3.16.83 @@ -913,22 +913,22 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fixed with 3.16.35 CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream -CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -938,6 +938,9 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -951,11 +954,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -965,17 +970,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream -CVE-2021-3760: Fix not seen in stream CVE-2021-3772: Fix not seen in stream CVE-2021-38160: Fix not seen in stream CVE-2021-38198: Fix not seen in stream @@ -984,12 +989,130 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt index fd9a5d6..aed6eff 100644 --- a/data/3.16/3.16_security.txt +++ b/data/3.16/3.16_security.txt
@@ -843,6 +843,7 @@ CVE-2018-20509: (unk) binder: refactor binder ref inc/dec for thread safety CVE-2018-20854: (unk) phy: ocelot-serdes: fix out-of-bounds read CVE-2018-20855: (unk) IB/mlx5: Fix leaking stack memory to userspace + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-5344: (unk) loop: fix concurrent lo_open/lo_release @@ -871,7 +872,6 @@ CVE-2019-15223: (unk) ALSA: line6: Assure canceling delayed work at disconnection CVE-2019-15239: (unk) CVE-2019-15290: (unk) - CVE-2019-15794: (unk) CVE-2019-15902: (unk) CVE-2019-16230: (unk) drm/amdkfd: fix a potential NULL pointer dereference (v2) CVE-2019-16232: (unk) libertas: fix a potential NULL pointer dereference @@ -931,7 +931,7 @@ CVE-2020-10768: (unk) x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. CVE-2020-11669: (unk) powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12655: (unk) xfs: add agf freeblocks verify in xfs_agf_verify @@ -958,7 +958,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -991,7 +990,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -1011,6 +1010,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access @@ -1020,21 +1020,21 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer - CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -1044,6 +1044,9 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -1057,11 +1060,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -1071,17 +1076,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow - CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object CVE-2021-3772: (unk) sctp: use init_tag from inithdr for ABORT chunk CVE-2021-38160: (unk) virtio_console: Assure used length from device is limited CVE-2021-38198: (unk) KVM: X86: MMU: Use the correct inherited permissions to get shadow page @@ -1090,12 +1095,130 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt index bfaffaa..ac2908d 100644 --- a/data/3.18/3.18_CVEs.txt +++ b/data/3.18/3.18_CVEs.txt
@@ -521,6 +521,7 @@ CVE-2018-20856: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -629,7 +630,6 @@ CVE-2019-15292: Fixed with 3.18.139 CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fixed with 3.18.137 @@ -785,7 +785,7 @@ CVE-2020-11669: Fix not seen in stream CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -824,7 +824,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -860,7 +859,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -880,6 +879,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -894,22 +894,22 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream -CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -919,6 +919,10 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -932,11 +936,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -946,19 +952,19 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream -CVE-2021-3760: Fix not seen in stream CVE-2021-3772: Fix not seen in stream CVE-2021-38160: Fix not seen in stream CVE-2021-38198: Fix not seen in stream @@ -967,12 +973,130 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt index f30a6cd..107c63b 100644 --- a/data/3.18/3.18_security.txt +++ b/data/3.18/3.18_security.txt
@@ -812,6 +812,7 @@ CVE-2018-20856: (unk) block: blk_init_allocated_queue() set q->fq as NULL in the fail case CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -884,7 +885,6 @@ CVE-2019-15291: (unk) media: b2c2-flexcop-usb: add sanity checking CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15917: (unk) Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() @@ -1020,7 +1020,7 @@ CVE-2020-11669: (unk) powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -1058,7 +1058,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -1094,7 +1093,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -1114,6 +1113,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1128,22 +1128,22 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20265: (unk) af_unix: fix struct pid memory leak CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer - CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -1153,6 +1153,10 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -1166,11 +1170,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -1180,19 +1186,19 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow - CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object CVE-2021-3772: (unk) sctp: use init_tag from inithdr for ABORT chunk CVE-2021-38160: (unk) virtio_console: Assure used length from device is limited CVE-2021-38198: (unk) KVM: X86: MMU: Use the correct inherited permissions to get shadow page @@ -1201,12 +1207,130 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt index 7605fed..194d8c5 100644 --- a/data/3.2/3.2_CVEs.txt +++ b/data/3.2/3.2_CVEs.txt
@@ -664,6 +664,7 @@ CVE-2018-20854: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -753,7 +754,6 @@ CVE-2019-15291: Fix not seen in stream CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -875,7 +875,7 @@ CVE-2020-11609: Fix not seen in stream CVE-2020-11668: Fix not seen in stream CVE-2020-11669: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -909,7 +909,6 @@ CVE-2020-24587: Fix not seen in stream CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -939,7 +938,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28915: Fix not seen in stream CVE-2020-28974: Fix not seen in stream @@ -956,6 +955,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -968,22 +968,22 @@ CVE-2021-0447: Fixed with 3.2.99 CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fixed with 3.2.78 CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream -CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -992,6 +992,9 @@ CVE-2021-27365: Fix not seen in stream CVE-2021-28038: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28972: Fix not seen in stream CVE-2021-29154: Fix not seen in stream @@ -1004,10 +1007,11 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -1016,26 +1020,137 @@ CVE-2021-3573: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream -CVE-2021-3760: Fix not seen in stream CVE-2021-3772: Fix not seen in stream CVE-2021-38160: Fix not seen in stream CVE-2021-38198: Fix not seen in stream CVE-2021-38205: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt index 1956a19..e9ce876 100644 --- a/data/3.2/3.2_security.txt +++ b/data/3.2/3.2_security.txt
@@ -839,6 +839,7 @@ CVE-2018-20854: (unk) phy: ocelot-serdes: fix out-of-bounds read CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -915,7 +916,6 @@ CVE-2019-15291: (unk) media: b2c2-flexcop-usb: add sanity checking CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -1035,7 +1035,7 @@ CVE-2020-11609: (unk) media: stv06xx: add missing descriptor sanity checks CVE-2020-11668: (unk) media: xirlink_cit: add missing descriptor sanity checks CVE-2020-11669: (unk) powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -1068,7 +1068,6 @@ CVE-2020-24587: (unk) mac80211: prevent mixed key and fragment cache attacks CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -1097,7 +1096,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28915: (unk) fbcon: Fix global-out-of-bounds read in fbcon_get_font() CVE-2020-28974: (unk) vt: Disable KD_FONT_OP_COPY @@ -1114,6 +1113,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -1125,21 +1125,21 @@ CVE-2021-0399: (unk) CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer - CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -1148,6 +1148,9 @@ CVE-2021-27365: (unk) scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions CVE-2021-29154: (unk) bpf, x86: Validate computation of branch displacements for x86-64 @@ -1160,10 +1163,11 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33135: (unk) CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -1172,26 +1176,137 @@ CVE-2021-3573: (unk) Bluetooth: use correct lock to prevent UAF of hdev object CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking - CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object CVE-2021-3772: (unk) sctp: use init_tag from inithdr for ABORT chunk CVE-2021-38160: (unk) virtio_console: Assure used length from device is limited CVE-2021-38198: (unk) KVM: X86: MMU: Use the correct inherited permissions to get shadow page CVE-2021-38205: (unk) net: xilinx_emaclite: Do not print real IOMEM pointer CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt index 35e756c..0805383 100644 --- a/data/4.1/4.1_CVEs.txt +++ b/data/4.1/4.1_CVEs.txt
@@ -468,6 +468,7 @@ CVE-2018-20856: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -580,7 +581,6 @@ CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -738,7 +738,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -777,7 +777,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -813,7 +812,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -833,6 +832,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -847,22 +847,23 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fixed with 4.1.19 CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -872,6 +873,10 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -885,11 +890,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -899,16 +906,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3760: Fix not seen in stream @@ -920,12 +928,132 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt index 4393d14..34eb787 100644 --- a/data/4.1/4.1_security.txt +++ b/data/4.1/4.1_security.txt
@@ -588,6 +588,7 @@ CVE-2018-20856: (unk) block: blk_init_allocated_queue() set q->fq as NULL in the fail case CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -681,7 +682,6 @@ CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -836,7 +836,7 @@ CVE-2020-11725: (unk) CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -874,7 +874,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -910,7 +909,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -930,6 +929,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -944,21 +944,22 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -968,6 +969,10 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -981,11 +986,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -995,16 +1002,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object @@ -1016,12 +1024,132 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt index 3ce9c1d..2380f90 100644 --- a/data/4.10/4.10_CVEs.txt +++ b/data/4.10/4.10_CVEs.txt
@@ -310,6 +310,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -430,7 +431,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -607,7 +607,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -650,7 +650,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -689,7 +688,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27835: Fix not seen in stream CVE-2020-28097: Fix not seen in stream @@ -713,6 +712,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -728,21 +728,22 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -752,6 +753,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -769,12 +775,14 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3348: Fix not seen in stream CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -784,16 +792,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -807,13 +816,135 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt index 3362f0f..0d45b02 100644 --- a/data/4.10/4.10_security.txt +++ b/data/4.10/4.10_security.txt
@@ -344,6 +344,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -464,7 +465,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -641,7 +641,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -684,7 +684,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -723,7 +722,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times CVE-2020-28097: (unk) vgacon: remove software scrollback support @@ -747,6 +746,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -762,21 +762,22 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -786,6 +787,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -803,12 +809,14 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -818,16 +826,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -841,13 +850,135 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt index b466538..5fd7f5f 100644 --- a/data/4.11/4.11_CVEs.txt +++ b/data/4.11/4.11_CVEs.txt
@@ -275,6 +275,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -396,7 +397,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -575,7 +575,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -618,7 +618,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -657,7 +656,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27835: Fix not seen in stream CVE-2020-28097: Fix not seen in stream @@ -682,6 +681,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -697,21 +697,22 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -721,6 +722,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -738,12 +744,14 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3348: Fix not seen in stream CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -753,16 +761,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -776,13 +785,137 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt index c6c31ed..eadf58a 100644 --- a/data/4.11/4.11_security.txt +++ b/data/4.11/4.11_security.txt
@@ -298,6 +298,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -419,7 +420,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -597,7 +597,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -640,7 +640,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -679,7 +678,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times CVE-2020-28097: (unk) vgacon: remove software scrollback support @@ -704,6 +703,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -719,21 +719,22 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -743,6 +744,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -760,12 +766,14 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -775,16 +783,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -798,13 +807,137 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt index b0e24e4..aaa6a16 100644 --- a/data/4.12/4.12_CVEs.txt +++ b/data/4.12/4.12_CVEs.txt
@@ -242,6 +242,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -364,7 +365,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -549,7 +549,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -592,7 +592,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -631,7 +630,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27835: Fix not seen in stream CVE-2020-28097: Fix not seen in stream @@ -657,6 +656,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -672,22 +672,23 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0935: Fix not seen in stream -CVE-2021-0936: Fix unknown CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -697,6 +698,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -714,12 +720,14 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3348: Fix not seen in stream CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -729,17 +737,18 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -754,13 +763,138 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt index 6a3363b..404d812 100644 --- a/data/4.12/4.12_security.txt +++ b/data/4.12/4.12_security.txt
@@ -269,6 +269,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -391,7 +392,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -575,7 +575,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -618,7 +618,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -657,7 +656,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times CVE-2020-28097: (unk) vgacon: remove software scrollback support @@ -683,6 +682,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -698,22 +698,23 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0935: (unk) net: ipv6: keep sk status consistent after datagram connect failure - CVE-2021-0936: (unk) CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -723,6 +724,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -740,12 +746,14 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -755,17 +763,18 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -780,13 +789,138 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt index d0911db..f84bba4 100644 --- a/data/4.13/4.13_CVEs.txt +++ b/data/4.13/4.13_CVEs.txt
@@ -218,6 +218,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -341,7 +342,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -529,7 +529,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -572,7 +572,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -611,7 +610,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -639,6 +638,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -654,22 +654,23 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0935: Fix not seen in stream -CVE-2021-0936: Fix unknown CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -679,6 +680,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -696,12 +702,14 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3348: Fix not seen in stream CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -711,18 +719,19 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -737,13 +746,138 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt index d1e0dfe..2c1d6cf 100644 --- a/data/4.13/4.13_security.txt +++ b/data/4.13/4.13_security.txt
@@ -250,6 +250,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -371,7 +372,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -559,7 +559,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -601,7 +601,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -639,7 +638,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -667,6 +666,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -682,22 +682,23 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0935: (unk) net: ipv6: keep sk status consistent after datagram connect failure - CVE-2021-0936: (unk) CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -707,6 +708,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -724,12 +730,14 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -739,18 +747,19 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -765,13 +774,138 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt index b8fdf14..3533a26 100644 --- a/data/4.14/4.14_CVEs.txt +++ b/data/4.14/4.14_CVEs.txt
@@ -799,6 +799,7 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.14.276 CVE-2022-1419: Fixed with 4.14.278 +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 4.14.276 CVE-2022-1651: Fix not seen in stream @@ -811,6 +812,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 4.14.278 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fix not seen in stream CVE-2022-22942: Fixed with 4.14.264 CVE-2022-23036: Fixed with 4.14.271
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt index 6da6344..5571263 100644 --- a/data/4.14/4.14_security.txt +++ b/data/4.14/4.14_security.txt
@@ -1282,6 +1282,7 @@ CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() CVE-2022-1652: (unk) @@ -1290,6 +1291,7 @@ CVE-2022-1679: (unk) CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL CVE-2022-25265: (unk)
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt index 6f17fa1..ad65ae9 100644 --- a/data/4.15/4.15_CVEs.txt +++ b/data/4.15/4.15_CVEs.txt
@@ -126,6 +126,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -240,7 +241,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -438,7 +438,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -480,7 +480,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -518,7 +517,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -546,6 +545,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -562,13 +562,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0935: Fixed with 4.15.15 -CVE-2021-0936: Fix unknown CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream @@ -578,6 +579,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -587,6 +589,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -604,6 +611,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -612,7 +622,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -624,19 +633,20 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -651,13 +661,139 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt index b3ccac1..45f7e0f 100644 --- a/data/4.15/4.15_security.txt +++ b/data/4.15/4.15_security.txt
@@ -174,6 +174,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -278,7 +279,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -472,7 +472,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -514,7 +514,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -552,7 +551,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -579,6 +578,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -595,12 +595,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions @@ -610,6 +611,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -619,6 +621,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -636,6 +643,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -644,7 +654,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -656,19 +665,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -683,13 +693,139 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt index 0a60d61..3d188b9 100644 --- a/data/4.16/4.16_CVEs.txt +++ b/data/4.16/4.16_CVEs.txt
@@ -117,6 +117,7 @@ CVE-2018-20961: Fixed with 4.16.4 CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fixed with 4.16.11 CVE-2018-3646: Fix not seen in stream @@ -216,7 +217,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -413,7 +413,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -458,7 +458,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -496,7 +495,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -525,6 +524,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -540,12 +540,13 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream @@ -555,6 +556,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -564,6 +566,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -581,6 +588,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -589,7 +599,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -602,19 +611,20 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -629,13 +639,139 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt index 9f08d21..26c9060 100644 --- a/data/4.16/4.16_security.txt +++ b/data/4.16/4.16_security.txt
@@ -157,6 +157,7 @@ CVE-2018-20856: (unk) block: blk_init_allocated_queue() set q->fq as NULL in the fail case CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3693: (unk) ext4: fix spectre gadget in ext4_mb_regular_allocator() @@ -251,7 +252,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -446,7 +446,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -491,7 +491,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -529,7 +528,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -557,6 +556,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -572,12 +572,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions @@ -587,6 +588,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -596,6 +598,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -613,6 +620,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -621,7 +631,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -634,19 +643,20 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -661,13 +671,139 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt index b496de5..5d0c2b5 100644 --- a/data/4.17/4.17_CVEs.txt +++ b/data/4.17/4.17_CVEs.txt
@@ -195,7 +195,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -393,7 +392,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -440,7 +439,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -478,7 +476,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -506,6 +504,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -521,12 +520,13 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream @@ -536,6 +536,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -545,6 +546,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -562,6 +568,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -570,7 +579,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -583,19 +591,20 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -610,13 +619,139 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt index 56f01e5..2c04531 100644 --- a/data/4.17/4.17_security.txt +++ b/data/4.17/4.17_security.txt
@@ -229,7 +229,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -425,7 +424,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -472,7 +471,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -510,7 +508,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -538,6 +536,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -553,12 +552,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions @@ -568,6 +568,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -577,6 +578,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -594,6 +600,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -602,7 +611,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -615,19 +623,20 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -642,13 +651,139 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt index bbf3de2..957be26 100644 --- a/data/4.18/4.18_CVEs.txt +++ b/data/4.18/4.18_CVEs.txt
@@ -165,7 +165,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -370,7 +369,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -418,7 +417,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -456,7 +454,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -484,6 +482,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -498,12 +497,13 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream @@ -513,6 +513,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -523,6 +524,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -540,6 +546,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -548,7 +557,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -561,19 +569,20 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -588,13 +597,138 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt index 43acb59..d40c2ea 100644 --- a/data/4.18/4.18_security.txt +++ b/data/4.18/4.18_security.txt
@@ -199,7 +199,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -402,7 +401,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -450,7 +449,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -488,7 +486,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -516,6 +514,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -530,12 +529,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions @@ -545,6 +545,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -555,6 +556,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -572,6 +578,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -580,7 +589,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -593,19 +601,20 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -620,13 +629,138 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt index 017a76f..b374596 100644 --- a/data/4.19/4.19_CVEs.txt +++ b/data/4.19/4.19_CVEs.txt
@@ -656,6 +656,7 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.19.238 CVE-2022-1419: Fixed with 4.19.242 +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 4.19.238 CVE-2022-1651: Fix not seen in stream @@ -668,6 +669,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 4.19.241 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fixed with 4.19.231 CVE-2022-22942: Fixed with 4.19.227 CVE-2022-23036: Fixed with 4.19.234
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt index 693cfeb..50bd012 100644 --- a/data/4.19/4.19_security.txt +++ b/data/4.19/4.19_security.txt
@@ -1067,6 +1067,7 @@ CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() CVE-2022-1652: (unk) @@ -1075,6 +1076,7 @@ CVE-2022-1679: (unk) CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL CVE-2022-25265: (unk) CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt index 77b72ae..a9b6f4d 100644 --- a/data/4.20/4.20_CVEs.txt +++ b/data/4.20/4.20_CVEs.txt
@@ -116,7 +116,7 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fixed with 4.20.15 @@ -325,7 +325,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -374,7 +374,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -412,7 +411,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -441,6 +440,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -456,13 +456,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20177: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream @@ -473,6 +474,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -483,6 +485,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -500,6 +507,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -508,7 +518,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -521,20 +530,21 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -549,13 +559,137 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt index d049821..99f506c 100644 --- a/data/4.20/4.20_security.txt +++ b/data/4.20/4.20_security.txt
@@ -169,7 +169,7 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15917: (unk) Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() @@ -357,7 +357,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -406,7 +406,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -444,7 +443,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -473,6 +472,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -488,13 +488,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20177: (unk) netfilter: add and use nf_hook_slow_list() CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer @@ -505,6 +506,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -515,6 +517,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -532,6 +539,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -540,7 +550,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -553,20 +562,21 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -581,13 +591,137 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt index b15d338..2b1644a 100644 --- a/data/4.3/4.3_CVEs.txt +++ b/data/4.3/4.3_CVEs.txt
@@ -455,6 +455,7 @@ CVE-2018-20856: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -568,7 +569,6 @@ CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -729,7 +729,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -768,7 +768,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -805,7 +804,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -826,6 +825,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -840,22 +840,23 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20261: Fix not seen in stream CVE-2021-20265: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -865,6 +866,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28972: Fix not seen in stream @@ -878,11 +884,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -892,16 +900,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3760: Fix not seen in stream @@ -913,12 +922,133 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt index 8a64d18..ffec677 100644 --- a/data/4.3/4.3_security.txt +++ b/data/4.3/4.3_security.txt
@@ -471,6 +471,7 @@ CVE-2018-20856: (unk) block: blk_init_allocated_queue() set q->fq as NULL in the fail case CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -584,7 +585,6 @@ CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -745,7 +745,7 @@ CVE-2020-11725: (unk) CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -784,7 +784,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -821,7 +820,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -842,6 +841,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -856,22 +856,23 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20261: (unk) floppy: fix lock_fdc() signal handling CVE-2021-20265: (unk) af_unix: fix struct pid memory leak CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -881,6 +882,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28972: (unk) PCI: rpadlpar: Fix potential drc_name corruption in store functions @@ -894,11 +900,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -908,16 +916,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3760: (unk) nfc: nci: fix the UAF of rf_conn_info object @@ -929,12 +938,133 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt index fcaa6ad..885fcd3 100644 --- a/data/4.4/4.4_CVEs.txt +++ b/data/4.4/4.4_CVEs.txt
@@ -985,6 +985,7 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fix not seen in stream CVE-2022-1651: Fix not seen in stream @@ -997,6 +998,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown CVE-2022-20008: Fix not seen in stream CVE-2022-23036: Fix not seen in stream CVE-2022-23037: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt index 756185b..b16724e 100644 --- a/data/4.4/4.4_security.txt +++ b/data/4.4/4.4_security.txt
@@ -1469,6 +1469,7 @@ CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() @@ -1481,6 +1482,7 @@ CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt index 173f132..f843de0 100644 --- a/data/4.5/4.5_CVEs.txt +++ b/data/4.5/4.5_CVEs.txt
@@ -411,6 +411,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -525,7 +526,6 @@ CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -689,7 +689,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -729,7 +729,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -766,7 +765,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -787,6 +786,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -801,20 +801,21 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -824,6 +825,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -838,11 +844,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -852,16 +860,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -874,12 +883,133 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt index 7abf98c..6bf4f72 100644 --- a/data/4.5/4.5_security.txt +++ b/data/4.5/4.5_security.txt
@@ -428,6 +428,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -542,7 +543,6 @@ CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -705,7 +705,7 @@ CVE-2020-11725: (unk) CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -745,7 +745,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -782,7 +781,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -803,6 +802,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -817,20 +817,21 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -840,6 +841,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -854,11 +860,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -868,16 +876,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -890,12 +899,133 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt index 9778edb..0aa5c5f 100644 --- a/data/4.6/4.6_CVEs.txt +++ b/data/4.6/4.6_CVEs.txt
@@ -376,6 +376,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -491,7 +492,6 @@ CVE-2019-15292: Fix not seen in stream CVE-2019-15505: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -656,7 +656,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -697,7 +697,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -734,7 +733,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -756,6 +755,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -770,20 +770,21 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -793,6 +794,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -807,11 +813,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -821,16 +829,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -843,13 +852,134 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt index 269062e..fe19a48 100644 --- a/data/4.6/4.6_security.txt +++ b/data/4.6/4.6_security.txt
@@ -394,6 +394,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -509,7 +510,6 @@ CVE-2019-15292: (unk) appletalk: Fix use-after-free in atalk_proc_exit CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -674,7 +674,7 @@ CVE-2020-11725: (unk) CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -715,7 +715,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -752,7 +751,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -774,6 +773,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -788,20 +788,21 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -811,6 +812,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -825,11 +831,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -839,16 +847,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -861,13 +870,134 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt index c234a09..5ccad53 100644 --- a/data/4.7/4.7_CVEs.txt +++ b/data/4.7/4.7_CVEs.txt
@@ -352,6 +352,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -469,7 +470,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -635,7 +635,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12114: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -676,7 +676,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25643: Fix not seen in stream @@ -714,7 +713,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-28097: Fix not seen in stream CVE-2020-28374: Fix not seen in stream @@ -736,6 +735,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -750,20 +750,21 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -773,6 +774,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -788,11 +794,13 @@ CVE-2021-32078: Fix not seen in stream CVE-2021-32399: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -802,16 +810,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -824,13 +833,134 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt index bf2163a..4690189 100644 --- a/data/4.7/4.7_security.txt +++ b/data/4.7/4.7_security.txt
@@ -372,6 +372,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -489,7 +490,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -655,7 +655,7 @@ CVE-2020-11725: (unk) CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -696,7 +696,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25643: (unk) hdlc_ppp: add range checks in ppp_cp_parse_cr() @@ -734,7 +733,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-28097: (unk) vgacon: remove software scrollback support CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup @@ -756,6 +755,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -770,20 +770,21 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -793,6 +794,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -808,11 +814,13 @@ CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -822,16 +830,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -844,13 +853,134 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt index 655ed3f..fa187c4 100644 --- a/data/4.8/4.8_CVEs.txt +++ b/data/4.8/4.8_CVEs.txt
@@ -348,6 +348,7 @@ CVE-2018-20961: Fix not seen in stream CVE-2018-20976: Fix not seen in stream CVE-2018-21008: Fix not seen in stream +CVE-2018-25020: Fix not seen in stream CVE-2018-3620: Fix not seen in stream CVE-2018-3639: Fix not seen in stream CVE-2018-3646: Fix not seen in stream @@ -464,7 +465,6 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fix not seen in stream -CVE-2019-15794: Fix unknown CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fix not seen in stream @@ -631,7 +631,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -673,7 +673,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -712,7 +711,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27835: Fix not seen in stream CVE-2020-28097: Fix not seen in stream @@ -735,6 +734,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8647: Fix not seen in stream @@ -750,20 +750,21 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream CVE-2021-20320: Fix not seen in stream CVE-2021-20321: Fix not seen in stream -CVE-2021-20322: Fix not seen in stream CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -773,6 +774,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -790,11 +796,13 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fix not seen in stream CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-3506: Fix not seen in stream CVE-2021-3542: Fix unknown @@ -804,16 +812,17 @@ CVE-2021-3587: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -827,13 +836,135 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39636: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39711: Fix not seen in stream +CVE-2021-39713: Fix not seen in stream +CVE-2021-39714: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream -CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1678: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt index c223913..64bc1da 100644 --- a/data/4.8/4.8_security.txt +++ b/data/4.8/4.8_security.txt
@@ -378,6 +378,7 @@ CVE-2018-20961: (unk) USB: gadget: f_midi: fixing a possible double-free in f_midi CVE-2018-20976: (unk) xfs: clear sb->s_fs_info on mount failure CVE-2018-21008: (unk) rsi: add fix for crash during assertions + CVE-2018-25020: (unk) bpf: fix truncated jump targets on heavy expansions CVE-2018-3620: (unk) x86/microcode: Allow late microcode loading with SMT disabled CVE-2018-3639: (unk) x86/nospec: Simplify alternative_msr_write() CVE-2018-3646: (unk) x86/microcode: Allow late microcode loading with SMT disabled @@ -494,7 +495,6 @@ CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT CVE-2019-15666: (unk) xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink - CVE-2019-15794: (unk) CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15916: (unk) net-sysfs: Fix mem leak in netdev_register_kobject @@ -661,7 +661,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -703,7 +703,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -742,7 +741,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times CVE-2020-28097: (unk) vgacon: remove software scrollback support @@ -765,6 +764,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region @@ -780,20 +780,21 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() - CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -803,6 +804,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -820,11 +826,13 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access CVE-2021-3542: (unk) @@ -834,16 +842,17 @@ CVE-2021-3587: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -857,13 +866,135 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39636: (unk) netfilter: x_tables: fix pointer leaks to userspace + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39711: (unk) bpf: fix panic due to oob in bpf_prog_test_run_skb + CVE-2021-39713: (unk) net: sched: use Qdisc rcu API instead of relying on rtnl lock + CVE-2021-39714: (unk) staging: android: ion: Drop ion_map_kernel interface + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data - CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1678: (unk) tcp: optimize tcp internal pacing + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt index bbde030..1c7ce1a 100644 --- a/data/4.9/4.9_CVEs.txt +++ b/data/4.9/4.9_CVEs.txt
@@ -921,6 +921,7 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.9.311 CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 4.9.311 CVE-2022-1651: Fix not seen in stream @@ -933,6 +934,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 4.9.313 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fix not seen in stream CVE-2022-23036: Fixed with 4.9.306 CVE-2022-23037: Fixed with 4.9.306
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt index 7921c45..06cc027 100644 --- a/data/4.9/4.9_security.txt +++ b/data/4.9/4.9_security.txt
@@ -1446,6 +1446,7 @@ CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() CVE-2022-1652: (unk) @@ -1454,6 +1455,7 @@ CVE-2022-1679: (unk) CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt index 1e0a500..f559df0 100644 --- a/data/5.0/5.0_CVEs.txt +++ b/data/5.0/5.0_CVEs.txt
@@ -109,7 +109,7 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fixed with 5.0.19 -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15807: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-15916: Fixed with 5.0.1 @@ -304,7 +304,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -353,7 +353,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25641: Fix not seen in stream @@ -391,7 +390,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -420,6 +419,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -435,13 +435,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20177: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream @@ -452,6 +453,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -462,6 +464,11 @@ CVE-2021-28038: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -480,6 +487,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -488,7 +498,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -501,20 +510,21 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -529,13 +539,137 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt index 6a1d1e4..06c690a 100644 --- a/data/5.0/5.0_security.txt +++ b/data/5.0/5.0_security.txt
@@ -188,7 +188,7 @@ CVE-2019-15504: (unk) rsi: fix a double free bug in rsi_91x_deinit() CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15807: (unk) scsi: libsas: delete sas port if expander discover failed CVE-2019-15902: (unk) unknown CVE-2019-15925: (unk) net: hns3: add some error checking in hclge_tm module @@ -352,7 +352,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -401,7 +401,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: (unk) block: allow for_each_bvec to support zero len bvec @@ -439,7 +438,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -468,6 +467,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -483,13 +483,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20177: (unk) netfilter: add and use nf_hook_slow_list() CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer @@ -500,6 +501,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -510,6 +512,11 @@ CVE-2021-28038: (unk) Xen/gnttab: handle p2m update errors on a per-slot basis CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -528,6 +535,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -536,7 +546,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -549,20 +558,21 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -577,13 +587,137 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt index 8e6ec91..b05a037 100644 --- a/data/5.1/5.1_CVEs.txt +++ b/data/5.1/5.1_CVEs.txt
@@ -97,7 +97,7 @@ CVE-2019-15505: Fix not seen in stream CVE-2019-15538: Fix not seen in stream CVE-2019-15666: Fixed with 5.1 -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15807: Fixed with 5.1.13 CVE-2019-15902: Fix not seen in stream CVE-2019-15925: Fixed with 5.1.20 @@ -264,7 +264,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -313,7 +313,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25639: Fix not seen in stream @@ -352,7 +351,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -384,6 +383,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-7053: Fix not seen in stream @@ -399,13 +399,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20177: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream @@ -416,6 +417,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -427,6 +429,11 @@ CVE-2021-28375: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -445,6 +452,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -453,7 +463,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -466,20 +475,21 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -494,13 +504,139 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown -CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-42739: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt index f985838..74cf73f 100644 --- a/data/5.1/5.1_security.txt +++ b/data/5.1/5.1_security.txt
@@ -147,7 +147,7 @@ CVE-2019-15504: (unk) rsi: fix a double free bug in rsi_91x_deinit() CVE-2019-15505: (unk) media: technisat-usb2: break out of loop at end of buffer CVE-2019-15538: (unk) xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-16229: (unk) drm/amdkfd: fix a potential NULL pointer dereference (v2) @@ -300,7 +300,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -349,7 +349,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25639: (unk) drm/nouveau: bail out of nouveau_channel_new if channel init fails @@ -388,7 +387,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -420,6 +419,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr @@ -435,13 +435,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20177: (unk) netfilter: add and use nf_hook_slow_list() CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer @@ -452,6 +453,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -463,6 +465,11 @@ CVE-2021-28375: (unk) misc: fastrpc: restrict user apps from sending kernel RPC messages CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -481,6 +488,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -489,7 +499,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -502,20 +511,21 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -530,13 +540,139 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) - CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt index d81e995..e9a49d1 100644 --- a/data/5.10/5.10_CVEs.txt +++ b/data/5.10/5.10_CVEs.txt
@@ -293,6 +293,7 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 5.10.110 +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 5.10.110 CVE-2022-1651: Fix not seen in stream @@ -304,6 +305,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 5.10.114 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fixed with 5.10.102 CVE-2022-22942: Fixed with 5.10.95 CVE-2022-23036: Fixed with 5.10.105
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt index c3cf250..d9a7bba 100644 --- a/data/5.10/5.10_security.txt +++ b/data/5.10/5.10_security.txt
@@ -496,6 +496,7 @@ CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() CVE-2022-1652: (unk) @@ -503,6 +504,7 @@ CVE-2022-1679: (unk) CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL CVE-2022-25265: (unk) CVE-2022-26878: (unk)
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt index 7faa656..521d2a3 100644 --- a/data/5.11/5.11_CVEs.txt +++ b/data/5.11/5.11_CVEs.txt
@@ -79,6 +79,7 @@ CVE-2021-22555: Fixed with 5.11.15 CVE-2021-22600: Fix not seen in stream CVE-2021-23133: Fixed with 5.11.16 +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fixed with 5.11.1 CVE-2021-26931: Fixed with 5.11.1 CVE-2021-26932: Fixed with 5.11.1 @@ -125,6 +126,7 @@ CVE-2021-33034: Fixed with 5.11.21 CVE-2021-33061: Fix not seen in stream CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33624: Fix not seen in stream CVE-2021-33909: Fix not seen in stream CVE-2021-3444: Fixed with 5.11.2 @@ -236,7 +238,8 @@ CVE-2021-46283: Fix not seen in stream CVE-2022-0001: Fix not seen in stream CVE-2022-0002: Fix not seen in stream -CVE-2022-0168: Fix unknown +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown CVE-2022-0185: Fix not seen in stream CVE-2022-0286: Fix not seen in stream CVE-2022-0322: Fix not seen in stream @@ -253,24 +256,44 @@ CVE-2022-0617: Fix not seen in stream CVE-2022-0644: Fix not seen in stream CVE-2022-0742: Fix not seen in stream -CVE-2022-0812: Fix unknown CVE-2022-0847: Fix not seen in stream CVE-2022-0850: Fix not seen in stream CVE-2022-0854: Fix not seen in stream CVE-2022-0995: Fix not seen in stream CVE-2022-0998: Fix not seen in stream CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream CVE-2022-1015: Fix not seen in stream CVE-2022-1016: Fix not seen in stream CVE-2022-1043: Fix not seen in stream CVE-2022-1048: Fix not seen in stream CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown CVE-2022-1195: Fix not seen in stream CVE-2022-1198: Fix not seen in stream CVE-2022-1199: Fix not seen in stream CVE-2022-1204: Fix not seen in stream CVE-2022-1205: Fix not seen in stream -CVE-2022-1263: Fix unknown +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream CVE-2022-22942: Fix not seen in stream CVE-2022-23036: Fix not seen in stream CVE-2022-23037: Fix not seen in stream @@ -298,3 +321,10 @@ CVE-2022-28388: Fix not seen in stream CVE-2022-28389: Fix not seen in stream CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt index 862b0dc..8ccc3bd 100644 --- a/data/5.11/5.11_security.txt +++ b/data/5.11/5.11_security.txt
@@ -169,6 +169,7 @@ CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26934: (unk) CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms @@ -180,6 +181,7 @@ CVE-2021-32606: (unk) can: isotp: prevent race between isotp_bind() and isotp_setsockopt() CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data CVE-2021-33909: (unk) seq_file: disallow extremely large seq buffer allocations CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 @@ -276,7 +278,8 @@ CVE-2021-46283: (unk) netfilter: nf_tables: initialize set before expression setup CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - CVE-2022-0168: (unk) + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param CVE-2022-0286: (unk) bonding: fix null dereference in bond_ipsec_add_sa() CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk @@ -293,24 +296,44 @@ CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() - CVE-2022-0812: (unk) CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" CVE-2022-0995: (unk) watch_queue: Fix filter limit check CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers - CVE-2022-1263: (unk) + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status @@ -338,3 +361,10 @@ CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt index 3aeac47..672019e 100644 --- a/data/5.12/5.12_CVEs.txt +++ b/data/5.12/5.12_CVEs.txt
@@ -66,6 +66,7 @@ CVE-2021-22543: Fixed with 5.12.14 CVE-2021-22600: Fix not seen in stream CVE-2021-23134: Fixed with 5.12.4 +CVE-2021-26401: Fix not seen in stream CVE-2021-26934: Fix unknown CVE-2021-28691: Fixed with 5.12.10 CVE-2021-28711: Fix not seen in stream @@ -81,6 +82,7 @@ CVE-2021-33034: Fixed with 5.12.4 CVE-2021-33061: Fix not seen in stream CVE-2021-33098: Fixed with 5.12.9 +CVE-2021-33135: Fix unknown CVE-2021-33200: Fixed with 5.12.8 CVE-2021-33624: Fixed with 5.12.13 CVE-2021-33909: Fixed with 5.12.19 @@ -186,7 +188,8 @@ CVE-2021-46283: Fixed with 5.12.13 CVE-2022-0001: Fix not seen in stream CVE-2022-0002: Fix not seen in stream -CVE-2022-0168: Fix unknown +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown CVE-2022-0185: Fix not seen in stream CVE-2022-0264: Fix not seen in stream CVE-2022-0286: Fix not seen in stream @@ -204,24 +207,43 @@ CVE-2022-0617: Fix not seen in stream CVE-2022-0644: Fix not seen in stream CVE-2022-0742: Fix not seen in stream -CVE-2022-0812: Fix unknown CVE-2022-0847: Fix not seen in stream CVE-2022-0850: Fixed with 5.12.17 CVE-2022-0854: Fix not seen in stream CVE-2022-0995: Fix not seen in stream CVE-2022-0998: Fix not seen in stream CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream CVE-2022-1015: Fix not seen in stream CVE-2022-1016: Fix not seen in stream CVE-2022-1043: Fix not seen in stream CVE-2022-1048: Fix not seen in stream CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown CVE-2022-1195: Fix not seen in stream CVE-2022-1198: Fix not seen in stream CVE-2022-1199: Fix not seen in stream CVE-2022-1204: Fix not seen in stream CVE-2022-1205: Fix not seen in stream -CVE-2022-1263: Fix unknown +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream CVE-2022-22942: Fix not seen in stream CVE-2022-23036: Fix not seen in stream CVE-2022-23037: Fix not seen in stream @@ -249,3 +271,10 @@ CVE-2022-28388: Fix not seen in stream CVE-2022-28389: Fix not seen in stream CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt index 3fb5604..7c80826 100644 --- a/data/5.12/5.12_security.txt +++ b/data/5.12/5.12_security.txt
@@ -138,6 +138,7 @@ CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() CVE-2021-20322: (unk) ipv6: make exception cache less predictible CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26934: (unk) CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms @@ -146,6 +147,7 @@ CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-32078: (unk) ARM: footbridge: remove personal server platform CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33135: (unk) CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-3542: (unk) @@ -219,7 +221,8 @@ CVE-2021-45868: (unk) quota: check block number when reading the block in quota file CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - CVE-2022-0168: (unk) + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param CVE-2022-0264: (unk) bpf: Fix kernel address leakage in atomic fetch CVE-2022-0286: (unk) bonding: fix null dereference in bond_ipsec_add_sa() @@ -237,23 +240,42 @@ CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() - CVE-2022-0812: (unk) CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" CVE-2022-0995: (unk) watch_queue: Fix filter limit check CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers - CVE-2022-1263: (unk) + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status @@ -281,3 +303,10 @@ CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt index ebeeae8..19d0eda 100644 --- a/data/5.13/5.13_CVEs.txt +++ b/data/5.13/5.13_CVEs.txt
@@ -54,6 +54,7 @@ CVE-2021-20322: Fixed with 5.13.17 CVE-2021-22543: Fixed with 5.13 CVE-2021-22600: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26934: Fix unknown CVE-2021-28711: Fix not seen in stream CVE-2021-28712: Fix not seen in stream @@ -61,6 +62,7 @@ CVE-2021-28714: Fix not seen in stream CVE-2021-28715: Fix not seen in stream CVE-2021-33061: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-33909: Fixed with 5.13.4 CVE-2021-34556: Fixed with 5.13.8 CVE-2021-34866: Fixed with 5.13.14 @@ -149,7 +151,8 @@ CVE-2021-45868: Fix not seen in stream CVE-2022-0001: Fix not seen in stream CVE-2022-0002: Fix not seen in stream -CVE-2022-0168: Fix unknown +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown CVE-2022-0185: Fix not seen in stream CVE-2022-0264: Fix not seen in stream CVE-2022-0286: Fixed with 5.13.6 @@ -167,24 +170,43 @@ CVE-2022-0617: Fix not seen in stream CVE-2022-0644: Fix not seen in stream CVE-2022-0742: Fix not seen in stream -CVE-2022-0812: Fix unknown CVE-2022-0847: Fix not seen in stream CVE-2022-0850: Fixed with 5.13.2 CVE-2022-0854: Fix not seen in stream CVE-2022-0995: Fix not seen in stream CVE-2022-0998: Fix not seen in stream CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream CVE-2022-1015: Fix not seen in stream CVE-2022-1016: Fix not seen in stream CVE-2022-1043: Fixed with 5.13.13 CVE-2022-1048: Fix not seen in stream CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown CVE-2022-1195: Fix not seen in stream CVE-2022-1198: Fix not seen in stream CVE-2022-1199: Fix not seen in stream CVE-2022-1204: Fix not seen in stream CVE-2022-1205: Fix not seen in stream -CVE-2022-1263: Fix unknown +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream CVE-2022-22942: Fix not seen in stream CVE-2022-23036: Fix not seen in stream CVE-2022-23037: Fix not seen in stream @@ -212,3 +234,10 @@ CVE-2022-28388: Fix not seen in stream CVE-2022-28389: Fix not seen in stream CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt index c0e16cd..77aa4a0 100644 --- a/data/5.13/5.13_security.txt +++ b/data/5.13/5.13_security.txt
@@ -117,6 +117,7 @@ CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26934: (unk) CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms @@ -124,6 +125,7 @@ CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33135: (unk) CVE-2021-3542: (unk) CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() @@ -182,7 +184,8 @@ CVE-2021-45868: (unk) quota: check block number when reading the block in quota file CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - CVE-2022-0168: (unk) + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param CVE-2022-0264: (unk) bpf: Fix kernel address leakage in atomic fetch CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk @@ -199,22 +202,41 @@ CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() - CVE-2022-0812: (unk) CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" CVE-2022-0995: (unk) watch_queue: Fix filter limit check CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers - CVE-2022-1263: (unk) + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status @@ -242,3 +264,10 @@ CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt index adc1ac3..a0705cb 100644 --- a/data/5.14/5.14_CVEs.txt +++ b/data/5.14/5.14_CVEs.txt
@@ -52,6 +52,7 @@ CVE-2021-20321: Fixed with 5.14.12 CVE-2021-20322: Fixed with 5.14.4 CVE-2021-22600: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26934: Fix unknown CVE-2021-28711: Fix not seen in stream CVE-2021-28712: Fix not seen in stream @@ -59,6 +60,7 @@ CVE-2021-28714: Fix not seen in stream CVE-2021-28715: Fix not seen in stream CVE-2021-33061: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-34866: Fixed with 5.14 CVE-2021-3542: Fix unknown CVE-2021-3640: Fixed with 5.14.19 @@ -124,7 +126,8 @@ CVE-2021-45868: Fixed with 5.14.19 CVE-2022-0001: Fix not seen in stream CVE-2022-0002: Fix not seen in stream -CVE-2022-0168: Fix unknown +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown CVE-2022-0185: Fix not seen in stream CVE-2022-0264: Fix not seen in stream CVE-2022-0322: Fixed with 5.14.14 @@ -141,22 +144,41 @@ CVE-2022-0617: Fix not seen in stream CVE-2022-0644: Fixed with 5.14.15 CVE-2022-0742: Fix not seen in stream -CVE-2022-0812: Fix unknown CVE-2022-0847: Fix not seen in stream CVE-2022-0854: Fix not seen in stream CVE-2022-0995: Fix not seen in stream CVE-2022-0998: Fix not seen in stream CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream CVE-2022-1015: Fix not seen in stream CVE-2022-1016: Fix not seen in stream CVE-2022-1048: Fix not seen in stream CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown CVE-2022-1195: Fix not seen in stream CVE-2022-1198: Fix not seen in stream CVE-2022-1199: Fix not seen in stream CVE-2022-1204: Fix not seen in stream CVE-2022-1205: Fix not seen in stream -CVE-2022-1263: Fix unknown +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream CVE-2022-22942: Fix not seen in stream CVE-2022-23036: Fix not seen in stream CVE-2022-23037: Fix not seen in stream @@ -185,3 +207,10 @@ CVE-2022-28388: Fix not seen in stream CVE-2022-28389: Fix not seen in stream CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt index b81f233..f843f24 100644 --- a/data/5.14/5.14_security.txt +++ b/data/5.14/5.14_security.txt
@@ -117,6 +117,7 @@ CVE-2021-0399: (unk) CVE-2021-0695: (unk) CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26934: (unk) CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms @@ -124,6 +125,7 @@ CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33135: (unk) CVE-2021-3542: (unk) CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3714: (unk) @@ -158,7 +160,8 @@ CVE-2021-45480: (unk) rds: memory leak in __rds_conn_create() CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - CVE-2022-0168: (unk) + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param CVE-2022-0264: (unk) bpf: Fix kernel address leakage in atomic fetch CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store @@ -173,22 +176,41 @@ CVE-2022-0516: (unk) KVM: s390: Return error on SIDA memop on normal guest CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() - CVE-2022-0812: (unk) CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" CVE-2022-0995: (unk) watch_queue: Fix filter limit check CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers - CVE-2022-1263: (unk) + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status @@ -217,3 +239,10 @@ CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt index b0dd625..9bbe66d 100644 --- a/data/5.15/5.15_CVEs.txt +++ b/data/5.15/5.15_CVEs.txt
@@ -133,6 +133,7 @@ CVE-2022-1247: Fix unknown CVE-2022-1263: Fixed with 5.15.34 CVE-2022-1353: Fixed with 5.15.33 +CVE-2022-1462: Fix unknown CVE-2022-1516: Fixed with 5.15.33 CVE-2022-1651: Fixed with 5.15.33 CVE-2022-1652: Fix unknown @@ -142,6 +143,7 @@ CVE-2022-1734: Fixed with 5.15.39 CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 5.15.37 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fixed with 5.15.25 CVE-2022-22942: Fixed with 5.15.18 CVE-2022-23036: Fixed with 5.15.28
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt index 8f26a79..b70190c 100644 --- a/data/5.15/5.15_security.txt +++ b/data/5.15/5.15_security.txt
@@ -234,9 +234,11 @@ CVE-2022-1116: (unk) CVE-2022-1184: (unk) CVE-2022-1247: (unk) + CVE-2022-1462: (unk) CVE-2022-1652: (unk) CVE-2022-1679: (unk) CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-24122: (unk) ucount: Make get_ucount a safe get_user replacement CVE-2022-25265: (unk) CVE-2022-26878: (unk)
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt index 709242d..85386db 100644 --- a/data/5.16/5.16_CVEs.txt +++ b/data/5.16/5.16_CVEs.txt
@@ -102,6 +102,7 @@ CVE-2022-1247: Fix unknown CVE-2022-1263: Fixed with 5.16.20 CVE-2022-1353: Fixed with 5.16.19 +CVE-2022-1462: Fix unknown CVE-2022-1516: Fixed with 5.16.19 CVE-2022-1651: Fixed with 5.16.19 CVE-2022-1652: Fix unknown @@ -111,6 +112,7 @@ CVE-2022-1734: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown CVE-2022-20008: Fixed with 5.16.11 CVE-2022-22942: Fixed with 5.16.4 CVE-2022-23036: Fixed with 5.16.14
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt index 390e40a..9c08d0d 100644 --- a/data/5.16/5.16_security.txt +++ b/data/5.16/5.16_security.txt
@@ -169,12 +169,14 @@ CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers CVE-2022-1247: (unk) + CVE-2022-1462: (unk) CVE-2022-1652: (unk) CVE-2022-1679: (unk) CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) CVE-2022-24122: (unk) ucount: Make get_ucount a safe get_user replacement CVE-2022-25265: (unk) CVE-2022-26878: (unk)
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt index 2868f5a..b760a11 100644 --- a/data/5.17/5.17_CVEs.txt +++ b/data/5.17/5.17_CVEs.txt
@@ -72,6 +72,7 @@ CVE-2022-1247: Fix unknown CVE-2022-1263: Fixed with 5.17.3 CVE-2022-1353: Fixed with 5.17 +CVE-2022-1462: Fix unknown CVE-2022-1516: Fixed with 5.17.2 CVE-2022-1651: Fixed with 5.17.2 CVE-2022-1652: Fix unknown @@ -81,6 +82,7 @@ CVE-2022-1734: Fixed with 5.17.7 CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 5.17.6 +CVE-2022-1882: Fix unknown CVE-2022-25265: Fix unknown CVE-2022-26878: Fix unknown CVE-2022-28356: Fixed with 5.17.1
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt index 781c499..69f4533 100644 --- a/data/5.17/5.17_security.txt +++ b/data/5.17/5.17_security.txt
@@ -108,8 +108,10 @@ CVE-2022-1116: (unk) CVE-2022-1184: (unk) CVE-2022-1247: (unk) + CVE-2022-1462: (unk) CVE-2022-1652: (unk) CVE-2022-1679: (unk) CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-25265: (unk) CVE-2022-26878: (unk)
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt index 6b4fdb9..60fdd14 100644 --- a/data/5.2/5.2_CVEs.txt +++ b/data/5.2/5.2_CVEs.txt
@@ -66,7 +66,7 @@ CVE-2019-15504: Fixed with 5.2.16 CVE-2019-15505: Fixed with 5.2.17 CVE-2019-15538: Fixed with 5.2.11 -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fixed with 5.2.12 CVE-2019-15925: Fixed with 5.2.3 CVE-2019-15926: Fixed with 5.2.3 @@ -222,7 +222,7 @@ CVE-2020-12114: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -271,7 +271,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25639: Fix not seen in stream @@ -310,7 +309,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -342,6 +341,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8428: Fix not seen in stream @@ -357,13 +357,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20177: Fix not seen in stream CVE-2021-20292: Fix not seen in stream CVE-2021-20317: Fix not seen in stream @@ -374,6 +375,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -385,6 +387,11 @@ CVE-2021-28375: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -403,6 +410,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -412,7 +422,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -425,20 +434,21 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -453,13 +463,140 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt index 8eb8d7a..4c45b2c 100644 --- a/data/5.2/5.2_security.txt +++ b/data/5.2/5.2_security.txt
@@ -129,7 +129,7 @@ CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) CVE-2019-15291: (unk) media: b2c2-flexcop-usb: add sanity checking - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-16089: (unk) CVE-2019-16229: (unk) drm/amdkfd: fix a potential NULL pointer dereference (v2) CVE-2019-16230: (unk) drm/amdkfd: fix a potential NULL pointer dereference (v2) @@ -260,7 +260,7 @@ CVE-2020-12114: (unk) make struct mountpoint bear the dentry reference to mountpoint, not struct mount CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -309,7 +309,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25639: (unk) drm/nouveau: bail out of nouveau_channel_new if channel init fails @@ -348,7 +347,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -380,6 +379,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8428: (unk) do_last(): fetch directory ->i_mode and ->i_uid before it's too late @@ -395,13 +395,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20177: (unk) netfilter: add and use nf_hook_slow_list() CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. CVE-2021-20317: (unk) lib/timerqueue: Rely on rbtree semantics for next timer @@ -412,6 +413,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -423,6 +425,11 @@ CVE-2021-28375: (unk) misc: fastrpc: restrict user apps from sending kernel RPC messages CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -441,6 +448,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -450,7 +460,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -463,20 +472,21 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -491,13 +501,140 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt index e5ba8e3..0be8c3e 100644 --- a/data/5.3/5.3_CVEs.txt +++ b/data/5.3/5.3_CVEs.txt
@@ -41,7 +41,7 @@ CVE-2019-15291: Fixed with 5.3.14 CVE-2019-15504: Fixed with 5.3 CVE-2019-15505: Fixed with 5.3.1 -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-16229: Fix not seen in stream @@ -192,7 +192,7 @@ CVE-2020-11884: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -241,7 +241,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25639: Fix not seen in stream @@ -280,7 +279,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -312,6 +311,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8428: Fix not seen in stream @@ -327,13 +327,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20177: Fix not seen in stream CVE-2021-20239: Fix not seen in stream CVE-2021-20292: Fix not seen in stream @@ -345,6 +346,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream CVE-2021-26932: Fix not seen in stream @@ -356,6 +358,11 @@ CVE-2021-28375: Fix not seen in stream CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -374,6 +381,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -383,7 +393,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -396,20 +405,21 @@ CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream CVE-2021-3635: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fix not seen in stream CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -424,13 +434,141 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt index d7a5765..33d9139 100644 --- a/data/5.3/5.3_security.txt +++ b/data/5.3/5.3_security.txt
@@ -142,7 +142,7 @@ CVE-2019-14901: (unk) mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-16229: (unk) drm/amdkfd: fix a potential NULL pointer dereference (v2) @@ -229,7 +229,7 @@ CVE-2020-11884: (unk) s390/mm: fix page table upgrade vs 2ndary address mode accesses CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -277,7 +277,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25639: (unk) drm/nouveau: bail out of nouveau_channel_new if channel init fails @@ -316,7 +315,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -348,6 +347,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8428: (unk) do_last(): fetch directory ->i_mode and ->i_uid before it's too late @@ -363,13 +363,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20177: (unk) netfilter: add and use nf_hook_slow_list() CVE-2021-20239: (unk) net: pass a sockptr_t into ->setsockopt CVE-2021-20292: (unk) drm/ttm/nouveau: don't call tt destroy callback on alloc failure. @@ -381,6 +382,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() CVE-2021-26932: (unk) Xen/x86: don't bail early from clear_foreign_p2m_mapping() @@ -392,6 +394,11 @@ CVE-2021-28375: (unk) misc: fastrpc: restrict user apps from sending kernel RPC messages CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -410,6 +417,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -419,7 +429,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -432,20 +441,21 @@ CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl CVE-2021-3635: (unk) netfilter: nf_tables: fix flowtable list del corruption - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-3715: (unk) net_sched: cls_route: remove the right filter from hashtable CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -460,13 +470,141 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt index 5550ec0..d85e1ad 100644 --- a/data/5.4/5.4_CVEs.txt +++ b/data/5.4/5.4_CVEs.txt
@@ -449,6 +449,7 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 5.4.189 CVE-2022-1419: Fixed with 5.4.21 +CVE-2022-1462: Fix unknown CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 5.4.189 CVE-2022-1651: Fix not seen in stream @@ -460,6 +461,7 @@ CVE-2022-1786: Fix not seen in stream CVE-2022-1789: Fix not seen in stream CVE-2022-1836: Fixed with 5.4.192 +CVE-2022-1882: Fix unknown CVE-2022-20008: Fixed with 5.4.181 CVE-2022-22942: Fixed with 5.4.175 CVE-2022-23036: Fixed with 5.4.184
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt index 9728ec6..ad000d1 100644 --- a/data/5.4/5.4_security.txt +++ b/data/5.4/5.4_security.txt
@@ -772,6 +772,7 @@ CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1462: (unk) CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() CVE-2022-1652: (unk) @@ -779,6 +780,7 @@ CVE-2022-1679: (unk) CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1882: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL CVE-2022-25265: (unk) CVE-2022-26878: (unk)
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt index 274929e..c4a8717 100644 --- a/data/5.5/5.5_CVEs.txt +++ b/data/5.5/5.5_CVEs.txt
@@ -23,7 +23,7 @@ CVE-2019-14897: Fixed with 5.5 CVE-2019-15239: Fix not seen in stream CVE-2019-15290: Fix unknown -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-18814: Fix not seen in stream @@ -71,7 +71,7 @@ CVE-2020-11884: Fix not seen in stream CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fix not seen in stream @@ -118,7 +118,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25639: Fix not seen in stream @@ -157,7 +156,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -189,6 +188,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8428: Fixed with 5.5 @@ -206,13 +206,14 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream +CVE-2021-0929: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20194: Fix not seen in stream CVE-2021-20226: Fix not seen in stream CVE-2021-20239: Fix not seen in stream @@ -224,6 +225,7 @@ CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26708: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream @@ -237,6 +239,11 @@ CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream CVE-2021-28691: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -256,6 +263,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -266,7 +276,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -278,20 +287,21 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fixed with 5.5.14 CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -306,13 +316,142 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4001: Fix not seen in stream +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1419: Fixed with 5.5.5 +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt index b5722f9..73f4e86 100644 --- a/data/5.5/5.5_security.txt +++ b/data/5.5/5.5_security.txt
@@ -18,6 +18,7 @@ CVEs fixed in 5.5.5: CVE-2020-8992: 9bc7647fe62823bfb6921e98ba40196706eca89a ext4: add cond_resched() to ext4_protect_reserved_inode + CVE-2022-1419: c578f31bba29d2c6a97d2ad279ae3cd261dcc786 drm/vgem: Close use-after-free race in vgem_gem_create CVEs fixed in 5.5.7: CVE-2020-0009: aa5122eaa89d875bec5f27d3be1fecd5504ca507 staging: android: ashmem: Disallow ashmem memory from being remapped @@ -91,7 +92,7 @@ CVE-2019-12456: (unk) CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-18814: (unk) apparmor: Fix use-after-free in aa_audit_rule_init @@ -123,7 +124,7 @@ CVE-2020-11884: (unk) s390/mm: fix page table upgrade vs 2ndary address mode accesses CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12464: (unk) USB: core: Fix free-while-in-use bug in the USB S-Glibrary @@ -163,7 +164,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25639: (unk) drm/nouveau: bail out of nouveau_channel_new if channel init fails @@ -199,7 +199,7 @@ CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27786: (unk) ALSA: rawmidi: Fix racy buffer resize under concurrent accesses CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -230,6 +230,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access @@ -239,13 +240,14 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK + CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20194: (unk) io_uring: don't rely on weak ->files references CVE-2021-20226: (unk) io_uring: don't rely on weak ->files references CVE-2021-20239: (unk) net: pass a sockptr_t into ->setsockopt @@ -257,6 +259,7 @@ CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26708: (unk) vsock: fix the race conditions in multi-transport support CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() @@ -270,6 +273,11 @@ CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -289,6 +297,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -299,7 +310,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -311,19 +321,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -338,13 +349,141 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4001: (unk) bpf: Fix toctou on read-only map's constant scalar tracking + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt index 5165796..02d1fcd 100644 --- a/data/5.6/5.6_CVEs.txt +++ b/data/5.6/5.6_CVEs.txt
@@ -21,7 +21,7 @@ CVE-2019-12456: Fix unknown CVE-2019-15239: Fix not seen in stream CVE-2019-15290: Fix unknown -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-18814: Fixed with 5.6.15 @@ -59,7 +59,7 @@ CVE-2020-11884: Fixed with 5.6.8 CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12464: Fixed with 5.6.8 @@ -100,7 +100,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fix not seen in stream -CVE-2020-25220: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream CVE-2020-25639: Fix not seen in stream @@ -138,7 +137,7 @@ CVE-2020-27777: Fix not seen in stream CVE-2020-27786: Fixed with 5.6.14 CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -169,6 +168,7 @@ CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8694: Fix not seen in stream @@ -179,13 +179,13 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20194: Fix not seen in stream CVE-2021-20226: Fix not seen in stream CVE-2021-20239: Fix not seen in stream @@ -196,7 +196,9 @@ CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-22600: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26708: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream @@ -210,6 +212,11 @@ CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream CVE-2021-28691: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28964: Fix not seen in stream CVE-2021-28971: Fix not seen in stream @@ -229,6 +236,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -239,7 +249,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-34981: Fix not seen in stream CVE-2021-35039: Fix not seen in stream CVE-2021-3506: Fix not seen in stream @@ -251,20 +260,21 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-3715: Fixed with 5.6 CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -281,13 +291,141 @@ CVE-2021-38208: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4001: Fix not seen in stream +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream +CVE-2021-4159: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt index b679c88..1b3cde3 100644 --- a/data/5.6/5.6_security.txt +++ b/data/5.6/5.6_security.txt
@@ -86,7 +86,7 @@ CVE-2019-12456: (unk) CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-19378: (unk) @@ -105,7 +105,7 @@ CVE-2020-11725: (unk) CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12655: (unk) xfs: add agf freeblocks verify in xfs_agf_verify @@ -139,7 +139,6 @@ CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2020-25212: (unk) nfs: Fix getxattr kernel panic and memory overflow - CVE-2020-25220: (unk) CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25639: (unk) drm/nouveau: bail out of nouveau_channel_new if channel init fails @@ -175,7 +174,7 @@ CVE-2020-27675: (unk) xen/events: avoid removing an event channel while handling it CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -204,6 +203,7 @@ CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access @@ -212,13 +212,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20194: (unk) io_uring: don't rely on weak ->files references CVE-2021-20226: (unk) io_uring: don't rely on weak ->files references CVE-2021-20239: (unk) net: pass a sockptr_t into ->setsockopt @@ -229,7 +229,9 @@ CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26708: (unk) vsock: fix the race conditions in multi-transport support CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() @@ -243,6 +245,11 @@ CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root CVE-2021-28971: (unk) perf/x86/intel: Fix a crash caused by zero PEBS status @@ -262,6 +269,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -272,7 +282,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails CVE-2021-35039: (unk) module: limit enabling module.sig_enforce CVE-2021-3506: (unk) f2fs: fix to avoid out-of-bounds memory access @@ -284,19 +293,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -313,13 +323,141 @@ CVE-2021-38208: (unk) nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4001: (unk) bpf: Fix toctou on read-only map's constant scalar tracking + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + CVE-2021-4159: (unk) bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0812: (unk) xprtrdma: fix incorrect header size calculations + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt index f8062ad..bf2fdb5 100644 --- a/data/5.7/5.7_CVEs.txt +++ b/data/5.7/5.7_CVEs.txt
@@ -21,7 +21,7 @@ CVE-2019-12456: Fix unknown CVE-2019-15239: Fix not seen in stream CVE-2019-15290: Fix unknown -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-19378: Fix unknown @@ -47,7 +47,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12351: Fix not seen in stream CVE-2020-12352: Fix not seen in stream -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12656: Fixed with 5.7.13 @@ -81,7 +81,6 @@ CVE-2020-24588: Fix not seen in stream CVE-2020-25211: Fix not seen in stream CVE-2020-25212: Fixed with 5.7.17 -CVE-2020-25220: Fix not seen in stream CVE-2020-25221: Fix not seen in stream CVE-2020-25284: Fix not seen in stream CVE-2020-25285: Fix not seen in stream @@ -119,7 +118,7 @@ CVE-2020-27675: Fix not seen in stream CVE-2020-27777: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -149,6 +148,7 @@ CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fixed with 5.7.15 CVE-2020-36387: Fixed with 5.7.16 +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8694: Fix not seen in stream @@ -158,13 +158,13 @@ CVE-2021-0448: Fix not seen in stream CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fix not seen in stream CVE-2021-20194: Fix not seen in stream CVE-2021-20226: Fix not seen in stream CVE-2021-20239: Fix not seen in stream @@ -176,7 +176,9 @@ CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-22600: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26708: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream @@ -190,6 +192,11 @@ CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream CVE-2021-28691: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28952: Fix not seen in stream CVE-2021-28964: Fix not seen in stream @@ -211,6 +218,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -221,7 +231,6 @@ CVE-2021-34556: Fix not seen in stream CVE-2021-34693: Fix not seen in stream CVE-2021-3483: Fix not seen in stream -CVE-2021-34866: Fix not seen in stream CVE-2021-3490: Fix not seen in stream CVE-2021-3491: Fix not seen in stream CVE-2021-34981: Fix not seen in stream @@ -235,19 +244,20 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -265,13 +275,143 @@ CVE-2021-38209: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4001: Fix not seen in stream +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4218: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45402: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2021-46283: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0516: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0812: Fixed with 5.7.10 +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt index a6c421a..ecf3ae8 100644 --- a/data/5.7/5.7_security.txt +++ b/data/5.7/5.7_security.txt
@@ -35,6 +35,7 @@ CVE-2020-10781: 8fd782b2376168717dddfbcae0786b47e61777bb Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" CVE-2020-14356: 26d0bcfcf7150bc7c115f2d3f2f1459e64029b98 cgroup: fix cgroup_sk_alloc() for sk_clone_lock() CVE-2020-15852: 3bbf8195e79707268f4fd072d7575ced0207e4ef x86/ioperm: Fix io bitmap invalidation on Xen PV + CVE-2022-0812: fe3b01c6588829a4a5d89e4b6d4254087aa40f20 xprtrdma: fix incorrect header size calculations CVEs fixed in 5.7.11: CVE-2020-15437: eb710a1ac0b2c5d46917563b78ebef429b0e8738 serial: 8250: fix null-ptr-deref in serial8250_start_tx() @@ -90,7 +91,7 @@ CVE-2019-12456: (unk) CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-19378: (unk) @@ -105,7 +106,7 @@ CVE-2020-11725: (unk) CVE-2020-12351: (unk) Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel CVE-2020-12352: (unk) Bluetooth: A2MP: Fix not initializing all members - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12888: (unk) vfio-pci: Invalidate mmaps and block MMIO access on disabled memory @@ -124,7 +125,6 @@ CVE-2020-24587: (unk) mac80211: prevent mixed key and fragment cache attacks CVE-2020-24588: (unk) cfg80211: mitigate A-MSDU aggregation attacks CVE-2020-25211: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum - CVE-2020-25220: (unk) CVE-2020-25221: (unk) mm: fix pin vs. gup mismatch with gate pages CVE-2020-25284: (unk) rbd: require global CAP_SYS_ADMIN for mapping and unmapping CVE-2020-25285: (unk) mm/hugetlb: fix a race between hugetlb sysctl handlers @@ -161,7 +161,7 @@ CVE-2020-27675: (unk) xen/events: avoid removing an event channel while handling it CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -185,6 +185,7 @@ CVE-2020-36312: (unk) KVM: fix memory leak in kvm_io_bus_unregister_dev() CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access @@ -193,13 +194,13 @@ CVE-2021-0448: (unk) netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0512: (unk) HID: make arrays usage and value to be the same CVE-2021-0605: (unk) af_key: pfkey_dump needs parameter validation - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) + CVE-2021-1048: (unk) fix regression in "epoll: Keep a reference on files added to the check list" CVE-2021-20194: (unk) io_uring: don't rely on weak ->files references CVE-2021-20226: (unk) io_uring: don't rely on weak ->files references CVE-2021-20239: (unk) net: pass a sockptr_t into ->setsockopt @@ -210,7 +211,9 @@ CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26708: (unk) vsock: fix the race conditions in multi-transport support CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() @@ -224,6 +227,11 @@ CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28952: (unk) ASoC: qcom: sdm845: Fix array out of bounds access CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root @@ -245,6 +253,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -255,7 +266,6 @@ CVE-2021-34556: (unk) bpf: Introduce BPF nospec instruction for mitigating Spectre v4 CVE-2021-34693: (unk) can: bcm: fix infoleak in struct bcm_msg_head CVE-2021-3483: (unk) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - CVE-2021-34866: (unk) bpf: Fix ringbuf helper function compatibility CVE-2021-3490: (unk) bpf: Fix alu32 const subreg bound tracking on bitwise operations CVE-2021-3491: (unk) io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers CVE-2021-34981: (unk) Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails @@ -269,19 +279,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -299,13 +310,142 @@ CVE-2021-38209: (unk) netfilter: conntrack: Make global sysctls readonly in non-init netns CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39634: (unk) epoll: do not insert into poll queues until all sanity checks are done + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4001: (unk) bpf: Fix toctou on read-only map's constant scalar tracking + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4218: (unk) sysctl: pass kernel pointers to ->proc_handler CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45402: (unk) bpf: Fix signed bounds propagation after mov32 + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2021-46283: (unk) netfilter: nf_tables: initialize set before expression setup + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0516: (unk) KVM: s390: Return error on SIDA memop on normal guest + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt index 4ebd308..24fccda 100644 --- a/data/5.8/5.8_CVEs.txt +++ b/data/5.8/5.8_CVEs.txt
@@ -21,7 +21,7 @@ CVE-2019-12456: Fix unknown CVE-2019-15239: Fix not seen in stream CVE-2019-15290: Fix unknown -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-19378: Fix unknown @@ -38,7 +38,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12351: Fixed with 5.8.16 CVE-2020-12352: Fixed with 5.8.16 -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12912: Fix not seen in stream @@ -99,7 +99,7 @@ CVE-2020-27675: Fix not seen in stream CVE-2020-27777: Fix not seen in stream CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fix not seen in stream CVE-2020-27830: Fix not seen in stream CVE-2020-27835: Fix not seen in stream @@ -125,6 +125,7 @@ CVE-2020-36385: Fix not seen in stream CVE-2020-36386: Fixed with 5.8.1 CVE-2020-36387: Fixed with 5.8.2 +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fix not seen in stream CVE-2020-8694: Fix not seen in stream @@ -133,13 +134,13 @@ CVE-2021-0448: Fixed with 5.8.13 CVE-2021-0512: Fix not seen in stream CVE-2021-0605: Fixed with 5.8 -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fix not seen in stream CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown +CVE-2021-1048: Fixed with 5.8.8 CVE-2021-20194: Fixed with 5.8.18 CVE-2021-20226: Fixed with 5.8.18 CVE-2021-20239: Fix not seen in stream @@ -151,7 +152,9 @@ CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-22600: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26708: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream @@ -165,6 +168,11 @@ CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream CVE-2021-28691: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28952: Fix not seen in stream CVE-2021-28964: Fix not seen in stream @@ -187,6 +195,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -212,19 +223,20 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -242,13 +254,143 @@ CVE-2021-38209: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39634: Fixed with 5.8.14 +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4001: Fix not seen in stream +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4204: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45402: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2021-46283: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0516: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0847: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt index 4a69bf9..4b376db 100644 --- a/data/5.8/5.8_security.txt +++ b/data/5.8/5.8_security.txt
@@ -35,6 +35,7 @@ CVE-2020-14386: 03ca1f09ab1ff47a24777c13f9bd161394122f41 net/packet: fix overflow in tpacket_rcv CVE-2020-25285: 951e290ad85b8dfa54f8908fb680068655748d61 mm/hugetlb: fix a race between hugetlb sysctl handlers CVE-2020-25641: b7df98a8b7b8abce596e9696d5c3183fc4c0019d block: allow for_each_bvec to support zero len bvec + CVE-2021-1048: 41e233bd64127d95ba4c3fbca69dd790e02c0517 fix regression in "epoll: Keep a reference on files added to the check list" CVEs fixed in 5.8.10: CVE-2020-14390: 245a228891e3627e47921db1ec1b6612f118158b fbcon: remove soft scrollback code @@ -50,6 +51,9 @@ CVE-2020-25211: 24c4f2ae019bfcd2a82783e07c2894a519eb1050 netfilter: ctnetlink: add a range check for l3/l4 protonum CVE-2021-0448: 24c4f2ae019bfcd2a82783e07c2894a519eb1050 netfilter: ctnetlink: add a range check for l3/l4 protonum +CVEs fixed in 5.8.14: + CVE-2021-39634: bdb43b31e65d418008a7f6718bbd2ca5ee04669a epoll: do not insert into poll queues until all sanity checks are done + CVEs fixed in 5.8.15: CVE-2020-27194: fc5b5ae8ac3cf955bebd0c219a93219bf9c3f4a2 bpf: Fix scalar32_min_max_or bounds tracking CVE-2020-28915: e57db2fee8b123b180b7829e1edf17311877b86b fbcon: Fix global-out-of-bounds read in fbcon_get_font() @@ -93,7 +97,7 @@ CVE-2019-12456: (unk) CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-19378: (unk) @@ -103,7 +107,7 @@ CVE-2020-0347: (unk) CVE-2020-10708: (unk) CVE-2020-11725: (unk) - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12912: (unk) hwmon: (amd_energy) modify the visibility of the counters @@ -144,7 +148,7 @@ CVE-2020-27675: (unk) xen/events: avoid removing an event channel while handling it CVE-2020-27777: (unk) powerpc/rtas: Restrict RTAS requests from userspace CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-27825: (unk) tracing: Fix race in trace_open and buffer resize call CVE-2020-27830: (unk) speakup: Reject setting the speakup line discipline outside of speakup CVE-2020-27835: (unk) IB/hfi1: Ensure correct mm is used at all times @@ -163,19 +167,19 @@ CVE-2020-36311: (unk) KVM: SVM: Periodically schedule when unregistering regions on destroy CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry CVE-2020-8694: (unk) powercap: restrict energy meter to root access CVE-2021-0129: (unk) Bluetooth: SMP: Fail if remote and local public keys are identical CVE-2021-0399: (unk) CVE-2021-0512: (unk) HID: make arrays usage and value to be the same - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0938: (unk) compiler.h: fix barrier_data() on clang CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) CVE-2021-20239: (unk) net: pass a sockptr_t into ->setsockopt CVE-2021-20268: (unk) bpf: Fix signed_{sub,add32}_overflows type handling CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions @@ -184,7 +188,9 @@ CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26708: (unk) vsock: fix the race conditions in multi-transport support CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() @@ -198,6 +204,11 @@ CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28952: (unk) ASoC: qcom: sdm845: Fix array out of bounds access CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root @@ -220,6 +231,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -244,19 +258,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -274,13 +289,142 @@ CVE-2021-38209: (unk) netfilter: conntrack: Make global sysctls readonly in non-init netns CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4001: (unk) bpf: Fix toctou on read-only map's constant scalar tracking + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4204: (unk) bpf: Generalize check_ctx_reg for reuse with other types CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45402: (unk) bpf: Fix signed bounds propagation after mov32 + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2021-46283: (unk) netfilter: nf_tables: initialize set before expression setup + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0516: (unk) KVM: s390: Return error on SIDA memop on normal guest + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt index 6e0aacb..9fa14f0 100644 --- a/data/5.9/5.9_CVEs.txt +++ b/data/5.9/5.9_CVEs.txt
@@ -21,7 +21,7 @@ CVE-2019-12456: Fix unknown CVE-2019-15239: Fix not seen in stream CVE-2019-15290: Fix unknown -CVE-2019-15794: Fix unknown +CVE-2019-15794: Fix not seen in stream CVE-2019-15902: Fix not seen in stream CVE-2019-16089: Fix unknown CVE-2019-19378: Fix unknown @@ -34,7 +34,7 @@ CVE-2020-11725: Fix unknown CVE-2020-12351: Fixed with 5.9.1 CVE-2020-12352: Fixed with 5.9.1 -CVE-2020-12362: Fix unknown +CVE-2020-12362: Fix not seen in stream CVE-2020-12363: Fix not seen in stream CVE-2020-12364: Fix not seen in stream CVE-2020-12912: Fixed with 5.9.9 @@ -79,7 +79,7 @@ CVE-2020-27675: Fixed with 5.9.5 CVE-2020-27777: Fixed with 5.9.5 CVE-2020-27815: Fix not seen in stream -CVE-2020-27820: Fix unknown +CVE-2020-27820: Fix not seen in stream CVE-2020-27825: Fixed with 5.9.5 CVE-2020-27830: Fixed with 5.9.14 CVE-2020-27835: Fixed with 5.9.12 @@ -99,19 +99,19 @@ CVE-2020-36158: Fix not seen in stream CVE-2020-36322: Fix not seen in stream CVE-2020-36385: Fix not seen in stream +CVE-2020-36516: Fix unknown CVE-2020-3702: Fix not seen in stream CVE-2020-4788: Fixed with 5.9.10 CVE-2020-8694: Fixed with 5.9.8 CVE-2021-0129: Fix not seen in stream CVE-2021-0399: Fix unknown CVE-2021-0512: Fix not seen in stream -CVE-2021-0606: Fix unknown CVE-2021-0695: Fix unknown -CVE-2021-0936: Fix unknown +CVE-2021-0707: Fix not seen in stream +CVE-2021-0920: Fix not seen in stream CVE-2021-0937: Fix not seen in stream CVE-2021-0938: Fixed with 5.9.15 CVE-2021-0941: Fix not seen in stream -CVE-2021-1048: Fix unknown CVE-2021-20194: Fixed with 5.9.3 CVE-2021-20226: Fixed with 5.9.3 CVE-2021-20268: Fix not seen in stream @@ -121,7 +121,9 @@ CVE-2021-21781: Fix not seen in stream CVE-2021-22543: Fix not seen in stream CVE-2021-22555: Fix not seen in stream +CVE-2021-22600: Fix not seen in stream CVE-2021-23133: Fix not seen in stream +CVE-2021-26401: Fix not seen in stream CVE-2021-26708: Fix not seen in stream CVE-2021-26930: Fix not seen in stream CVE-2021-26931: Fix not seen in stream @@ -136,6 +138,11 @@ CVE-2021-28660: Fix not seen in stream CVE-2021-28688: Fix not seen in stream CVE-2021-28691: Fix not seen in stream +CVE-2021-28711: Fix not seen in stream +CVE-2021-28712: Fix not seen in stream +CVE-2021-28713: Fix not seen in stream +CVE-2021-28714: Fix not seen in stream +CVE-2021-28715: Fix not seen in stream CVE-2021-28951: Fix not seen in stream CVE-2021-28952: Fix not seen in stream CVE-2021-28964: Fix not seen in stream @@ -158,6 +165,9 @@ CVE-2021-32399: Fix not seen in stream CVE-2021-33033: Fix not seen in stream CVE-2021-33034: Fix not seen in stream +CVE-2021-33061: Fix not seen in stream +CVE-2021-33098: Fix not seen in stream +CVE-2021-33135: Fix unknown CVE-2021-3347: Fix not seen in stream CVE-2021-3348: Fix not seen in stream CVE-2021-33624: Fix not seen in stream @@ -183,19 +193,20 @@ CVE-2021-3600: Fix not seen in stream CVE-2021-3609: Fix not seen in stream CVE-2021-3612: Fix not seen in stream -CVE-2021-3640: Fix unknown +CVE-2021-3640: Fix not seen in stream CVE-2021-3653: Fix not seen in stream CVE-2021-3655: Fix not seen in stream CVE-2021-3656: Fix not seen in stream CVE-2021-3659: Fix not seen in stream CVE-2021-3669: Fix not seen in stream CVE-2021-3679: Fix not seen in stream +CVE-2021-3714: Fix unknown CVE-2021-37159: Fix not seen in stream CVE-2021-3732: Fix not seen in stream CVE-2021-3739: Fix not seen in stream CVE-2021-3743: Fix not seen in stream CVE-2021-3744: Fix not seen in stream -CVE-2021-3752: Fix unknown +CVE-2021-3752: Fix not seen in stream CVE-2021-3753: Fix not seen in stream CVE-2021-37576: Fix not seen in stream CVE-2021-3759: Fix not seen in stream @@ -214,13 +225,143 @@ CVE-2021-38209: Fix not seen in stream CVE-2021-38300: Fix not seen in stream CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown CVE-2021-3892: Fix unknown +CVE-2021-3894: Fix not seen in stream CVE-2021-3896: Fix not seen in stream +CVE-2021-39633: Fix not seen in stream +CVE-2021-39648: Fix not seen in stream +CVE-2021-39656: Fix not seen in stream +CVE-2021-39657: Fix not seen in stream +CVE-2021-39685: Fix not seen in stream +CVE-2021-39686: Fix not seen in stream +CVE-2021-39698: Fix not seen in stream +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2021-39802: Fix unknown +CVE-2021-4001: Fix not seen in stream +CVE-2021-4002: Fix not seen in stream +CVE-2021-4023: Fix not seen in stream +CVE-2021-4037: Fix not seen in stream CVE-2021-40490: Fix not seen in stream +CVE-2021-4083: Fix not seen in stream +CVE-2021-4135: Fix not seen in stream +CVE-2021-4148: Fix not seen in stream +CVE-2021-4149: Fix not seen in stream +CVE-2021-4150: Fix not seen in stream +CVE-2021-4154: Fix not seen in stream +CVE-2021-4155: Fix not seen in stream +CVE-2021-4157: Fix not seen in stream CVE-2021-41864: Fix not seen in stream +CVE-2021-4197: Fix not seen in stream CVE-2021-42008: Fix not seen in stream +CVE-2021-4202: Fix not seen in stream +CVE-2021-4203: Fix not seen in stream +CVE-2021-4204: Fix not seen in stream CVE-2021-42252: Fix not seen in stream -CVE-2021-42327: Fix not seen in stream -CVE-2021-42739: Fix unknown +CVE-2021-42739: Fix not seen in stream CVE-2021-43056: Fix not seen in stream -CVE-2021-43057: Fix not seen in stream +CVE-2021-43389: Fix not seen in stream +CVE-2021-43975: Fix not seen in stream +CVE-2021-43976: Fix not seen in stream +CVE-2021-44733: Fix not seen in stream +CVE-2021-44879: Fix not seen in stream +CVE-2021-45095: Fix not seen in stream +CVE-2021-45402: Fix not seen in stream +CVE-2021-45469: Fix not seen in stream +CVE-2021-45485: Fix not seen in stream +CVE-2021-45486: Fix not seen in stream +CVE-2021-45868: Fix not seen in stream +CVE-2021-46283: Fix not seen in stream +CVE-2022-0001: Fix not seen in stream +CVE-2022-0002: Fix not seen in stream +CVE-2022-0168: Fix not seen in stream +CVE-2022-0171: Fix unknown +CVE-2022-0185: Fix not seen in stream +CVE-2022-0286: Fix not seen in stream +CVE-2022-0322: Fix not seen in stream +CVE-2022-0330: Fix not seen in stream +CVE-2022-0382: Fix not seen in stream +CVE-2022-0400: Fix unknown +CVE-2022-0435: Fix not seen in stream +CVE-2022-0480: Fix not seen in stream +CVE-2022-0487: Fix not seen in stream +CVE-2022-0492: Fix not seen in stream +CVE-2022-0494: Fix not seen in stream +CVE-2022-0500: Fix not seen in stream +CVE-2022-0516: Fix not seen in stream +CVE-2022-0617: Fix not seen in stream +CVE-2022-0644: Fix not seen in stream +CVE-2022-0742: Fix not seen in stream +CVE-2022-0847: Fix not seen in stream +CVE-2022-0850: Fix not seen in stream +CVE-2022-0854: Fix not seen in stream +CVE-2022-0995: Fix not seen in stream +CVE-2022-0998: Fix not seen in stream +CVE-2022-1011: Fix not seen in stream +CVE-2022-1012: Fix not seen in stream +CVE-2022-1015: Fix not seen in stream +CVE-2022-1016: Fix not seen in stream +CVE-2022-1043: Fix not seen in stream +CVE-2022-1048: Fix not seen in stream +CVE-2022-1055: Fix not seen in stream +CVE-2022-1116: Fix unknown +CVE-2022-1158: Fix not seen in stream +CVE-2022-1184: Fix unknown +CVE-2022-1195: Fix not seen in stream +CVE-2022-1198: Fix not seen in stream +CVE-2022-1199: Fix not seen in stream +CVE-2022-1204: Fix not seen in stream +CVE-2022-1205: Fix not seen in stream +CVE-2022-1247: Fix unknown +CVE-2022-1263: Fix not seen in stream +CVE-2022-1280: Fix not seen in stream +CVE-2022-1353: Fix not seen in stream +CVE-2022-1462: Fix unknown +CVE-2022-1508: Fix not seen in stream +CVE-2022-1516: Fix not seen in stream +CVE-2022-1651: Fix not seen in stream +CVE-2022-1652: Fix unknown +CVE-2022-1671: Fix not seen in stream +CVE-2022-1679: Fix unknown +CVE-2022-1729: Fix not seen in stream +CVE-2022-1734: Fix not seen in stream +CVE-2022-1786: Fix not seen in stream +CVE-2022-1789: Fix not seen in stream +CVE-2022-1836: Fix not seen in stream +CVE-2022-1882: Fix unknown +CVE-2022-20008: Fix not seen in stream +CVE-2022-22942: Fix not seen in stream +CVE-2022-23036: Fix not seen in stream +CVE-2022-23037: Fix not seen in stream +CVE-2022-23038: Fix not seen in stream +CVE-2022-23039: Fix not seen in stream +CVE-2022-23040: Fix not seen in stream +CVE-2022-23041: Fix not seen in stream +CVE-2022-23042: Fix not seen in stream +CVE-2022-23222: Fix not seen in stream +CVE-2022-23960: Fix not seen in stream +CVE-2022-24448: Fix not seen in stream +CVE-2022-24958: Fix not seen in stream +CVE-2022-24959: Fix not seen in stream +CVE-2022-25258: Fix not seen in stream +CVE-2022-25265: Fix unknown +CVE-2022-25375: Fix not seen in stream +CVE-2022-25636: Fix not seen in stream +CVE-2022-26490: Fix not seen in stream +CVE-2022-26878: Fix unknown +CVE-2022-26966: Fix not seen in stream +CVE-2022-27223: Fix not seen in stream +CVE-2022-27666: Fix not seen in stream +CVE-2022-27950: Fix not seen in stream +CVE-2022-28356: Fix not seen in stream +CVE-2022-28388: Fix not seen in stream +CVE-2022-28389: Fix not seen in stream +CVE-2022-28390: Fix not seen in stream +CVE-2022-28796: Fix not seen in stream +CVE-2022-28893: Fix not seen in stream +CVE-2022-29156: Fix not seen in stream +CVE-2022-29581: Fix not seen in stream +CVE-2022-29582: Fix not seen in stream +CVE-2022-29968: Fix not seen in stream +CVE-2022-30594: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt index c97df0b..35ec420 100644 --- a/data/5.9/5.9_security.txt +++ b/data/5.9/5.9_security.txt
@@ -84,7 +84,7 @@ CVE-2019-12456: (unk) CVE-2019-15239: (unk) unknown CVE-2019-15290: (unk) - CVE-2019-15794: (unk) + CVE-2019-15794: (unk) ovl: fix reference counting in ovl_mmap error path CVE-2019-15902: (unk) unknown CVE-2019-16089: (unk) CVE-2019-19378: (unk) @@ -94,7 +94,7 @@ CVE-2020-0347: (unk) CVE-2020-10708: (unk) CVE-2020-11725: (unk) - CVE-2020-12362: (unk) + CVE-2020-12362: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12363: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-12364: (unk) drm/i915/guc: Update to use firmware v49.0.1 CVE-2020-14304: (unk) @@ -127,7 +127,7 @@ CVE-2020-26559: (unk) CVE-2020-26560: (unk) CVE-2020-27815: (unk) jfs: Fix array index bounds check in dbAdjTree - CVE-2020-27820: (unk) + CVE-2020-27820: (unk) drm/nouveau: use drm_dev_unplug() during device removal CVE-2020-28374: (unk) scsi: target: Fix XCOPY NAA identifier lookup CVE-2020-29568: (unk) xen/xenbus: Allow watches discard events before queueing CVE-2020-29569: (unk) xen-blkback: set ring->xenblkd to NULL after kthread_stop() @@ -135,16 +135,16 @@ CVE-2020-36158: (unk) mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start CVE-2020-36322: (unk) fuse: fix bad inode CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy + CVE-2020-36516: (unk) CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries CVE-2021-0129: (unk) Bluetooth: SMP: Fail if remote and local public keys are identical CVE-2021-0399: (unk) CVE-2021-0512: (unk) HID: make arrays usage and value to be the same - CVE-2021-0606: (unk) CVE-2021-0695: (unk) - CVE-2021-0936: (unk) + CVE-2021-0707: (unk) dmabuf: fix use-after-free of dmabuf's file->f_inode + CVE-2021-0920: (unk) af_unix: fix garbage collect vs MSG_PEEK CVE-2021-0937: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write CVE-2021-0941: (unk) bpf: Remove MTU check in __bpf_skb_max_len - CVE-2021-1048: (unk) CVE-2021-20268: (unk) bpf: Fix signed_{sub,add32}_overflows type handling CVE-2021-20320: (unk) s390/bpf: Fix optimizing out zero-extensions CVE-2021-20321: (unk) ovl: fix missing negative dentry check in ovl_rename() @@ -152,7 +152,9 @@ CVE-2021-21781: (unk) ARM: ensure the signal page contains defined contents CVE-2021-22543: (unk) KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22555: (unk) netfilter: x_tables: fix compat match/target pad out-of-bound write + CVE-2021-22600: (unk) net/packet: rx_owner_map depends on pg_vec CVE-2021-23133: (unk) net/sctp: fix race condition in sctp_destroy_sock + CVE-2021-26401: (unk) x86/speculation: Use generic retpoline by default on AMD CVE-2021-26708: (unk) vsock: fix the race conditions in multi-transport support CVE-2021-26930: (unk) xen-blkback: fix error handling in xen_blkbk_map() CVE-2021-26931: (unk) xen-blkback: don't "handle" error by BUG() @@ -167,6 +169,11 @@ CVE-2021-28660: (unk) staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() CVE-2021-28688: (unk) xen-blkback: don't leak persistent grants from xen_blkbk_map() CVE-2021-28691: (unk) xen-netback: take a reference to the RX task thread + CVE-2021-28711: (unk) xen/blkfront: harden blkfront against event channel storms + CVE-2021-28712: (unk) xen/netfront: harden netfront against event channel storms + CVE-2021-28713: (unk) xen/console: harden hvc_xen against event channel storms + CVE-2021-28714: (unk) xen/netback: fix rx queue stall detection + CVE-2021-28715: (unk) xen/netback: don't queue unlimited number of packages CVE-2021-28951: (unk) io_uring: ensure that SQPOLL thread is started for exit CVE-2021-28952: (unk) ASoC: qcom: sdm845: Fix array out of bounds access CVE-2021-28964: (unk) btrfs: fix race when cloning extent buffer during rewind of an old root @@ -189,6 +196,9 @@ CVE-2021-32399: (unk) bluetooth: eliminate the potential race condition when removing the HCI controller CVE-2021-33033: (unk) cipso,calipso: resolve a number of problems with the DOI refcounts CVE-2021-33034: (unk) Bluetooth: verify AMP hci_chan before amp_destroy + CVE-2021-33061: (unk) ixgbe: add improvement for MDD response functionality + CVE-2021-33098: (unk) ixgbe: fix large MTU request from VF + CVE-2021-33135: (unk) CVE-2021-3347: (unk) futex: Ensure the correct return value from futex_lock_pi() CVE-2021-3348: (unk) nbd: freeze the queue while we're adding connections CVE-2021-33624: (unk) bpf: Inherit expanded/patched seen count from old aux data @@ -213,19 +223,20 @@ CVE-2021-3600: (unk) bpf: Fix 32 bit src register truncation on div/mod CVE-2021-3609: (unk) can: bcm: delay release of struct bcm_op after synchronize_rcu() CVE-2021-3612: (unk) Input: joydev - prevent potential read overflow in ioctl - CVE-2021-3640: (unk) + CVE-2021-3640: (unk) Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() CVE-2021-3653: (unk) KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) CVE-2021-3655: (unk) sctp: validate from_addr_param return CVE-2021-3656: (unk) KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) CVE-2021-3659: (unk) net: mac802154: Fix general protection fault CVE-2021-3669: (unk) ipc: replace costly bailout check in sysvipc_find_ipc() CVE-2021-3679: (unk) tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + CVE-2021-3714: (unk) CVE-2021-37159: (unk) usb: hso: fix error handling code of hso_create_net_device CVE-2021-3732: (unk) ovl: prevent private clone if bind mount is not allowed CVE-2021-3739: (unk) btrfs: fix NULL pointer dereference when deleting device by invalid id CVE-2021-3743: (unk) net: qrtr: fix OOB Read in qrtr_endpoint_post CVE-2021-3744: (unk) crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - CVE-2021-3752: (unk) + CVE-2021-3752: (unk) Bluetooth: fix use-after-free error in lock_sock_nested() CVE-2021-3753: (unk) vt_kdsetmode: extend console locking CVE-2021-37576: (unk) KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow CVE-2021-3759: (unk) memcg: enable accounting of ipc resources @@ -244,13 +255,143 @@ CVE-2021-38209: (unk) netfilter: conntrack: Make global sysctls readonly in non-init netns CVE-2021-38300: (unk) bpf, mips: Validate conditional branch offsets CVE-2021-3847: (unk) + CVE-2021-3864: (unk) CVE-2021-3892: (unk) + CVE-2021-3894: (unk) sctp: account stream padding length for reconf chunk CVE-2021-3896: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-39633: (unk) ip_gre: add validation for csum_start + CVE-2021-39648: (unk) usb: gadget: configfs: Fix use-after-free issue with udc_name + CVE-2021-39656: (unk) configfs: fix a use-after-free in __configfs_open_file + CVE-2021-39657: (unk) scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback + CVE-2021-39685: (unk) USB: gadget: detect too-big endpoint 0 requests + CVE-2021-39686: (unk) binder: use euid from cred instead of using task + CVE-2021-39698: (unk) wait: add wake_up_pollfree() + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2021-39802: (unk) + CVE-2021-4001: (unk) bpf: Fix toctou on read-only map's constant scalar tracking + CVE-2021-4002: (unk) hugetlbfs: flush TLBs correctly after huge_pmd_unshare + CVE-2021-4023: (unk) io-wq: fix cancellation on create-worker failure + CVE-2021-4037: (unk) xfs: fix up non-directory creation in SGID directories CVE-2021-40490: (unk) ext4: fix race writing to an inline_data file while its xattrs are changing + CVE-2021-4083: (unk) fget: check that the fd still exists after getting a ref to it + CVE-2021-4135: (unk) netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc + CVE-2021-4148: (unk) mm: khugepaged: skip huge page collapse for special files + CVE-2021-4149: (unk) btrfs: unlock newly allocated extent buffer after error + CVE-2021-4150: (unk) block: fix incorrect references to disk objects + CVE-2021-4154: (unk) cgroup: verify that source is a string + CVE-2021-4155: (unk) xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate + CVE-2021-4157: (unk) pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() CVE-2021-41864: (unk) bpf: Fix integer overflow in prealloc_elems_and_freelist() + CVE-2021-4197: (unk) cgroup: Use open-time credentials for process migraton perm checks CVE-2021-42008: (unk) net: 6pack: fix slab-out-of-bounds in decode_data + CVE-2021-4202: (unk) NFC: reorganize the functions in nci_request + CVE-2021-4203: (unk) af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + CVE-2021-4204: (unk) bpf: Generalize check_ctx_reg for reuse with other types CVE-2021-42252: (unk) soc: aspeed: lpc-ctrl: Fix boundary check for mmap - CVE-2021-42327: (unk) drm/amdgpu: fix out of bounds write - CVE-2021-42739: (unk) + CVE-2021-42739: (unk) media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() CVE-2021-43056: (unk) KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest - CVE-2021-43057: (unk) selinux,smack: fix subjective/objective credential use mixups + CVE-2021-43389: (unk) isdn: cpai: check ctr->cnr to avoid array index out of bound + CVE-2021-43975: (unk) atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + CVE-2021-43976: (unk) mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + CVE-2021-44733: (unk) tee: handle lookup of shm with reference count 0 + CVE-2021-44879: (unk) f2fs: fix to do sanity check on inode type during garbage collection + CVE-2021-45095: (unk) phonet: refcount leak in pep_sock_accep + CVE-2021-45402: (unk) bpf: Fix signed bounds propagation after mov32 + CVE-2021-45469: (unk) f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + CVE-2021-45485: (unk) ipv6: use prandom_u32() for ID generation + CVE-2021-45486: (unk) inet: use bigger hash table for IP ID generation + CVE-2021-45868: (unk) quota: check block number when reading the block in quota file + CVE-2021-46283: (unk) netfilter: nf_tables: initialize set before expression setup + CVE-2022-0001: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0002: (unk) x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + CVE-2022-0168: (unk) cifs: fix NULL ptr dereference in smb2_ioctl_query_info() + CVE-2022-0171: (unk) + CVE-2022-0185: (unk) vfs: fs_context: fix up param length parsing in legacy_parse_param + CVE-2022-0286: (unk) bonding: fix null dereference in bond_ipsec_add_sa() + CVE-2022-0322: (unk) sctp: account stream padding length for reconf chunk + CVE-2022-0330: (unk) drm/i915: Flush TLBs before releasing backing store + CVE-2022-0382: (unk) net ticp:fix a kernel-infoleak in __tipc_sendmsg() + CVE-2022-0400: (unk) + CVE-2022-0435: (unk) tipc: improve size validations for received domain records + CVE-2022-0480: (unk) memcg: enable accounting for file lock caches + CVE-2022-0487: (unk) moxart: fix potential use-after-free on remove path + CVE-2022-0492: (unk) cgroup-v1: Require capabilities to set release_agent + CVE-2022-0494: (unk) block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern + CVE-2022-0500: (unk) bpf: Introduce MEM_RDONLY flag + CVE-2022-0516: (unk) KVM: s390: Return error on SIDA memop on normal guest + CVE-2022-0617: (unk) udf: Fix NULL ptr deref when converting from inline format + CVE-2022-0644: (unk) vfs: check fd has read access in kernel_read_file_from_fd() + CVE-2022-0742: (unk) ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report() + CVE-2022-0847: (unk) lib/iov_iter: initialize "flags" in new pipe_buffer + CVE-2022-0850: (unk) ext4: fix kernel infoleak via ext4_extent_header + CVE-2022-0854: (unk) swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + CVE-2022-0995: (unk) watch_queue: Fix filter limit check + CVE-2022-0998: (unk) vdpa: clean up get_config_size ret value handling + CVE-2022-1011: (unk) fuse: fix pipe buffer lifetime for direct_io + CVE-2022-1012: (unk) secure_seq: use the 64 bits of the siphash for port offset calculation + CVE-2022-1015: (unk) netfilter: nf_tables: validate registers coming from userspace. + CVE-2022-1016: (unk) netfilter: nf_tables: initialize registers in nft_do_chain() + CVE-2022-1043: (unk) io_uring: fix xa_alloc_cycle() error return value check + CVE-2022-1048: (unk) ALSA: pcm: Fix races among concurrent hw_params and hw_free calls + CVE-2022-1055: (unk) net: sched: fix use-after-free in tc_new_tfilter() + CVE-2022-1116: (unk) + CVE-2022-1158: (unk) KVM: x86/mmu: do compare-and-exchange of gPTE via the user address + CVE-2022-1184: (unk) + CVE-2022-1195: (unk) hamradio: improve the incomplete fix to avoid NPD + CVE-2022-1198: (unk) drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() + CVE-2022-1199: (unk) ax25: Fix NULL pointer dereference in ax25_kill_by_device + CVE-2022-1204: (unk) ax25: Fix refcount leaks caused by ax25_cb_del() + CVE-2022-1205: (unk) ax25: Fix NULL pointer dereferences in ax25 timers + CVE-2022-1247: (unk) + CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push + CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector + CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register + CVE-2022-1462: (unk) + CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters + CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect + CVE-2022-1651: (unk) virt: acrn: fix a memory leak in acrn_dev_ioctl() + CVE-2022-1652: (unk) + CVE-2022-1671: (unk) rxrpc: fix some null-ptr-deref bugs in server_key.c + CVE-2022-1679: (unk) + CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self + CVE-2022-1734: (unk) nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs + CVE-2022-1786: (unk) io_uring: remove io_identity + CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID + CVE-2022-1836: (unk) floppy: disable FDRAWCMD by default + CVE-2022-1882: (unk) + CVE-2022-20008: (unk) mmc: block: fix read single on recovery logic + CVE-2022-22942: (unk) drm/vmwgfx: Fix stale file descriptors on failed usercopy + CVE-2022-23036: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23037: (unk) xen/netfront: don't use gnttab_query_foreign_access() for mapped status + CVE-2022-23038: (unk) xen/grant-table: add gnttab_try_end_foreign_access() + CVE-2022-23039: (unk) xen/gntalloc: don't use gnttab_query_foreign_access() + CVE-2022-23040: (unk) xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + CVE-2022-23041: (unk) xen/9p: use alloc/free_pages_exact() + CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL + CVE-2022-23960: (unk) ARM: report Spectre v2 status through sysfs + CVE-2022-24448: (unk) NFSv4: Handle case where the lookup of a directory fails + CVE-2022-24958: (unk) usb: gadget: don't release an existing dev->buf + CVE-2022-24959: (unk) yam: fix a memory leak in yam_siocdevprivate() + CVE-2022-25258: (unk) USB: gadget: validate interface OS descriptor requests + CVE-2022-25265: (unk) + CVE-2022-25375: (unk) usb: gadget: rndis: check size of RNDIS_MSG_SET command + CVE-2022-25636: (unk) netfilter: nf_tables_offload: incorrect flow offload action array size + CVE-2022-26490: (unk) nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + CVE-2022-26878: (unk) + CVE-2022-26966: (unk) sr9700: sanity check for packet length + CVE-2022-27223: (unk) USB: gadget: validate endpoint index for xilinx udc + CVE-2022-27666: (unk) esp: Fix possible buffer overflow in ESP transformation + CVE-2022-27950: (unk) HID: elo: fix memory leak in elo_probe + CVE-2022-28356: (unk) llc: fix netdevice reference leaks in llc_ui_bind() + CVE-2022-28388: (unk) can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28389: (unk) can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path + CVE-2022-28390: (unk) can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path + CVE-2022-28796: (unk) jbd2: fix use-after-free of transaction_t race + CVE-2022-28893: (unk) SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-29156: (unk) RDMA/rtrs-clt: Fix possible double free in error case + CVE-2022-29581: (unk) net/sched: cls_u32: fix netns refcount changes in u32_change() + CVE-2022-29582: (unk) io_uring: fix race between timeout flush and removal + CVE-2022-29968: (unk) io_uring: fix uninitialized field in rw io_kiocb + CVE-2022-30594: (unk) ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
diff --git a/data/CVEs.txt b/data/CVEs.txt index bf10660..71efdd5 100644 --- a/data/CVEs.txt +++ b/data/CVEs.txt
@@ -2001,6 +2001,7 @@ CVE-2022-1280: (n/a) - 869e76f7a918f010bd4518d58886969b1f642a04 (unk to v5.15-rc1) CVE-2022-1353: (n/a) - 9a564bccb78a76740ea9d75a259942df8143d02c (unk to v5.17) CVE-2022-1419: (n/a) - 4b848f20eda5974020f043ca14bacf7a7e634fc8 (unk to v5.6-rc2) +CVE-2022-1462: (n/a) - (n/a) (unk to unk) CVE-2022-1508: (n/a) - 89c2b3b74918200e46699338d7bcc19b1ea12110 (unk to v5.15-rc1) CVE-2022-1516: (n/a) - 7781607938c8371d4c2b243527430241c62e39c2 (unk to v5.18-rc1) CVE-2022-1651: (n/a) - ecd1735f14d6ac868ae5d8b7a2bf193fa11f388b (unk to v5.18-rc1) @@ -2013,6 +2014,7 @@ CVE-2022-1786: (n/a) - 4379bf8bd70b5de6bba7d53015b0c36c57a634ee (unk to v5.12-rc1-dontuse) CVE-2022-1789: (n/a) - 9f46c187e2e680ecd9de7983e4d081c3391acc76 (unk to v5.18) CVE-2022-1836: (n/a) - 233087ca063686964a53c829d547c7571e3f67bf (unk to v5.18-rc5) +CVE-2022-1882: (n/a) - (n/a) (unk to unk) CVE-2022-20008: (n/a) - 54309fde1a352ad2674ebba004a79f7d20b9f037 (unk to v5.17-rc5) CVE-2022-22942: c906965dee22d5e95d0651759ba107b420212a9f - a0f90c8815706981c483a652a6aefca51a5e191c (v4.14-rc1 to v5.17-rc2) CVE-2022-23036: (n/a) - 6b1775f26a2da2b05a6dc8ec2b5d14e9a4701a1a (unk to v5.17-rc8)
diff --git a/data/kernel_cves.json b/data/kernel_cves.json index b5d3bf2..053fef8 100644 --- a/data/kernel_cves.json +++ b/data/kernel_cves.json
@@ -60951,8 +60951,8 @@ }, "cwe": "Use After Free", "fixes": "77f4689de17c0887775bb77896f4cc11a39bf848", - "last_affected_version": "5.4.63", - "last_modified": "2021-12-21", + "last_affected_version": "5.8.7", + "last_modified": "2022-05-30", "nvd_text": "In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2021-1048", @@ -66401,8 +66401,8 @@ }, "cwe": "Use After Free", "fixes": "f8d4f44df056c5b504b0d49683fb7279218fd207", - "last_affected_version": "5.4.69", - "last_modified": "2022-01-26", + "last_affected_version": "5.8.13", + "last_modified": "2022-05-30", "nvd_text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2021-39634", @@ -69428,8 +69428,8 @@ "breaks": "", "cmt_msg": "xprtrdma: fix incorrect header size calculations", "fixes": "912288442cb2f431bf3c8cb097a5de83bc6dbac1", - "last_affected_version": "5.4.52", - "last_modified": "2022-04-28", + "last_affected_version": "5.7.9", + "last_modified": "2022-05-30", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-0812", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-0812", @@ -70109,8 +70109,8 @@ "breaks": "", "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create", "fixes": "4b848f20eda5974020f043ca14bacf7a7e634fc8", - "last_affected_version": "5.4.20", - "last_modified": "2022-05-12", + "last_affected_version": "5.5.4", + "last_modified": "2022-05-31", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1419", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-1419", @@ -70120,6 +70120,20 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2022-1419" } }, + "CVE-2022-1462": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2022-05-31", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1462", + "ExploitDB": "https://www.exploit-db.com/search?cve=2022-1462", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-1462", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-1462", + "SUSE": "https://www.suse.com/security/cve/CVE-2022-1462", + "Ubuntu": "https://ubuntu.com/security/CVE-2022-1462" + } + }, "CVE-2022-1508": { "affected_versions": "unk to v5.15-rc1", "breaks": "", @@ -70354,6 +70368,21 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2022-1836" } }, + "CVE-2022-1882": { + "affected_versions": "unk to unk", + "breaks": "", + "fixes": "", + "last_modified": "2022-05-31", + "nvd_text": "A flaw use after free in the Linux kernel pipes functionality was found in the way user do some manipulations with pipe ex. with the post_one_notification() after free_pipe_info() already called. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1882", + "ExploitDB": "https://www.exploit-db.com/search?cve=2022-1882", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-1882", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-1882", + "SUSE": "https://www.suse.com/security/cve/CVE-2022-1882", + "Ubuntu": "https://ubuntu.com/security/CVE-2022-1882" + } + }, "CVE-2022-20008": { "affected_versions": "unk to v5.17-rc5", "breaks": "",
diff --git a/data/stream_data.json b/data/stream_data.json index ea3447d..01046c3 100644 --- a/data/stream_data.json +++ b/data/stream_data.json
@@ -1,4 +1,47679 @@ { + "3.18": { + "3.18.1": { + "CVE-2014-8559": { + "cmt_msg": "move d_rcu from overlapping d_child to overlapping d_alias", + "cmt_id": "679829c2e50332832c2e85b12ec851a423ad9892" + } + }, + "3.18.2": { + "CVE-2014-9419": { + "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES", + "cmt_id": "a1f3f3d87a0bd360dfbb9642dffadcc8e2f1de3a" + }, + "CVE-2014-9584": { + "cmt_msg": "isofs: Fix unchecked printing of ER records", + "cmt_id": "9c0f8266e97ab401365e8b7fbe1cf9a76541633e" + }, + "CVE-2014-9420": { + "cmt_msg": "isofs: Fix infinite looping over CE entries", + "cmt_id": "b6d20edb6e7cedb4eedb9e0193d20dd488ebae84" + }, + "CVE-2014-8989": { + "cmt_msg": "userns: Don't allow setgroups until a gid mapping has been setablished", + "cmt_id": "d5c3ebc43923644c61155b6b71f9b1a36d570343" + }, + "CVE-2014-9683": { + "cmt_msg": "eCryptfs: Remove buggy and unnecessary write in file name decode routine", + "cmt_id": "d7fad547c36925f69c67fd19a97731d3d38706a2" + }, + "CVE-2014-8133": { + "cmt_msg": "x86/tls: Validate TLS entries to protect espfix", + "cmt_id": "b9372b87cda18d4b75d0fc5f426f3743b507de05" + }, + "CVE-2014-8134": { + "cmt_msg": "x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit", + "cmt_id": "ead468da1150996a29e6c565db3c5cad79e5e4b1" + }, + "CVE-2014-9728": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "a6a4afa5c41f299404424cc55fa26611751bf38d" + }, + "CVE-2014-9731": { + "cmt_msg": "udf: Check path length when reading symlink", + "cmt_id": "1a927faa55b967fdc6f8fcb2a8bc9870ee7c0d98" + }, + "CVE-2014-9730": { + "cmt_msg": "udf: Check component length before reading it", + "cmt_id": "41ba2abbb3ce394c208fe509438a4691d588ad94" + }, + "CVE-2014-9729": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "a6a4afa5c41f299404424cc55fa26611751bf38d" + } + }, + "3.18.3": { + "CVE-2014-9585": { + "cmt_msg": "x86_64, vdso: Fix the vdso address randomization algorithm", + "cmt_id": "ef44baf660f89050cb80b3ec48cedf4ffae89162" + } + }, + "3.18.4": { + "CVE-2014-9428": { + "cmt_msg": "batman-adv: Calculate extra tail size based on queued fragments", + "cmt_id": "53fd27c1a28d8e974e800a75abc15382dc51f205" + } + }, + "3.18.5": { + "CVE-2014-9644": { + "cmt_msg": "crypto: include crypto- module prefix in template", + "cmt_id": "acc5ccb9fe1c1d3840d49e181ae30b924cfc28b5" + }, + "CVE-2013-7421": { + "cmt_msg": "crypto: prefix module autoloading with \"crypto-\"", + "cmt_id": "f2efa8653bb59eeaa47036222bf4dd9acc83aabf" + }, + "CVE-2014-9529": { + "cmt_msg": "KEYS: close race between key lookup and freeing", + "cmt_id": "8326fa8ec22f770a900bfe869e7ced22fd42f3e8" + }, + "CVE-2015-1573": { + "cmt_msg": "netfilter: nf_tables: fix flush ruleset chain dependencies", + "cmt_id": "436322eeda54e4c8ebb09c7a293dc169afeabb7a" + }, + "CVE-2015-0239": { + "cmt_msg": "KVM: x86: SYSENTER emulation is broken", + "cmt_id": "cb2567bf3eed3c7fe5fd914d827e3088d21e565f" + }, + "CVE-2017-8240": { + "cmt_msg": "pinctrl: qcom: Don't iterate past end of function array", + "cmt_id": "ce441cb4f15f5d6d7fc509dae6c9e00b56aadb45" + } + }, + "3.18.8": { + "CVE-2015-1421": { + "cmt_msg": "net: sctp: fix slab corruption from use after free on INIT collisions", + "cmt_id": "c75e4b05b591b6c134b7e66c1ea39757f452f1e8" + }, + "CVE-2015-1465": { + "cmt_msg": "ipv4: try to cache dst_entries which would cause a redirect", + "cmt_id": "9ad1a959ac71423224aa8f248af3cc258e54e46a" + } + }, + "3.18.9": { + "CVE-2015-1593": { + "cmt_msg": "x86, mm/ASLR: Fix stack randomization on 64-bit systems", + "cmt_id": "805f25c4d886cfff790fa8f309e432dd7923d2c2" + }, + "CVE-2015-4167": { + "cmt_msg": "udf: Check length of extended attributes and allocation descriptors", + "cmt_id": "f21d9d44483d12e21a8c7adc05dd382fdb2895d5" + } + }, + "3.18.10": { + "CVE-2015-2672": { + "cmt_msg": "x86/fpu/xsaves: Fix improper uses of __ex_table", + "cmt_id": "6ddd115f4c15c2fe03bc2e214c3c95a9626156e2" + }, + "CVE-2015-2830": { + "cmt_msg": "x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization", + "cmt_id": "ce5dd33cbf06346752eeb5530e135d953d6b7abb" + } + }, + "3.18.11": { + "CVE-2016-0823": { + "cmt_msg": "pagemap: do not leak physical addresses to non-privileged userspace", + "cmt_id": "1cd3d374b25ba7e9934be66781ff7fc4513a2b09" + }, + "CVE-2015-3331": { + "cmt_msg": "crypto: aesni - fix memory usage in GCM decryption", + "cmt_id": "3b389956156c23d7936f5a863cf7ac18a92dfee1" + }, + "CVE-2015-2150": { + "cmt_msg": "xen-pciback: limit guest control of command register", + "cmt_id": "c7fd1867c7d0626bf00373cec0f64b0ce4f4ec84" + } + }, + "3.18.13": { + "CVE-2015-2922": { + "cmt_msg": "ipv6: Don't reduce hop limit for an interface", + "cmt_id": "c85b2d7e9fa44286feaac33031db1dd0e4c9ed3b" + }, + "CVE-2014-8159": { + "cmt_msg": "IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic", + "cmt_id": "9b233a2fb7823cbbf0adeaf50586cef471da6bc7" + } + }, + "3.18.14": { + "CVE-2015-6526": { + "cmt_msg": "powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH", + "cmt_id": "ff342613d0b725883aae0bbde834ba5aad99973c" + }, + "CVE-2017-1000253": { + "cmt_msg": "fs/binfmt_elf.c: fix bug in loading of PIE binaries", + "cmt_id": "954f17f76c942d6fda33d4945bba66178514538d" + }, + "CVE-2015-8950": { + "cmt_msg": "arm64: dma-mapping: always clear allocated buffers", + "cmt_id": "a142e9641dcbead2c8845c949ad518acac96ed28" + }, + "CVE-2015-3636": { + "cmt_msg": "ipv4: Missing sk_nulls_node_init() in ping_unhash().", + "cmt_id": "e13f6f2b39c4d91371c0ede88b136f364a6ffd6d" + } + }, + "3.18.15": { + "CVE-2015-4177": { + "cmt_msg": "mnt: Fail collect_mounts when applied to unmounted mounts", + "cmt_id": "0de0e610f6b359c52d4f8b02bac2963f4968c9d6" + }, + "CVE-2015-5706": { + "cmt_msg": "path_openat(): fix double fput()", + "cmt_id": "f42b455331b5eb2ef5f2cecab28941eb1fada554" + }, + "CVE-2015-1420": { + "cmt_msg": "vfs: read file_handle only once in handle_to_path", + "cmt_id": "444a3e132498a80ddd48296897e3ffe1ff53eb76" + }, + "CVE-2015-4178": { + "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused.", + "cmt_id": "11bf6b1ea65f1580477827831d05711e5b87ac7b" + } + }, + "3.18.17": { + "CVE-2015-4700": { + "cmt_msg": "x86: bpf_jit: fix compilation of large bpf programs", + "cmt_id": "645995e2934706449c4214a3f0f881d6c7fbc5fe" + }, + "CVE-2015-5364": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "ee4ab7d8328b0a505d376b6c08d569778c8689af" + }, + "CVE-2015-5366": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "ee4ab7d8328b0a505d376b6c08d569778c8689af" + } + }, + "3.18.18": { + "CVE-2015-3212": { + "cmt_msg": "sctp: fix ASCONF list handling", + "cmt_id": "720e1669baa8f2658d737825e49edb018cf3aa1d" + }, + "CVE-2015-4003": { + "cmt_msg": "ozwpan: divide-by-zero leading to panic", + "cmt_id": "5fcae12c6f561a1b218f0250f599d12fdd5b6b45" + }, + "CVE-2015-4002": { + "cmt_msg": "ozwpan: Use proper check to prevent heap overflow", + "cmt_id": "63f352a237c26bf679a9f73a5e92060bb1f94ef9" + }, + "CVE-2015-9289": { + "cmt_msg": "cx24116: fix a buffer overflow when checking userspace params", + "cmt_id": "f162b656ee480c9a3b024c85deffc4ab39f1a9a5" + } + }, + "3.18.19": { + "CVE-2015-2666": { + "cmt_msg": "x86/microcode/intel: Guard against stack overflow in the loader", + "cmt_id": "5ba6a2f494ab6e6d6e7fb58f099dde2f9ad06f3b" + }, + "CVE-2014-9710": { + "cmt_msg": "Btrfs: make xattr replace operations atomic", + "cmt_id": "55e97f654cbbbef70f9714f0e113604dd931e360" + } + }, + "3.18.20": { + "CVE-2015-1333": { + "cmt_msg": "KEYS: ensure we free the assoc array edit if edit is valid", + "cmt_id": "66db51c9f7b2fe7ebdfa753b2aa9abbb9feddc87" + } + }, + "3.18.21": { + "CVE-2015-4692": { + "cmt_msg": "kvm: x86: fix kvm_apic_has_events to check for NULL pointer", + "cmt_id": "4b8ec51eb5e94596b4a3d465b93a3d18375b98b9" + }, + "CVE-2015-5707": { + "cmt_msg": "sg_start_req(): make sure that there's not too many elements in iovec", + "cmt_id": "b03137288b2ab4e93a5c9c9bbe45e9bbc04c9b6e" + }, + "CVE-2015-5697": { + "cmt_msg": "md: use kzalloc() when bitmap is disabled", + "cmt_id": "e46e18eb387767fa26356417210ef41d0855ef1e" + }, + "CVE-2015-6252": { + "cmt_msg": "vhost: actually track log eventfd file", + "cmt_id": "f9a59d88f99c3149013e44d1aa9245e67c49a800" + } + }, + "3.18.22": { + "CVE-2015-5157": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "057e3a8787b53052e4f5d92a3da6a0b9f5113bea" + }, + "CVE-2015-3290": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "057e3a8787b53052e4f5d92a3da6a0b9f5113bea" + } + }, + "3.18.23": { + "CVE-2015-3291": { + "cmt_msg": "x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection", + "cmt_id": "4bc532d8428f6dd671c66f51ce5e459cc0ff1c86" + }, + "CVE-2015-7613": { + "cmt_msg": "Initialize msg/shm IPC objects before doing ipc_addid()", + "cmt_id": "b5495ddce4659122180b5fee6fc52dc5196e0918" + }, + "CVE-2015-2925": { + "cmt_msg": "dcache: Handle escaped paths in prepend_path", + "cmt_id": "27f5c615afb5303eb902a1f2535903e0fd1d7517" + }, + "CVE-2015-8746": { + "cmt_msg": "NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client", + "cmt_id": "7730c1b9620d5b4887699d1b2ad9338fc63ca736" + }, + "CVE-2015-5283": { + "cmt_msg": "sctp: fix race on protocol/netns initialization", + "cmt_id": "779c19e0ac88b95710ceae2495caebfd442dd2c1" + }, + "CVE-2015-5257": { + "cmt_msg": "USB: whiteheat: fix potential null-deref at probe", + "cmt_id": "b57a9f68701f9587e1b1792232db55615353c314" + } + }, + "3.18.25": { + "CVE-2015-4036": { + "cmt_msg": "vhost/scsi: potential memory corruption", + "cmt_id": "0812542d8e5337822045c81695caff87ea4f5105" + }, + "CVE-2015-8215": { + "cmt_msg": "ipv6: addrconf: validate new MTU before applying it", + "cmt_id": "a9ff3cb5ec5a60c9b9a5dc3d1e870bdb29451f0a" + }, + "CVE-2015-7872": { + "cmt_msg": "KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring", + "cmt_id": "16d8da6c17a7024180e3b9865eb9fad605a9b382" + }, + "CVE-2015-5156": { + "cmt_msg": "virtio-net: drop NETIF_F_FRAGLIST", + "cmt_id": "feeb0406f75ae3488ff6573903533000125b2faf" + }, + "CVE-2016-3841": { + "cmt_msg": "ipv6: add complete rcu protection around np->opt", + "cmt_id": "46ddb98e2018a5a62cefa75b3c80882850c91e39" + }, + "CVE-2015-0275": { + "cmt_msg": "ext4: allocate entire range in zero range", + "cmt_id": "b9fca5cb9ab94112bebd1e5db862962df9dfcec2" + }, + "CVE-2015-5307": { + "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered", + "cmt_id": "79e62de2efb2f586726e46342c792360a9644319" + }, + "CVE-2015-6937": { + "cmt_msg": "RDS: verify the underlying transport exists before creating a connection", + "cmt_id": "cf6580ef92b0f5baf6f9a0ff2c51d852ba5145ba" + } + }, + "3.18.26": { + "CVE-2015-8543": { + "cmt_msg": "net: add validation for the socket syscall protocol argument", + "cmt_id": "e60ccfd9e596b48d4b9d6e2b5440261c83d10c12" + }, + "CVE-2016-0728": { + "cmt_msg": "KEYS: Fix keyring ref leak in join_session_keyring()", + "cmt_id": "d25b4531a808bd0faae3dcd0553421d0570373d1" + }, + "CVE-2015-7550": { + "cmt_msg": "KEYS: Fix race between read and revoke", + "cmt_id": "e41946e47ec501023afd7e5dfeb794ab7492e7c0" + }, + "CVE-2015-8569": { + "cmt_msg": "pptp: verify sockaddr_len in pptp_bind() and pptp_connect()", + "cmt_id": "652ed6f6effe13ce2fc0215230517aa01bdbf3e3" + }, + "CVE-2015-8575": { + "cmt_msg": "bluetooth: Validate socket address length in sco_sock_bind().", + "cmt_id": "566198569555189eff9c11c67bbaefb1bacc7bfa" + }, + "CVE-2013-7446": { + "cmt_msg": "unix: avoid use-after-free in ep_remove_wait_queue", + "cmt_id": "72032798034d921ed565e3bf8dfdc3098f6473e2" + } + }, + "3.18.27": { + "CVE-2016-2782": { + "cmt_msg": "USB: visor: fix null-deref at probe", + "cmt_id": "01bba7b17a230e9c35239ded7ac942081e6f6b7c" + }, + "CVE-2015-7799": { + "cmt_msg": "isdn_ppp: Add checks for allocation failure in isdn_ppp_open()", + "cmt_id": "f9e58aab4655efe4f53452977ea29447b7446735" + }, + "CVE-2016-0723": { + "cmt_msg": "tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)", + "cmt_id": "16c10d77d37d46d0b7db1901136d657777c8caf8" + }, + "CVE-2016-2547": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "f40ee9cf5f69092e63b6f6262d9fd19a24b00bab" + }, + "CVE-2016-2545": { + "cmt_msg": "ALSA: timer: Fix double unlink of active_list", + "cmt_id": "73c0532426ba7eb55f0015faebb1cad466a656e0" + }, + "CVE-2015-8816": { + "cmt_msg": "USB: fix invalid memory access in hub_activate()", + "cmt_id": "425b3d713f077fc340bad07137104304c22e8f5d" + }, + "CVE-2015-7566": { + "cmt_msg": "USB: serial: visor: fix crash on detecting device without write_urbs", + "cmt_id": "34a893326f0473dbe25c6a128c63e17eba08a71c" + }, + "CVE-2013-4312": { + "cmt_msg": "unix: properly account for FDs passed over unix sockets", + "cmt_id": "a5b9e44af8d3edaf49d14a91cc519a9fba439e67" + }, + "CVE-2016-2548": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "f40ee9cf5f69092e63b6f6262d9fd19a24b00bab" + } + }, + "3.18.28": { + "CVE-2016-2085": { + "cmt_msg": "EVM: Use crypto_memneq() for digest comparisons", + "cmt_id": "6702fc0c98d40442f9e74e10c499d68cd96455df" + }, + "CVE-2017-13167": { + "cmt_msg": "ALSA: timer: Fix race at concurrent reads", + "cmt_id": "0f97e402030cb82e5a5ab9ca9babf323d1bc5b74" + }, + "CVE-2016-2384": { + "cmt_msg": "ALSA: usb-audio: avoid freeing umidi object twice", + "cmt_id": "b4dc014d417de972afd85248c8027380f1166317" + } + }, + "3.18.29": { + "CVE-2015-8553": { + "cmt_msg": "xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.", + "cmt_id": "3d0ec7c06a1994f71ef7820185a71b7c1d8bbb42" + } + }, + "3.18.30": { + "CVE-2016-3044": { + "cmt_msg": "KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit", + "cmt_id": "c518a1b39eda7356aebfd514cd8164ed909d995f" + } + }, + "3.18.31": { + "CVE-2016-3157": { + "cmt_msg": "x86/iopl/64: Properly context-switch IOPL on Xen PV", + "cmt_id": "9dac025573bbde6e69bd2238b803cdd4d881d83b" + }, + "CVE-2015-7513": { + "cmt_msg": "KVM: x86: Reload pit counters for all channels when restoring state", + "cmt_id": "8dc1d26b1bae170d1d11e6460cf745ef10d90bfd" + }, + "CVE-2016-3689": { + "cmt_msg": "Input: ims-pcu - sanity check against missing interfaces", + "cmt_id": "7ca573e32c0a6634d679540314a80d235f224bfb" + }, + "CVE-2016-9685": { + "cmt_msg": "xfs: fix two memory leaks in xfs_attr_list.c error paths", + "cmt_id": "a8dabc28e0b21f70d9e27b04a42efc7f093c7c18" + }, + "CVE-2016-2184": { + "cmt_msg": "ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()", + "cmt_id": "53b7c0ed67fecfb2123a14b4d1ae246fb2807283" + }, + "CVE-2016-2185": { + "cmt_msg": "Input: ati_remote2 - fix crashes on detecting device with invalid descriptor", + "cmt_id": "37735ed2c8c12e9671a3742d6b9028bad43852df" + }, + "CVE-2015-8785": { + "cmt_msg": "fuse: break infinite loop in fuse_fill_write_pages()", + "cmt_id": "d48d21de5e8054d38360e09d5f16508c0a17dd62" + }, + "CVE-2016-6327": { + "cmt_msg": "IB/srpt: Simplify srpt_handle_tsk_mgmt()", + "cmt_id": "88155b6f0560f43d101cc415c70a17b09046e532" + }, + "CVE-2016-2186": { + "cmt_msg": "Input: powermate - fix oops with malicious USB descriptors", + "cmt_id": "b684cb33d6867e10ba45375a12ef9f3ceb6f0aa7" + }, + "CVE-2015-8812": { + "cmt_msg": "iw_cxgb3: Fix incorrectly returning error on success", + "cmt_id": "07508eb3c9a18afdb25b69d68c0fd3dd0698e148" + }, + "CVE-2015-8660": { + "cmt_msg": "ovl: fix permission checking for setattr", + "cmt_id": "931858a0bce673fad1855373631641c8250f83ea" + }, + "CVE-2015-8970": { + "cmt_msg": "crypto: algif_skcipher - Require setkey before accept(2)", + "cmt_id": "1f45c38917129af49a187aae8f2ef76d098d66ca" + }, + "CVE-2016-0821": { + "cmt_msg": "include/linux/poison.h: fix LIST_POISON{1,2} offset", + "cmt_id": "88965e61d381a0d3cd3e0d49aa5fb6481a9447cc" + }, + "CVE-2016-3138": { + "cmt_msg": "USB: cdc-acm: more sanity checking", + "cmt_id": "4576d5d818abff73e363027f52da09519573c924" + } + }, + "3.18.32": { + "CVE-2016-3137": { + "cmt_msg": "USB: cypress_m8: add endpoint sanity check", + "cmt_id": "55e18b81b1d3755288aa6234d9439bdd95b3f58f" + }, + "CVE-2016-3136": { + "cmt_msg": "USB: mct_u232: add sanity checking in probe", + "cmt_id": "e8f4639414972d17224cd816be7b89a00840b09e" + }, + "CVE-2016-3140": { + "cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports", + "cmt_id": "fb6e2ebb91f21839aa13c40a6f71ac6423e4c64e" + }, + "CVE-2016-7914": { + "cmt_msg": "assoc_array: don't call compare_object() on a node", + "cmt_id": "34caf1dc30b288cc94a0d44e7e9a133de8246062" + } + }, + "3.18.33": { + "CVE-2016-2187": { + "cmt_msg": "Input: gtco - fix crash on detecting device without endpoints", + "cmt_id": "6b314d424e2fda751e4cc330f050ceac2c7edce8" + }, + "CVE-2016-3961": { + "cmt_msg": "x86/mm/xen: Suppress hugetlbfs in PV guests", + "cmt_id": "24b769352bd519d6d932ea070e295e8b13f43af8" + } + }, + "3.18.34": { + "CVE-2016-4565": { + "cmt_msg": "IB/security: Restrict use of the write() interface", + "cmt_id": "a34c1651ea7a55f3c0e77c80c3b27605d5a7dfea" + }, + "CVE-2016-4581": { + "cmt_msg": "propogate_mnt: Handle the first propogated copy being a slave", + "cmt_id": "b688848a01ce5e9ce2a3d62af6e66b09dcd6f78d" + }, + "CVE-2016-4913": { + "cmt_msg": "get_rock_ridge_filename(): handle malformed NM entries", + "cmt_id": "b8500fc5acce9976a6de1c60daa09f40d148f11d" + } + }, + "3.18.35": { + "CVE-2016-9754": { + "cmt_msg": "ring-buffer: Prevent overflow of size in ring_buffer_resize()", + "cmt_id": "180fbec3621c16c23eb5de917577b9aa5dcb1d57" + } + }, + "3.18.36": { + "CVE-2016-1583": { + "cmt_msg": "proc: prevent stacking filesystems on top", + "cmt_id": "70e21269e3ec8e4345e7fcd263f9a8f2a43f42df" + } + }, + "3.18.37": { + "CVE-2016-3156": { + "cmt_msg": "ipv4: Don't do expensive useless work during inetdev destroy.", + "cmt_id": "abe3994caa1c1056a2d036bdb613cc8ad282b059" + }, + "CVE-2016-4580": { + "cmt_msg": "net: fix a kernel infoleak in x25 module", + "cmt_id": "b35237a8295196b3ea3efb36fde887b7b4dffb9a" + }, + "CVE-2016-4470": { + "cmt_msg": "KEYS: potential uninitialized variable", + "cmt_id": "4e7a91fe833202b19f58a8c872e7f77592a4b682" + }, + "CVE-2016-3955": { + "cmt_msg": "USB: usbip: fix potential out-of-bounds write", + "cmt_id": "9a71843e3ab0f1ffb766c4074f761ba57e3c12c8" + }, + "CVE-2016-2117": { + "cmt_msg": "atl2: Disable unimplemented scatter/gather feature", + "cmt_id": "d06f8ffbe758cb0e4ff7ba8e311ef496bcaf9532" + }, + "CVE-2016-7117": { + "cmt_msg": "net: Fix use after free in the recvmmsg exit path", + "cmt_id": "cdd1fd36f4b67d9fdbeb1a4d16025192d44a3e8b" + }, + "CVE-2016-4485": { + "cmt_msg": "net: fix infoleak in llc", + "cmt_id": "84aa66876dc5594058a346bf36928d8b652e6a6b" + }, + "CVE-2016-4997": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "7ba6a7dfbf7c37aa1984db170a015dded04adc81" + }, + "CVE-2016-4805": { + "cmt_msg": "ppp: take reference on channels netns", + "cmt_id": "a472ae852324f815b61615c3a2dfb80b40a46c22" + }, + "CVE-2016-4486": { + "cmt_msg": "net: fix infoleak in rtnetlink", + "cmt_id": "69243164a954a78073a83cb87d2e03254a4810ef" + }, + "CVE-2016-4794": { + "cmt_msg": "percpu: fix synchronization between chunk->map_extend_work and chunk destruction", + "cmt_id": "9e9f68827d7eb85c39503457a37a5dced178f6f4" + }, + "CVE-2016-3134": { + "cmt_msg": "netfilter: x_tables: fix unconditional helper", + "cmt_id": "c2a1b8ee3f6a1acf7f19037d13e4031831b05776" + }, + "CVE-2016-5829": { + "cmt_msg": "HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands", + "cmt_id": "6f562d23f3bb941cba33d9ec048f6cb85bf2cd80" + }, + "CVE-2016-2847": { + "cmt_msg": "pipe: limit the per-user amount of pages allocated in pipes", + "cmt_id": "be65d29ff7b6246afa8309063cc77ba030d98d17" + }, + "CVE-2016-4998": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "7ba6a7dfbf7c37aa1984db170a015dded04adc81" + }, + "CVE-2016-9806": { + "cmt_msg": "netlink: Fix dump skb leak/double free", + "cmt_id": "57b26930c7149c9ed86ba29038523a7a23140220" + }, + "CVE-2016-5828": { + "cmt_msg": "powerpc/tm: Always reclaim in start_thread() for exec() class syscalls", + "cmt_id": "8d596e6adb909cebe6290426160b8dedc84c802a" + }, + "CVE-2016-7916": { + "cmt_msg": "proc: prevent accessing /proc/<PID>/environ until it's ready", + "cmt_id": "aa9be0d64b75c66a807824705495464369400a01" + } + }, + "3.18.38": { + "CVE-2016-7911": { + "cmt_msg": "block: fix use-after-free in sys_ioprio_get()", + "cmt_id": "b86ef7ef23554d978422ab49366223932ce976d4" + } + }, + "3.18.39": { + "CVE-2016-5400": { + "cmt_msg": "media: fix airspy usb probe error path", + "cmt_id": "d380c88d88ed317a7493e5cba85fa0ebecf38ac9" + }, + "CVE-2016-6197": { + "cmt_msg": "ovl: verify upper dentry before unlink and rename", + "cmt_id": "5eaee47bcdf4f17e2bdd6105f12b6d5e567e72c4" + } + }, + "3.18.40": { + "CVE-2017-7495": { + "cmt_msg": "ext4: fix data exposure after a crash", + "cmt_id": "aba6b2d882d2bad5e3996b739fa5ae7f62bf8bf6" + }, + "CVE-2016-5412": { + "cmt_msg": "KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures", + "cmt_id": "15b4c06d13983dcfcbf34f3c2c7de269c8258656" + }, + "CVE-2016-1237": { + "cmt_msg": "posix_acl: Add set_posix_acl", + "cmt_id": "6abbd53f83fe94fb2562b3a45ef7770e4dfcde29" + }, + "CVE-2016-6136": { + "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()", + "cmt_id": "3f4976f0e610b010e9e69ff294212ce6b7fc7ca5" + }, + "CVE-2016-7910": { + "cmt_msg": "block: fix use-after-free in seq file", + "cmt_id": "8bc7adafc3a58801319873cbfa38f4fc8e0047b4" + } + }, + "3.18.41": { + "CVE-2016-6480": { + "cmt_msg": "aacraid: Check size values after double-fetch from user", + "cmt_id": "30c2bbd8a7b7ff3b6849d6ce1a69d4db9e40183b" + }, + "CVE-2016-5696": { + "cmt_msg": "tcp: make challenge acks less predictable", + "cmt_id": "0efba8d124de904db7766645561a6f39c501f2c1" + } + }, + "3.18.43": { + "CVE-2016-9178": { + "cmt_msg": "fix minor infoleak in get_user_ex()", + "cmt_id": "e58d9a8251584d92976d4cc7f46ab30963c9e99a" + } + }, + "3.18.44": { + "CVE-2016-5195": { + "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()", + "cmt_id": "e45a502bdeae5a075257c4f061d1ff4ff0821354" + } + }, + "3.18.45": { + "CVE-2016-7042": { + "cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function", + "cmt_id": "abe571f80e33d3df7741d15cd03a8b95a93f659f" + }, + "CVE-2016-8633": { + "cmt_msg": "firewire: net: guard against rx buffer overflows", + "cmt_id": "dff462fc98d649a51557491d02f5c16f2127970b" + }, + "CVE-2016-10229": { + "cmt_msg": "udp: properly support MSG_PEEK with truncated buffers", + "cmt_id": "69335972b1c1c9bd7597fc6080b6eb1bd3fbf774" + } + }, + "3.18.46": { + "CVE-2016-7425": { + "cmt_msg": "scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()", + "cmt_id": "6371e0cdc5be8671461f136dc1df9a36bdb5292a" + }, + "CVE-2016-6828": { + "cmt_msg": "tcp: fix use after free in tcp_xmit_retransmit_queue()", + "cmt_id": "fa9b0c17c956a6d2bb3e99ad274c32e86adfddcf" + }, + "CVE-2015-8956": { + "cmt_msg": "Bluetooth: Fix potential NULL dereference in RFCOMM bind callback", + "cmt_id": "ee79b622f43bab46bd6ff778b3cd2e4af4784bc2" + }, + "CVE-2016-8655": { + "cmt_msg": "packet: fix race condition in packet_set_ring", + "cmt_id": "5c120b79dd6601a987eb33214f2686e5b75f3c3e" + } + }, + "3.18.47": { + "CVE-2016-8666": { + "cmt_msg": "tunnels: Don't apply GRO to multiple layers of encapsulation.", + "cmt_id": "dd4fff23f0f4c7c5414f50c091c78a7e423f85da" + }, + "CVE-2016-10088": { + "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS", + "cmt_id": "a861b9212ab44dc9483259b1f9376e74bae2ad37" + } + }, + "3.18.49": { + "CVE-2017-6345": { + "cmt_msg": "net/llc: avoid BUG_ON() in skb_orphan()", + "cmt_id": "5b8f1011ac5363df3a6051223d146144f4af47d7" + }, + "CVE-2017-5897": { + "cmt_msg": "ip6_gre: fix ip6gre_err() invalid reads", + "cmt_id": "3bbaa8061856b883c9deb16d1942188ef2608850" + }, + "CVE-2017-5970": { + "cmt_msg": "ipv4: keep skb->dst around in presence of IP options", + "cmt_id": "eeae5e030fcdba3a924bb951c4c62ef40dfc8974" + }, + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf", + "cmt_id": "477f7e81b30f70d45659c2c6e6aef4f79fbd15b7" + }, + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window", + "cmt_id": "281edc5a3778cd551e688e8d0c88d05d948b4faf" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open", + "cmt_id": "d064efcbd6ed7526ad075a9ad5ef28b1d398ab46" + }, + "CVE-2017-2618": { + "cmt_msg": "selinux: fix off-by-one in setprocattr", + "cmt_id": "0f436bf3f81b0674414d198a01bffc4ecae4590e" + }, + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size", + "cmt_id": "eeead20a3d208b411eab883f9ba3180c15b566d0" + }, + "CVE-2016-9555": { + "cmt_msg": "sctp: validate chunk len before actually using it", + "cmt_id": "ffdfbf56e46b2968e85cc389664ee9224f3ff049" + }, + "CVE-2016-8405": { + "cmt_msg": "fbdev: color map copying bounds checking", + "cmt_id": "59ab6ac4aa855c38f40ab9e6501b17189e7b4089" + }, + "CVE-2017-5986": { + "cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf", + "cmt_id": "a4a3d26a1d4e0702b1b54c8dc9c56ed61742568a" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler", + "cmt_id": "1f5371cc84232fc5b3140713d681b35641c56c17" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO", + "cmt_id": "ae803f3ffbca73a8ba65759c71ce30f3bbcda83f" + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe", + "cmt_id": "ce55817c633e5807f4645a60163f6cbc3f5af63b" + }, + "CVE-2017-6214": { + "cmt_msg": "tcp: avoid infinite loop in tcp_splice_read()", + "cmt_id": "337bb5f3fd50872e4bdac43c097fd7bf926f24a9" + } + }, + "3.18.50": { + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it", + "cmt_id": "02415182a92ccd72b60c22e723a56a74a566d2e7" + }, + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", + "cmt_id": "2e29dce3fd6c31f5d0e623e5a929c06d5436ee60" + }, + "CVE-2017-8064": { + "cmt_msg": "dvb-usb-v2: avoid use-after-free", + "cmt_id": "c59f266fa87e8413db93040348db33f1995bb2b4" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()", + "cmt_id": "6e7f776a49aabe3c734f9d94ba2522961a91c6b7" + }, + "CVE-2017-7187": { + "cmt_msg": "scsi: sg: check length passed to SG_NEXT_CMD_LEN", + "cmt_id": "a3bc27d43f5b5e8cac993b447eeb2f2efb1493af" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback", + "cmt_id": "c2798145e731005fa1e6ee2a489940c1dd8f03e4" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads", + "cmt_id": "be63d158bba15c468d474808b60e6ac2417a933b" + }, + "CVE-2017-2596": { + "cmt_msg": "kvm: fix page struct leak in handle_vmon", + "cmt_id": "aa5b35bad59a2691db0ea739fb79be82aff5cbb8" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind.", + "cmt_id": "c01cf9586df930e721f608578329496081c9624a" + } + }, + "3.18.51": { + "CVE-2016-7913": { + "cmt_msg": "xc2028: avoid use after free", + "cmt_id": "dff2b1e346b783fb69d736b887005e6d41f34d9b" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking", + "cmt_id": "4e340a02d59c230b99460574c6a8fc87dc1a9a47" + }, + "CVE-2016-9120": { + "cmt_msg": "staging/android/ion : fix a race condition in the ion driver", + "cmt_id": "f63514257efd74108711e1d4e2ca462968170c42" + }, + "CVE-2016-9084": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "898ef37a73f7ad23cd5030d1c845d9b00da20721" + }, + "CVE-2016-9083": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "898ef37a73f7ad23cd5030d1c845d9b00da20721" + }, + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings", + "cmt_id": "6efda2501976288f10895834ba2782d0df093441" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings", + "cmt_id": "44c037827f0aeddbbbb323930fa3d09a7b4fffca" + } + }, + "3.18.52": { + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments", + "cmt_id": "a1552b1c52d9c2ed48b21f722c1bd7f0ffbdb398" + }, + "CVE-2016-10200": { + "cmt_msg": "l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()", + "cmt_id": "dc57f1e18b8f484d013fd21bc89b7a5b88c3d460" + }, + "CVE-2016-7097": { + "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions", + "cmt_id": "d8333c045f045385a914013a220cd1ed54c88d48" + }, + "CVE-2015-9004": { + "cmt_msg": "perf: Tighten (and fix) the grouping condition", + "cmt_id": "5a7b3b1ec16b6bfa57752d37292988e64fcdd172" + }, + "CVE-2017-0750": { + "cmt_msg": "f2fs: do more integrity verification for superblock", + "cmt_id": "010336c795e15f358c5bd7054175833ee0203121" + }, + "CVE-2014-9940": { + "cmt_msg": "regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing", + "cmt_id": "42f268023df2919f484d8b46df34b35323bd3358" + }, + "CVE-2015-3288": { + "cmt_msg": "mm: avoid setting up anonymous pages into file mapping", + "cmt_id": "47ce8d2e1fcaac31cbe7d84882c8a6b29e201398" + }, + "CVE-2016-9793": { + "cmt_msg": "net: avoid signed overflows for SO_{SND|RCV}BUFFORCE", + "cmt_id": "29fc5d17f274ccab37404882875f9045be10f6bd" + }, + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper", + "cmt_id": "4636aad518296b169546b4144eceb27d324f0fa5" + }, + "CVE-2016-9794": { + "cmt_msg": "ALSA: pcm : Call kill_fasync() in stream lock", + "cmt_id": "e6ef3b68c00023ebd52721b6ad210c4af3af6d35" + } + }, + "3.18.53": { + "CVE-2017-10662": { + "cmt_msg": "f2fs: sanity check segment count", + "cmt_id": "27f411c7ee241d194cd5fd3271d83089d70b2c20" + } + }, + "3.18.54": { + "CVE-2016-4569": { + "cmt_msg": "ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS", + "cmt_id": "bbcf19d306745832e043e02c7b3d4f4fad82d61e" + }, + "CVE-2015-8962": { + "cmt_msg": "sg: Fix double-free when drives detach during SG_IO", + "cmt_id": "6d523f23bb2dadfebcda1636ee2d534259566c6c" + }, + "CVE-2016-4578": { + "cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback", + "cmt_id": "bbb79774fcea8b92df051d1d68fcba18d884f860" + }, + "CVE-2016-6787": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "33b738f7c5a704b729b2502669cf71c7b25ab7d6" + }, + "CVE-2016-6786": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "33b738f7c5a704b729b2502669cf71c7b25ab7d6" + }, + "CVE-2016-2546": { + "cmt_msg": "ALSA: timer: Fix race among timer ioctls", + "cmt_id": "19f609798f7ea6392028091b42dd53b3c7f9368f" + }, + "CVE-2016-3951": { + "cmt_msg": "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind", + "cmt_id": "2ed13588499c3f5f0dc6b6851471178ca5a44576" + }, + "CVE-2016-7915": { + "cmt_msg": "HID: core: prevent out-of-bound readings", + "cmt_id": "18377401142c65b0afe0168502fd335697e47936" + }, + "CVE-2016-2544": { + "cmt_msg": "ALSA: seq: Fix race at timer setup and close", + "cmt_id": "6d4025862a080579362994eeb0095eb78dd801f2" + }, + "CVE-2015-8967": { + "cmt_msg": "arm64: make sys_call_table const", + "cmt_id": "c8f417a2d6af99b2735709cb60562e0a7c8ddf62" + }, + "CVE-2016-0758": { + "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing", + "cmt_id": "7da78079bae82dbaac4b88e0cb1f875e0dc52775" + }, + "CVE-2015-8963": { + "cmt_msg": "perf: Fix race in swevent hash", + "cmt_id": "6ee649ba055c71907226820070cde13079d3d49d" + }, + "CVE-2015-8955": { + "cmt_msg": "arm64: perf: reject groups spanning multiple HW PMUs", + "cmt_id": "e00f6efe21bd34a7dd1cc3520f6155180e3d8125" + }, + "CVE-2016-2053": { + "cmt_msg": "ASN.1: Fix non-match detection failure on data overrun", + "cmt_id": "c66d9b77cbda5e0e71ae0dfabaa94b27ca3f6b63" + } + }, + "3.18.55": { + "CVE-2015-8964": { + "cmt_msg": "tty: Prevent ldisc drivers from re-using stale tty fields", + "cmt_id": "f98d89173f9e16dba893806e2b99c1d7e0a10ac6" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios", + "cmt_id": "2a635375148830a2caa5716ba2bd0a223c582228" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path", + "cmt_id": "53b5e27b585ecd9d657617890887cb1686153295" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()", + "cmt_id": "f4615841767ff7908599e643f587078670a390c9" + } + }, + "3.18.56": { + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()", + "cmt_id": "1d31de23f617332861b9767ad137b73e953be60b" + }, + "CVE-2017-18221": { + "cmt_msg": "mlock: fix mlock count can not decrease in race condition", + "cmt_id": "aef16f4c9831727766de1b4887ce452c3a915368" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent", + "cmt_id": "4bb305d07ffbc616d1594e2144cc2417eb44fcd5" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent", + "cmt_id": "56fd34c68676131cce13b0031990e49e80d3ee99" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options", + "cmt_id": "5ca68dbb5a6bb81c6119a6808e1dd8d1a53febc8" + } + }, + "3.18.57": { + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length", + "cmt_id": "8206e0a25785c58e88a444fed1d4646da60b14a4" + }, + "CVE-2017-7346": { + "cmt_msg": "drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()", + "cmt_id": "e3648dc366b1469972f02e023e38bf70f143dc0a" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl", + "cmt_id": "d96c363ff004fbb42f728b3e4299a71c4e567568" + } + }, + "3.18.58": { + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "d4712eb79b17d85c9e354efa2d3156ce50736128" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "d4712eb79b17d85c9e354efa2d3156ce50736128" + } + }, + "3.18.59": { + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers", + "cmt_id": "2dff2164d171e9c27f2f7fa778d408ecf4d1e1ea" + }, + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode", + "cmt_id": "9c3a8a0f69e07fbbe31024ebe72b1c8d7607033e" + } + }, + "3.18.60": { + "CVE-2017-18017": { + "cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff", + "cmt_id": "f4549a698a531c0014c62e40e521ffa030cf31e0" + } + }, + "3.18.61": { + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()", + "cmt_id": "7eaa7e5baa0ffb3b6ca28798f0e014f43c004f47" + }, + "CVE-2017-12146": { + "cmt_msg": "driver core: platform: fix race condition with driver_override", + "cmt_id": "61b0972bd40ae77fabb019e26402ac17906fcb15" + } + }, + "3.18.62": { + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "915d918369390e5746794ca0d38a40ba05745b4a" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "915d918369390e5746794ca0d38a40ba05745b4a" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()", + "cmt_id": "ae10cf5c80b897b3a46ef1bdf77a52dd84bd336d" + }, + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE", + "cmt_id": "55520ec2ca6a85ab1e2a51210f414cf0f9f5fe7a" + } + }, + "3.18.63": { + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables", + "cmt_id": "7f377fc4008980278edbfd9d70ef9aa91ffa8448" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time", + "cmt_id": "f6be94430be69b9abd5b7b357210e1f4ef4d1eea" + } + }, + "3.18.64": { + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff", + "cmt_id": "64133595b549c1036ffe8598f4c53aa355d9e3f1" + }, + "CVE-2017-15868": { + "cmt_msg": "Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket", + "cmt_id": "f6237750acc4494cb28e174289d5d335313ff2ea" + }, + "CVE-2017-7533": { + "cmt_msg": "dentry name snapshots", + "cmt_id": "a1dbc0979b4f92f3b0d0bb86671639e09315f43c" + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow", + "cmt_id": "4cb1585c473ec9a5a98104e79ed07cee7de3729e" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt", + "cmt_id": "41d33a5b803bd1c3ca84f5bfb9ab77d06ce09fca" + } + }, + "3.18.65": { + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "4ac8dc208caf85675f0f745783e0a3f88dac0008" + }, + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "4ac8dc208caf85675f0f745783e0a3f88dac0008" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring", + "cmt_id": "f2ce502f866556d24ebfae84673c9ef211b79906" + } + }, + "3.18.67": { + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks", + "cmt_id": "8cf95002f0c9afe06fa1e4b9ebb0e10a77c481b1" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy", + "cmt_id": "d5a76b2ba6871a875fdcd598548176ce3464aa30" + } + }, + "3.18.69": { + "CVE-2017-9725": { + "cmt_msg": "mm: cma: fix incorrect type conversion for size during dma allocation", + "cmt_id": "f0c8d9367c9232fa54e592bad095140f987031fd" + } + }, + "3.18.70": { + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value", + "cmt_id": "0d400015a32c703273b90601574956a4452a9311" + } + }, + "3.18.71": { + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present", + "cmt_id": "b766f0849a52e235268f362b7d8ec8bc36cdc7f0" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length", + "cmt_id": "090aa4651522ec35776896abe31c0a221689a14f" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops", + "cmt_id": "bceac1033cd99ff5d2aaa69c700367f866bf6f04" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops", + "cmt_id": "bceac1033cd99ff5d2aaa69c700367f866bf6f04" + } + }, + "3.18.72": { + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0", + "cmt_id": "1722ca90e1b88e6b7f0824908828e2462d7405ac" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE", + "cmt_id": "9793679d8dc92d1d8a187d023d2d7a17dd9348b5" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code", + "cmt_id": "78d88643d218fccb0fcf7fa957e785d4048e35cb" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls", + "cmt_id": "15ac0595018f5fdfbec2a23574b81a01c73ee5e1" + } + }, + "3.18.73": { + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "e3b663ba2ddd8f30ba92d4e6898637bb526dba70" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace", + "cmt_id": "2d53f0b14066d798104411f13442afc20bdea4d6" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence", + "cmt_id": "65e3664fc6087d2941e940e38beb39920e9ae032" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8", + "cmt_id": "6ad74630c016ef823f2720671ee4db641d35fd2c" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "e3b663ba2ddd8f30ba92d4e6898637bb526dba70" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly", + "cmt_id": "fec4cd33779f9edd7ab2d0d5ad7228f55f3f6887" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key", + "cmt_id": "6ea8051f42d965e3197ef31d4f54f75525b9439c" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv", + "cmt_id": "f23ec06d527c9cd90552a68c748bcb5aa942ee87" + } + }, + "3.18.74": { + "CVE-2017-13215": { + "cmt_msg": "crypto: algif_skcipher - Load TX SG list after waiting", + "cmt_id": "36c84b22ac8aa041cbdfbe48a55ebb32e3521704" + }, + "CVE-2016-8650": { + "cmt_msg": "mpi: Fix NULL ptr dereference in mpi_powm()", + "cmt_id": "703937f005ea09ac2b6da593a9cec0befcb7b22a" + } + }, + "3.18.75": { + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value", + "cmt_id": "4a8d502989094b0825bb11240bc12e4d9cc5c65b" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration", + "cmt_id": "0502bf54bd01e8dbf4a057fe76f974074b5fb7e6" + }, + "CVE-2016-10208": { + "cmt_msg": "ext4: validate s_first_meta_bg at mount time", + "cmt_id": "2ce649fdacd53afc430565e18124d7d72be92cb3" + }, + "CVE-2017-16530": { + "cmt_msg": "USB: uas: fix bug in handling of alternate settings", + "cmt_id": "8f0a7703ff9e3a5553134c3d9a20573624802541" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor", + "cmt_id": "ee44ff5445ae449570427baa534bfba2abba7545" + } + }, + "3.18.76": { + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting", + "cmt_id": "9d263dba25284b31f2544970964decf65b79a2e8" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup", + "cmt_id": "8ae04f638496b7a9b0381aecf5c47dcb5a3bd6fc" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug", + "cmt_id": "f4cf5d75416ae3d79e03179fe6f4b9f1231ae42c" + }, + "CVE-2016-2543": { + "cmt_msg": "ALSA: seq: Fix missing NULL check at remove_events ioctl", + "cmt_id": "954e2ed41fec684048824230eb51bed0eae449ba" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port", + "cmt_id": "035e6d0b5b192ff5e168ed322304d29db108d790" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov", + "cmt_id": "d7795bf6a9d8b004dbbd1f081f3eff18ff49276d" + } + }, + "3.18.77": { + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto", + "cmt_id": "bc8a5a45208d335de143643e51358c8299bce0f3" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held", + "cmt_id": "b0763909b4538894bb47614656c75f2a233c40d2" + } + }, + "3.18.78": { + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key", + "cmt_id": "98c4e5cae5204c1114390219331ddd649d78a5a7" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()", + "cmt_id": "7c1c88e160ed14dfb02cb35369e27abe01eb2ca5" + } + }, + "3.18.79": { + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access", + "cmt_id": "9c73743447f244eb0e7422a285dc907283d3630e" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case", + "cmt_id": "38dc93fa84026ef8711827fb7063744e7197b887" + } + }, + "3.18.80": { + "CVE-2015-9016": { + "cmt_msg": "blk-mq: fix race between timeout and freeing request", + "cmt_id": "b6885d31d1c6b6f4ccd50535d24dbe5c3d8a7d7b" + } + }, + "3.18.82": { + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything", + "cmt_id": "6891c6fd2a500d1f39d1426765f610bdc2c2a39d" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane", + "cmt_id": "c0f26c8f0562869e43e5001bed22817e6019d456" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()", + "cmt_id": "638c8339e05eb7eee584dfe4b3102376cf35664b" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference", + "cmt_id": "32530efaed51e4df01e2bc151822143d23ae403a" + } + }, + "3.18.83": { + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument", + "cmt_id": "49fc34138b882bb1c6f2ba20df5339bca8a9167e" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe", + "cmt_id": "b02dac504efc353e1e8507c10f835f09757b0068" + } + }, + "3.18.84": { + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "3f45934ed0bd864f878a78c3dfbd1ad437ba427f" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()", + "cmt_id": "f72e2ba19765ec94ab1b704bce53c3d1ca13202e" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "3f45934ed0bd864f878a78c3dfbd1ad437ba427f" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one", + "cmt_id": "39c3fff9ef51ba9f2748f37ad7d9cfef365e87fe" + } + }, + "3.18.85": { + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()", + "cmt_id": "84cc7b5d26c17384f29b25a1ba4d42e2e820043a" + } + }, + "3.18.86": { + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash", + "cmt_id": "8586e18413441d265f0ff536378d6ef358d18853" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances", + "cmt_id": "d5ec57c35ac4eeee9b18fb31a953281e63672c0f" + } + }, + "3.18.88": { + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination", + "cmt_id": "228014b20bd8902b05942ce4db4197ce345296f3" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info", + "cmt_id": "14416b2c878b989674761118db8072bf7f0c9501" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map", + "cmt_id": "6d40c9bf5733c9c6db79e0e6d398371955b525af" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts", + "cmt_id": "7389171fdc5976066573edd1fcf6c9a81d8df90f" + } + }, + "3.18.89": { + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow", + "cmt_id": "dd3ad5f60d520da135bf4dce5adcecf400e2db64" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed", + "cmt_id": "252b343a9789151293ad1da4a1ac0851bf31a22e" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage", + "cmt_id": "ebd52f8b6422b920b4d1697d90679a2bb4b48a0b" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer", + "cmt_id": "f749066bec4019a7a5f7eee22b56314958161c1e" + } + }, + "3.18.91": { + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer", + "cmt_id": "f9e16c238bd6da1d858d50c1ab81c8431578877a" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)", + "cmt_id": "95a9e2bf54b89e00a989c4c6c83efbd3cb972516" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps", + "cmt_id": "5594e3eba3ee62dd06c317086c4ea0491d5502c7" + } + }, + "3.18.92": { + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl", + "cmt_id": "6dc42f889217a0a077bc75c6fa5239ade762fff4" + }, + "CVE-2017-6001": { + "cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race", + "cmt_id": "2f9cf5cd5580046fe9ff97dae32f9c753500d4ea" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op", + "cmt_id": "3396f2bef5ede06f73c0be43975ce837767785ed" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element.", + "cmt_id": "e1ed1d1e0af521d54957953de2c7276b9cb24033" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()", + "cmt_id": "a7b25c9f6ea92d582bda195eca561b9cb605ea91" + } + }, + "3.18.93": { + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation", + "cmt_id": "ad211e59c68389b9203f3834c65da7bfe9e6874a" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks", + "cmt_id": "115e3505bbd683a01496860646fa632e6533b4e3" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks", + "cmt_id": "f4ba1d0e4366d63d1d09c024e8befc99c642e84b" + } + }, + "3.18.94": { + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release", + "cmt_id": "524a6efbd1234439ba00176006ed95ad7d007da6" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free", + "cmt_id": "6aab3aa52366a0051e5abf8aae4616c42053fd8e" + } + }, + "3.18.95": { + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input", + "cmt_id": "eebf31529012289ec20fea84e4e6fd188176be13" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number", + "cmt_id": "385e124b45fe46960de2fd280fc5a99d3e7706dc" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address", + "cmt_id": "67ad0235bacc1af72dad6eac6c5ac1a072b905f7" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code", + "cmt_id": "d2baa5e59786136454e3baf3cb7c9d606ab8d508" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start", + "cmt_id": "84882420c73f959fdbad90e538a6d1644c6703dc" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message", + "cmt_id": "0a0e3ffb0a1445a756cc91cd9f03b1ac3abd2e32" + }, + "CVE-2017-13305": { + "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()", + "cmt_id": "99a223bcec506dbd8de7aa3c16995b71d3ca7bb6" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify", + "cmt_id": "28ef9653c18539f8123dd668ad3b28289ec0514a" + } + }, + "3.18.96": { + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations", + "cmt_id": "66776836486554f2767e04a6e196e9af69f13677" + } + }, + "3.18.99": { + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()", + "cmt_id": "5b77504ae15267e8bc68b2622a7554076fe03e3b" + } + }, + "3.18.100": { + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets", + "cmt_id": "c80a9f329cb358cf2ae967c866d883264d218b7b" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes", + "cmt_id": "bbf594868f37cfd50d4289a01a9e25151b9a26cf" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size", + "cmt_id": "d6d68ab0ad44f6cf7c8621c91f29d351618ac96e" + } + }, + "3.18.103": { + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()", + "cmt_id": "43f8ff29c37bf96b918a8fa1a9a2c13d28603044" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets", + "cmt_id": "6949153ccb2fde17fb76e1ebcfdb8f5727dc58d1" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling", + "cmt_id": "e7dc809e8042cf3d2c48ffa616941a8b11d3beba" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case", + "cmt_id": "d22df065dae66f6a892af8802961801deaa90356" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation", + "cmt_id": "8f7db030a6398638515c645184ad261d9ea58559" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()", + "cmt_id": "e717aef0e7ed299b43812cd1a2bcf5888eafad9b" + } + }, + "3.18.105": { + "CVE-2018-9422": { + "cmt_msg": "futex: Remove requirement for lock_page() in get_futex_key()", + "cmt_id": "714f4e55231893dd2319962127e6c9b730c57c1a" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()", + "cmt_id": "c7323e9393266e6227540f906d74a6c55be39f37" + } + }, + "3.18.106": { + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated", + "cmt_id": "bf1b17715e9117c1c22c7a24e38f27a92eb98413" + } + }, + "3.18.107": { + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()", + "cmt_id": "8e8a40578fac765527a5d55d258a2ca93904ed1b" + } + }, + "3.18.108": { + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers", + "cmt_id": "0643dbdb5c697fbe20dd380bcb3faa1dcec03b78" + } + }, + "3.18.109": { + "CVE-2017-18255": { + "cmt_msg": "perf/core: Fix the perf_cpu_time_max_percent check", + "cmt_id": "2e9cbae49c5d3e69ca04510d68ae161374e5d0a2" + } + }, + "3.18.110": { + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors", + "cmt_id": "d1641e51d22e7ed33ba3101c01e006120f32a653" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()", + "cmt_id": "9535063c6fd52d42b954b68762269f6b27e26c91" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata", + "cmt_id": "badf15c8a243ca1292b8034dea2f91cc01982010" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()", + "cmt_id": "58b7ce6f9ef2367f86384b20458642945993b816" + } + }, + "3.18.111": { + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info", + "cmt_id": "50ecbf90142cbfc7cc0194d4f71cf9673e03ab33" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI", + "cmt_id": "39e221cb5ce0822cd7d0a4c82e8949d32f33e43e" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c", + "cmt_id": "c81492260a2202dcea658087b5dd1b319f59bbf0" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().", + "cmt_id": "db57535b77b8de5646291f368f50f9494800bff5" + } + }, + "3.18.113": { + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits", + "cmt_id": "bf3ff108832e28b7ca8df5a02e2a03ced29cd31e" + } + }, + "3.18.114": { + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation", + "cmt_id": "7568ba6cc40986d9553820da9468f94d0591942b" + } + }, + "3.18.115": { + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()", + "cmt_id": "f7e1dd8ebca4d67411c333223e4205879d141eaa" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors", + "cmt_id": "780f50a6dcd2d067edf9761e9a45564ac4019522" + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse", + "cmt_id": "be37222d7cbc6610686c9501bbe1cff13c81bfc5" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data", + "cmt_id": "15b85a060ace8d19d1c7c0290380bedcf46cc4ac" + } + }, + "3.18.116": { + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories", + "cmt_id": "c5f2c5be9d1787a7bde81186d093be54c0caeb34" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler", + "cmt_id": "b261643c6916c8d4e8571072abdc5e6646054db6" + } + }, + "3.18.117": { + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically", + "cmt_id": "bfa30d8adceec8633bea60333707fe1208f2f0e9" + } + }, + "3.18.118": { + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug", + "cmt_id": "77e6abf43c95a39fd97a5fb644c26e303bd60459" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size", + "cmt_id": "31430f2b98f6053933482e51d008124fc31bc3e0" + } + }, + "3.18.119": { + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report", + "cmt_id": "adfdcfe1c7cd5f163855b0d3ea5d3a75efddd576" + } + }, + "3.18.121": { + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status", + "cmt_id": "2f294385874e8e152f357531aa177a19560c8a64" + } + }, + "3.18.123": { + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "9f0547e071f848a665056e18c70cc2741a96ca76" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "f24049f47194791d0393450b4f5cebea9f0b5e89" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely", + "cmt_id": "2b8f74c8f0a4aab0a20b9e77fdc3d17e8f2405dd" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized", + "cmt_id": "56f338b39513de39679cf0c2da704d4803c9a0d5" + } + }, + "3.18.124": { + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT", + "cmt_id": "2ababd51858f71ef174a1bb2fe045f0b23f04c1c" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation", + "cmt_id": "d31152ba0f282348c9ffbd8436b7a3622064aea6" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root", + "cmt_id": "ea20fab573d999205f8b1438d792486dcf76aa4c" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed", + "cmt_id": "10c134df948c2d581f5b89a44072a07ba8cf4069" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()", + "cmt_id": "683626073ac0f1ded012d8861b189350147eb86b" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid", + "cmt_id": "8d419749b27419caf8eb914cd2d6b7fc19efc316" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl", + "cmt_id": "0facefd1d7db43e1c220405ca773adb7b97975a6" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep", + "cmt_id": "f497869a6feab016c2dfd58bf80decfe57348ed9" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace", + "cmt_id": "d26e09111cb7b9c3727c4621ee241cb408d47a7d" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body", + "cmt_id": "fd2634366fca1f93e7d4cf36c8a919dfe11cd0ec" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()", + "cmt_id": "6f6da33decb7d9de01447638ca737a846bf0181b" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks", + "cmt_id": "292dc9673821842c0762b5d095a05e354e795392" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits", + "cmt_id": "524100251d15d4dc491671b84854017327ff2dba" + } + }, + "3.18.125": { + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page", + "cmt_id": "0f1490a7573919a27dfc370c29a87caf142db993" + } + }, + "3.18.126": { + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak.", + "cmt_id": "0869341c34905b7f34b1c4e2a378bf1488f9df7c" + } + }, + "3.18.129": { + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size", + "cmt_id": "d672c306e00a904adcbdce42b51b23b3e906f5cf" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation", + "cmt_id": "599379965a37d87155f6c98196cd0e6ca1537c70" + } + }, + "3.18.131": { + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p", + "cmt_id": "fa3ec41ea511910599838a1fe8820e31ef85efdd" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie", + "cmt_id": "eac164f4025d7bf7afb0ecf0cee06f55ca096a40" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling", + "cmt_id": "2f5f58a8b5d8eb12cfc955cca62ccb5254bab951" + } + }, + "3.18.132": { + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()", + "cmt_id": "172236e69b714879fe534b1fa2e8ffed2c221ebc" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late", + "cmt_id": "0b2758fb10d9557899b614e76a6d60d299baadf5" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data", + "cmt_id": "2dbfeb3393252289ce87a8e1a6ddbd47c2aa7eb4" + } + }, + "3.18.133": { + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()", + "cmt_id": "b1c0a2b920e66a6cd90644e5cbbd861b755f40fa" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification", + "cmt_id": "4c3b21c842deb09721015a8463087e3c262be385" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len", + "cmt_id": "98d2b2486aea705806f72626e02f29b8d6b8aa68" + } + }, + "3.18.135": { + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)", + "cmt_id": "d283b5404655ef51aeafb092d7c79c6718b48c7b" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)", + "cmt_id": "8767556995adf9a10b49fb0c2098b7aeb40ee64c" + } + }, + "3.18.136": { + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)", + "cmt_id": "673f9cf4a99f80a8cab2b015adf1b03c8ca4d66a" + } + }, + "3.18.137": { + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()", + "cmt_id": "e3d6490ad2b47f41bd534a6a5f8655549a754665" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow", + "cmt_id": "7828fe7452f151cc1107a5c28ed042aeb64c1166" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails", + "cmt_id": "e89106985667c7119fa580f74a7beb453399f44c" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails", + "cmt_id": "077a353641d29fc28062866ec589eb2e365f1d56" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject", + "cmt_id": "a7053bc3aeefb24b94290a5c438fbcfe635ee4c7" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()", + "cmt_id": "f290a73f3e919c4d5482632284ccb0aa17f7380c" + }, + "CVE-2020-0066": { + "cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC", + "cmt_id": "5821948648caf10f8c8f7e9c9f8ac8fd22c640ba" + } + }, + "3.18.138": { + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer", + "cmt_id": "ac7c597c465eb09391e40febbe088bdad601080b" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links", + "cmt_id": "beb70e5c511ca99454c20334c56499fd413c1d6d" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt", + "cmt_id": "8f9c5ea93aa788302dddec8589aff079f9ac4bac" + } + }, + "3.18.139": { + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "e045c806436d3202e497051d3d63a23db8e16169" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN", + "cmt_id": "20d4e7627b1451e68ddde913b5a289664716c318" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect", + "cmt_id": "8ad4179e47f711549de33f991dfb8e129ed1175e" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "e045c806436d3202e497051d3d63a23db8e16169" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit", + "cmt_id": "ab885986b6308c902364b4a91d73fae3003da9fe" + }, + "CVE-2019-11190": { + "cmt_msg": "binfmt_elf: switch to new creds when switching to new mm", + "cmt_id": "119b8e38491b9bc21efe06ed3f5a1b3d879c4998" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed", + "cmt_id": "9670c4d542aa2fac5dfa7f95f6e79c25dd1e11f0" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()", + "cmt_id": "c2bca92ba948f3def1f99f6b429ec39e07354dc2" + } + }, + "3.18.140": { + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout", + "cmt_id": "ec22b57b0527530cecda657f9f1ec2f8068150a0" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow", + "cmt_id": "9c47ad93de73786aef31033e2aabd9df020e68cd" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl", + "cmt_id": "db7e50136a20bc175fe081ff1764b5b96af85e2d" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal", + "cmt_id": "15c0d2672a4711fa277ca040e92af36009de4bf6" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2017-15102": { + "cmt_msg": "usb: misc: legousbtower: Fix NULL pointer deference" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2016-10044": { + "cmt_msg": "aio: mark AIO pseudo-fs noexec" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2016-2143": { + "cmt_msg": "s390/mm: four page table levels vs. fork" + }, + "CVE-2017-5551": { + "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2015-8551": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled" + }, + "CVE-2015-8550": { + "cmt_msg": "xen: Add RING_COPY_REQUEST()" + }, + "CVE-2016-3672": { + "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32" + }, + "CVE-2015-8552": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2016-10906": { + "cmt_msg": "net: arc_emac: fix koops caused by sk_buff free" + }, + "CVE-2016-10905": { + "cmt_msg": "GFS2: don't set rgrp gl_object until it's inserted into rgrp tree" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-7518": { + "cmt_msg": "KVM: x86: fix singlestepping over syscall" + }, + "CVE-2021-39714": { + "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2016-3070": { + "cmt_msg": "mm: migrate dirty page without clear_page_dirty_for_io etc" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2014-9717": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2015-8953": { + "cmt_msg": "ovl: fix dentry reference leak" + }, + "CVE-2015-8952": { + "cmt_msg": "ext2: convert to mbcache2" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2016-8645": { + "cmt_msg": "tcp: take care of truncations done by sk_filter()" + }, + "CVE-2016-8646": { + "cmt_msg": "crypto: algif_hash - Only export and import on sockets with data" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2015-8104": { + "cmt_msg": "KVM: svm: unconditionally intercept #DB" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2017-18509": { + "cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2016-3857": { + "cmt_msg": "arm: oabi compat: add missing access checks" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2020-14305": { + "cmt_msg": "netfilter: helpers: remove data_len usage for inkernel helpers" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2017-2583": { + "cmt_msg": "KVM: x86: fix emulation of \"MOV SS, null selector\"" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2017-2584": { + "cmt_msg": "KVM: x86: Introduce segmented_write_std" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2016-6213": { + "cmt_msg": "mnt: Add a per mount namespace limit on the number of mounts" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2016-5728": { + "cmt_msg": "misc: mic: Fix for double fetch security bug in VOP driver" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()." + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2018-7480": { + "cmt_msg": "blkcg: fix double free of new_blkg in blkcg_init_queue" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2015-7884": { + "cmt_msg": "[media] media/vivid-osd: fix info leak in ioctl" + }, + "CVE-2015-7885": { + "cmt_msg": "staging/dgnc: fix info leak in ioctl" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2016-6130": { + "cmt_msg": "s390/sclp_ctl: fix potential information leak with /dev/sclp" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2016-2069": { + "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2015-7515": { + "cmt_msg": "Input: aiptek - fix crash on detecting device without endpoints" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2017-18261": { + "cmt_msg": "clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2017-11472": { + "cmt_msg": "ACPICA: Namespace: fix operand cache leak" + }, + "CVE-2017-17862": { + "cmt_msg": "bpf: fix branch pruning logic" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2015-4176": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2017-8797": { + "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2016-8630": { + "cmt_msg": "kvm: x86: Check memopp before dereference (CVE-2016-8630)" + }, + "CVE-2016-8632": { + "cmt_msg": "tipc: check minimum bearer MTU" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2015-8767": { + "cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2016-7917": { + "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2016-7912": { + "cmt_msg": "usb: gadget: f_fs: Fix use-after-free" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2017-10810": { + "cmt_msg": "drm/virtio: don't leak bo on drm_gem_object_init failure" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2016-9588": { + "cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2016-1575": { + "cmt_msg": "ovl: setattr: check permissions before copy-up" + }, + "CVE-2016-1576": { + "cmt_msg": "ovl: setattr: check permissions before copy-up" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2016-9644": { + "cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2015-2041": { + "cmt_msg": "net: llc: use correct size for sysctl timeout entries" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2015-2042": { + "cmt_msg": "net: rds: use correct size for max unacked packets and bytes" + }, + "CVE-2017-13220": { + "cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2017-7273": { + "cmt_msg": "HID: hid-cypress: validate length of report" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2017-18552": { + "cmt_msg": "RDS: validate the requested traces user input against max supported" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2015-8839": { + "cmt_msg": "ext4: fix races between page faults and hole punching" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2015-8830": { + "cmt_msg": "aio: lift iov_iter_init() into aio_setup_..._rw()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2016-10741": { + "cmt_msg": "xfs: don't BUG() on mixed direct and mapped I/O" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1066": { + "cmt_msg": "CIFS: Enable encryption during session setup phase" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting" + }, + "CVE-2021-20261": { + "cmt_msg": "floppy: fix lock_fdc() signal handling" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2015-8019": { + "cmt_msg": "net: add length argument to skb_copy_and_csum_datagram_iovec" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2015-8374": { + "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2018-16597": { + "cmt_msg": "ovl: modify ovl_permission() to do checks on two inodes" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2016-9756": { + "cmt_msg": "KVM: x86: drop error recovery in em_jmp_far and em_ret_far" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2016-2549": { + "cmt_msg": "ALSA: hrtimer: Fix stall by hrtimer_cancel()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2017-5967": { + "cmt_msg": "time: Remove CONFIG_TIMER_STATS" + }, + "CVE-2019-2054": { + "cmt_msg": "arm/ptrace: run seccomp after ptrace" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2016-10147": { + "cmt_msg": "crypto: mcryptd - Check mcryptd algorithm compatibility" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2017-15116": { + "cmt_msg": "crypto: rng - Remove old low-level rng interface" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2015-3332": { + "cmt_msg": "tcp: Fix crash in TCP Fast Open" + }, + "CVE-2015-3339": { + "cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2017-5549": { + "cmt_msg": "USB: serial: kl5kusb105: fix line-state error handling" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2017-8831": { + "cmt_msg": "[media] saa7164: fix double fetch PCIe access condition" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-18249": { + "cmt_msg": "f2fs: fix race condition in between free nid allocator/initializer" + }, + "CVE-2015-1350": { + "cmt_msg": "fs: Avoid premature clearing of capabilities" + }, + "CVE-2016-5244": { + "cmt_msg": "rds: fix an infoleak in rds_inc_info_copy" + }, + "CVE-2016-5243": { + "cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2016-8658": { + "cmt_msg": "brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2017-8065": { + "cmt_msg": "crypto: ccm - move cbcmac input off the stack" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2017-12168": { + "cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-9605": { + "cmt_msg": "drm/vmwgfx: Make sure backup_handle is always valid" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2016-6198": { + "cmt_msg": "vfs: add vfs_select_inode() helper" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2016-4482": { + "cmt_msg": "USB: usbfs: fix potential infoleak in devio" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2016-9191": { + "cmt_msg": "sysctl: Drop reference added by grab_header in proc_sys_readdir" + }, + "CVE-2015-8709": { + "cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2015-8845": { + "cmt_msg": "powerpc/tm: Check for already reclaimed tasks" + }, + "CVE-2015-8844": { + "cmt_msg": "powerpc/tm: Block signal return setting invalid MSR state" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2015-8966": { + "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2017-5972": { + "cmt_msg": "tcp: do not lock listener to process SYN packets" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2015-4004": { + "cmt_msg": "staging: ozwpan: Remove from tree" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2015-4001": { + "cmt_msg": "ozwpan: Use unsigned ints to prevent heap overflow" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-3901": { + "cmt_msg": "perf/core: Fix perf_event_open() vs. execve() race" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + } + } + }, + "4.10": { + "4.10": { + "CVE-2017-6345": { + "cmt_msg": "net/llc: avoid BUG_ON() in skb_orphan()", + "cmt_id": "8b74d439e1697110c5e5c600643e823eb1dd0762" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()", + "cmt_id": "d199fab63c11998a602205f7ee7ff7c05c97164b" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete().", + "cmt_id": "4c03b862b12f980456f9de92db6d508a4999b788" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO", + "cmt_id": "5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4" + } + }, + "4.10.1": { + "CVE-2017-6347": { + "cmt_msg": "ip: fix IP_CHECKSUM handling", + "cmt_id": "7e963e31ded6cf66f85f03faa48ad9fb11a7b03d" + } + }, + "4.10.2": { + "CVE-2017-8066": { + "cmt_msg": "can: gs_usb: Don't use stack memory for USB transfers", + "cmt_id": "e9394d5a762dc04958ea933bd5d2df096491ea04" + }, + "CVE-2018-11232": { + "cmt_msg": "coresight: fix kernel panic caused by invalid CPU", + "cmt_id": "2eb4d8daec8695beecb1f526ad7d6a35cd352cb5" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection", + "cmt_id": "87d1f686d6bf9d9003372469ffb5f1c310f28299" + } + }, + "4.10.3": { + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf", + "cmt_id": "72e5440223836633e2b5e658e7503d8b0e795f5d" + } + }, + "4.10.4": { + "CVE-2017-8062": { + "cmt_msg": "dw2102: don't do DMA on stack", + "cmt_id": "be20197df07db889c8825ce99fa2ee700894e91c" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler", + "cmt_id": "7daf817d076d0cfa63491423bcb33ac3bac56994" + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe", + "cmt_id": "5ec59765f503ca208af2fa78796f7e4f842f6e00" + }, + "CVE-2017-6874": { + "cmt_msg": "ucount: Remove the atomicity from ucount->count", + "cmt_id": "da603aadd53a9a5ac18eaac09f61a5af74b9a52e" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open", + "cmt_id": "cc6ba470ebf84af1898dc305b307b0564c3963e6" + } + }, + "4.10.5": { + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it", + "cmt_id": "f448775342572f6fdbaffdcec0d3d878d0c2e7d9" + } + }, + "4.10.7": { + "CVE-2017-7374": { + "cmt_msg": "fscrypt: remove broken support for detecting keyring key revocation", + "cmt_id": "0d05871e5e4319e846a9596dd24b7546b1c81eb7" + }, + "CVE-2017-8061": { + "cmt_msg": "dvb-usb-firmware: don't do DMA on stack", + "cmt_id": "aacb73b7ae2f3aa5588de8d745fc59736a144cfa" + } + }, + "4.10.8": { + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window", + "cmt_id": "ffcf5de8152006ee478f3135412aac59b7ab1796" + } + }, + "4.10.9": { + "CVE-2017-7187": { + "cmt_msg": "scsi: sg: check length passed to SG_NEXT_CMD_LEN", + "cmt_id": "f7019040f6d7d09c3eb8835b38730a4b62f78734" + } + }, + "4.10.10": { + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", + "cmt_id": "44eed6f024913d16004ce290d986dc59f4408c06" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()", + "cmt_id": "0570c0cd987f7ef0895c46cc715a66c6fe3984b3" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind.", + "cmt_id": "d57c764a703b867a520a171a3430514bf51e71e4" + }, + "CVE-2017-2596": { + "cmt_msg": "kvm: fix page struct leak in handle_vmon", + "cmt_id": "b04940e26f100c7d19fc0b5cab0210d4d924b002" + } + }, + "4.10.11": { + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size", + "cmt_id": "10e13823b0a984d3184031e292d15a99cb4c0b81" + } + }, + "4.10.12": { + "CVE-2017-8063": { + "cmt_msg": "cxusb: Use a dma capable buffer also for reading", + "cmt_id": "e0116f4d9a9ad5112d315b236c7b3d7036d404d7" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback", + "cmt_id": "cb0567fc5114948df953403133944db83999ab48" + }, + "CVE-2017-8067": { + "cmt_msg": "virtio-console: avoid DMA from stack", + "cmt_id": "e5349c13c7a8bd6e0be0f81f4464fc2edae05d5b" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads", + "cmt_id": "b1bfb5083bfa79d1400009ac6265bfb5f2c09ec9" + }, + "CVE-2017-8064": { + "cmt_msg": "dvb-usb-v2: avoid use-after-free", + "cmt_id": "765c74b9cc2719d24bdca7ca43d6bfd298109337" + } + }, + "4.10.13": { + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings", + "cmt_id": "523ae2e9e39a83b16e016c745922f74a6b3b36d0" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings", + "cmt_id": "4cbbfd6aafe13f8e60a763fd97501b5ec38ac827" + } + }, + "4.10.14": { + "CVE-2017-7277": { + "cmt_msg": "tcp: mark skbs with SCM_TIMESTAMPING_OPT_STATS", + "cmt_id": "b073c2c3d40cf6cae56fd08a4bfeeb0e804dc16f" + }, + "CVE-2017-7477": { + "cmt_msg": "macsec: avoid heap overflow in skb_to_sgvec", + "cmt_id": "43a35e671f8f6d0daffa11464f45678994198aa5" + }, + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments", + "cmt_id": "86eb1d0aab0d1d84a048052a3c7fbbe0bba9f100" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking", + "cmt_id": "7cf480444103700891467fb0e25e9b6eca509117" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops", + "cmt_id": "43e360377b09107e6c3b278c49f41fcc58802fdd" + } + }, + "4.10.15": { + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper", + "cmt_id": "43c1696e5e91dc946325c2968c29e60423659abc" + } + }, + "4.10.16": { + "CVE-2017-9150": { + "cmt_msg": "bpf: don't let ldimm64 leak map addresses on unprivileged", + "cmt_id": "c35107a3bec206f68402236a16be537b6ffce070" + }, + "CVE-2017-10662": { + "cmt_msg": "f2fs: sanity check segment count", + "cmt_id": "6442a7f5d793a5d778d1f0cc62840a3f20dc1d72" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-7518": { + "cmt_msg": "KVM: x86: fix singlestepping over syscall" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2017-14497": { + "cmt_msg": "packet: Don't write vnet header beyond end of buffer" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2017-15951": { + "cmt_msg": "KEYS: Fix race between updating and finding a negative key" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2017-18509": { + "cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2017-16994": { + "cmt_msg": "mm/pagewalk.c: report holes in hugetlb ranges" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2018-10938": { + "cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length" + }, + "CVE-2017-1000252": { + "cmt_msg": "KVM: VMX: Do not BUG() on out-of-bounds guest IRQ" + }, + "CVE-2017-1000255": { + "cmt_msg": "powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2018-7480": { + "cmt_msg": "blkcg: fix double free of new_blkg in blkcg_init_queue" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2017-8797": { + "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy" + }, + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2017-7346": { + "cmt_msg": "drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2017-18017": { + "cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2018-5873": { + "cmt_msg": "nsfs: mark dentry with DCACHE_RCUACCESS" + }, + "CVE-2017-18261": { + "cmt_msg": "clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables" + }, + "CVE-2017-11472": { + "cmt_msg": "ACPICA: Namespace: fix operand cache leak" + }, + "CVE-2017-17862": { + "cmt_msg": "bpf: fix branch pruning logic" + }, + "CVE-2017-17863": { + "cmt_msg": "bpf: fix integer overflows" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held" + }, + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-18379": { + "cmt_msg": "nvmet-fc: ensure target queue id within range." + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2017-9211": { + "cmt_msg": "crypto: skcipher - Add missing API setkey checks" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2017-10810": { + "cmt_msg": "drm/virtio: don't leak bo on drm_gem_object_init failure" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2017-12146": { + "cmt_msg": "driver core: platform: fix race condition with driver_override" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2018-20449": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2017-13305": { + "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2017-1000370": { + "cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2017-18257": { + "cmt_msg": "f2fs: fix a dead loop in f2fs_fiemap()" + }, + "CVE-2017-18255": { + "cmt_msg": "perf/core: Fix the perf_cpu_time_max_percent check" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()" + }, + "CVE-2017-16534": { + "cmt_msg": "USB: core: harden cdc_parse_cdc_header" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration" + }, + "CVE-2017-16530": { + "cmt_msg": "USB: uas: fix bug in handling of alternate settings" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2019-2182": { + "cmt_msg": "arm64: Enforce BBM for huge IO/VMAP mappings" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2017-18222": { + "cmt_msg": "net: hns: fix ethtool_get_strings overflow in hns driver" + }, + "CVE-2017-18221": { + "cmt_msg": "mlock: fix mlock count can not decrease in race condition" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2017-18224": { + "cmt_msg": "ocfs2: ip_alloc_sem should be taken in ocfs2_get_block()" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2017-18552": { + "cmt_msg": "RDS: validate the requested traces user input against max supported" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2018-18559": { + "cmt_msg": "net/packet: fix a race in packet_bind() and packet_notifier()" + }, + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2021-39714": { + "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" + }, + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2017-15129": { + "cmt_msg": "net: Fix double free and memory corruption in get_net_ns_by_id()" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1065": { + "cmt_msg": "netfilter: add back stackpointer size checks" + }, + "CVE-2018-1066": { + "cmt_msg": "CIFS: Enable encryption during session setup phase" + }, + "CVE-2017-12188": { + "cmt_msg": "KVM: nVMX: update last_nonleaf_level when initializing nested EPT" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets" + }, + "CVE-2017-17053": { + "cmt_msg": "x86/mm: Fix use-after-free of ldt_struct" + }, + "CVE-2017-17052": { + "cmt_msg": "fork: fix incorrect fput of ->exe_file causing use-after-free" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2017-18075": { + "cmt_msg": "crypto: pcrypt - fix freeing pcrypt instances" + }, + "CVE-2017-9059": { + "cmt_msg": "NFSv4: Fix callback server shutdown" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" + }, + "CVE-2017-18218": { + "cmt_msg": "net: hns: Fix a skb used after free bug" + }, + "CVE-2017-7533": { + "cmt_msg": "dentry name snapshots" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2017-15306": { + "cmt_msg": "KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2017-17712": { + "cmt_msg": "net: ipv4: fix for a race condition in raw_sendmsg" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2017-5967": { + "cmt_msg": "time: Remove CONFIG_TIMER_STATS" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2017-1000371": { + "cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2017-8831": { + "cmt_msg": "[media] saa7164: fix double fetch PCIe access condition" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()" + }, + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2017-18249": { + "cmt_msg": "f2fs: fix race condition in between free nid allocator/initializer" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-14305": { + "cmt_msg": "netfilter: helpers: remove data_len usage for inkernel helpers" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2017-8065": { + "cmt_msg": "crypto: ccm - move cbcmac input off the stack" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()" + }, + "CVE-2017-18202": { + "cmt_msg": "mm, oom_reaper: gather each vma to prevent leaking TLB entry" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-9605": { + "cmt_msg": "drm/vmwgfx: Make sure backup_handle is always valid" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2017-7558": { + "cmt_msg": "sctp: Avoid out-of-bounds reads from address storage" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2017-16647": { + "cmt_msg": "net: usb: asix: fill null-ptr-deref in asix_suspend" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2019-9444": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane" + }, + "CVE-2017-16644": { + "cmt_msg": "media: hdpvr: Fix an error handling path in hdpvr_probe()" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "4.13": { + "4.13": { + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value", + "cmt_id": "7bab09631c2a303f87a7eb7e3d69e888673b9b7e" + }, + "CVE-2017-14497": { + "cmt_msg": "packet: Don't write vnet header beyond end of buffer", + "cmt_id": "edbd58be15a957f6a760c4a514cd475217eb97fd" + }, + "CVE-2017-7558": { + "cmt_msg": "sctp: Avoid out-of-bounds reads from address storage", + "cmt_id": "ee6c88bb754e3d363e568da78086adfedb692447" + } + }, + "4.13.2": { + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present", + "cmt_id": "24cb33252843e531194e78222af2d8afb75fac5f" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length", + "cmt_id": "fb372097356d450b890aaadbfc45deecbe27e3e7" + } + }, + "4.13.4": { + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device", + "cmt_id": "2f3ab4a5fe065958f33d41bec352de4b4844dff5" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE", + "cmt_id": "9f62840e7fc648b0a55d089714484b704557c027" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code", + "cmt_id": "bb8eb5376409be8e2f4e2d24a473d2c0a35aa38e" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls", + "cmt_id": "4185087177877b467df0b4aa08a128e7822542e2" + } + }, + "4.13.5": { + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "943f8697a9b3785a4b20a4b01816f11cccadfd0f" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace", + "cmt_id": "fd7ea1828b0dc2a3501b403f4254e9b34ea8a8da" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence", + "cmt_id": "f0e85f56f70f172ada0d06b26baff47823695629" + }, + "CVE-2017-1000252": { + "cmt_msg": "KVM: VMX: Do not BUG() on out-of-bounds guest IRQ", + "cmt_id": "c69768cc3eb4fb41a0f3c47c6d6575fd8ead57b7" + }, + "CVE-2017-14954": { + "cmt_msg": "fix infoleak in waitid(2)", + "cmt_id": "c8b679ba7c65457e45af7c086c5df0748522aa2f" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8", + "cmt_id": "27920625f93e59b2b24bdadf946ae4b61f885f40" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "943f8697a9b3785a4b20a4b01816f11cccadfd0f" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly", + "cmt_id": "1fc547cd09e2d7295656fde40a34706448bf6098" + }, + "CVE-2018-1091": { + "cmt_msg": "powerpc/tm: Flush TM only if CPU has TM feature", + "cmt_id": "5075520e4b0b2ec8d21ae7a992e6a073e46c8507" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key", + "cmt_id": "069276fabc8c6aef5c4f95442fef68138f5e8020" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv", + "cmt_id": "7c6bcb52072cb117e7792dca856944f05182bd19" + } + }, + "4.13.6": { + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()", + "cmt_id": "1b9fff6661fe217d56c6257515c0effbe41d9ab7" + }, + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value", + "cmt_id": "6fd9ba4251e3ce1f6f69c60e4c13539b745a0f8a" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held", + "cmt_id": "a5d0f35d810a531c971394b0ea5d8de417acfea5" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration", + "cmt_id": "31991559f483b33eb30b7fdb1219b3f78b616a27" + }, + "CVE-2017-16530": { + "cmt_msg": "USB: uas: fix bug in handling of alternate settings", + "cmt_id": "468f2bf8e0d546479a935e67b4091cdb3c4a11e8" + }, + "CVE-2017-16534": { + "cmt_msg": "USB: core: harden cdc_parse_cdc_header", + "cmt_id": "7dddbeaf504434f37e041479af997b14b0f9ea0d" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor", + "cmt_id": "ee93eb98bc606a6c6dc37a04f6264ebb514117ab" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto", + "cmt_id": "401dfb4850a485e504a151a55e84836de77ac27b" + }, + "CVE-2017-1000255": { + "cmt_msg": "powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks", + "cmt_id": "c654b8387692160ced6e4dcbb3eed888d6ce10cd" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading", + "cmt_id": "d7a268ea8624115cd4b1ddd29fc410965e4b0950" + }, + "CVE-2017-15126": { + "cmt_msg": "userfaultfd: non-cooperative: fix fork use after free", + "cmt_id": "8919b6a762bace82c4c7c04471561b1347c17a33" + } + }, + "4.13.7": { + "CVE-2017-5123": { + "cmt_msg": "waitid(): Add missing access_ok() checks", + "cmt_id": "3da54587cf4c1be7c26a8ae0b58313828b69638a" + } + }, + "4.13.8": { + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting", + "cmt_id": "fd7066e5e913ef8bf6e58c9af8a63cb09e05952f" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup", + "cmt_id": "e21045a223959d469174629614028136b202a586" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug", + "cmt_id": "984154e7eef1f9e543dabd7422cfc99015778732" + }, + "CVE-2017-12188": { + "cmt_msg": "KVM: nVMX: update last_nonleaf_level when initializing nested EPT", + "cmt_id": "a75ac6b475ae817f4006b511b8eb2d1fbe6a5713" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port", + "cmt_id": "71c766e18dd3f321bd450ec7c0c20643b2c4b74e" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov", + "cmt_id": "ffe1d63bc4570ee980a59996667c296c5be7252e" + } + }, + "4.13.10": { + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key", + "cmt_id": "24a33a0c96f3e976c18e4321ca09f71cb835a9b5" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()", + "cmt_id": "775462fd5c5378957e5165c898e2fa532ebf4234" + }, + "CVE-2017-15951": { + "cmt_msg": "KEYS: Fix race between updating and finding a negative key", + "cmt_id": "f45b8fe12221c178ce708b1c9d634634f2261802" + } + }, + "4.13.11": { + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash", + "cmt_id": "20d17a2d1347b3754acfc395c7c57a068fc84d40" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access", + "cmt_id": "8d3736faa7f7e438fab0cd28a31c0dc4eea552b8" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case", + "cmt_id": "ca6711747c5a1434219ae0bd6745864a618f68b3" + }, + "CVE-2017-15306": { + "cmt_msg": "KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM", + "cmt_id": "3f3414599f110c8dce4e0b0d51502fc8c07517d7" + } + }, + "4.13.12": { + "CVE-2017-15128": { + "cmt_msg": "userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size", + "cmt_id": "c14ee6986103f9232c99de035a996547faba6371" + } + }, + "4.13.14": { + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything", + "cmt_id": "a9ab1b2e30e898440a22d7b1d7a5b0b7c6a8791f" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane", + "cmt_id": "cf87b5de4473fdc0735c27ef719abb2e0a6964bb" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()", + "cmt_id": "aa9ab97c4d79b29727344f9c77d673743bbe35cb" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference", + "cmt_id": "19ab6908533107d0a18048a7d8262eb74f5c05cb" + } + }, + "4.13.15": { + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument", + "cmt_id": "02a260a31257c653af31570faf4e07ad3dbe81f9" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe", + "cmt_id": "442cc6c4c54fdeb402a425b37265a09c5d393af3" + } + }, + "4.13.16": { + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()", + "cmt_id": "ccb2cca45acfd1f34bdb19d8ef5e409af40f2533" + }, + "CVE-2017-16647": { + "cmt_msg": "net: usb: asix: fill null-ptr-deref in asix_suspend", + "cmt_id": "f93b123370688313fb3624aa7cb3ebfc6019c24e" + }, + "CVE-2017-16994": { + "cmt_msg": "mm/pagewalk.c: report holes in hugetlb ranges", + "cmt_id": "cd21766d6fb1b25bdc85d6541646b1dcf8a8cb52" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors", + "cmt_id": "dcf3cdb7b7603b7b09c1beb7bccf227e64b0f07f" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors", + "cmt_id": "f99427bc5d83e5c8546560c006effa91592cfcc4" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one", + "cmt_id": "22f767973fb024036d8a9c2878035bdc6c5d1e6d" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2017-18379": { + "cmt_msg": "nvmet-fc: ensure target queue id within range." + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2018-10840": { + "cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2019-14763": { + "cmt_msg": "usb: dwc3: gadget: never call ->complete() from ->ep_queue()" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2018-11412": { + "cmt_msg": "ext4: do not allow external inodes for inline data" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2018-5703": { + "cmt_msg": "tls: Use correct sk->sk_prot for IPV6" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2017-17862": { + "cmt_msg": "bpf: fix branch pruning logic" + }, + "CVE-2017-17863": { + "cmt_msg": "bpf: fix integer overflows" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi" + }, + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2018-20449": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2019-2182": { + "cmt_msg": "arm64: Enforce BBM for huge IO/VMAP mappings" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2017-18224": { + "cmt_msg": "ocfs2: ip_alloc_sem should be taken in ocfs2_get_block()" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2018-1094": { + "cmt_msg": "ext4: always initialize the crc32c checksum driver" + }, + "CVE-2018-1095": { + "cmt_msg": "ext4: limit xattr size to INT_MAX" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2018-18559": { + "cmt_msg": "net/packet: fix a race in packet_bind() and packet_notifier()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2017-15129": { + "cmt_msg": "net: Fix double free and memory corruption in get_net_ns_by_id()" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1065": { + "cmt_msg": "netfilter: add back stackpointer size checks" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2017-18075": { + "cmt_msg": "crypto: pcrypt - fix freeing pcrypt instances" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2018-7740": { + "cmt_msg": "hugetlbfs: check for pgoff value overflow" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2017-17712": { + "cmt_msg": "net: ipv4: fix for a race condition in raw_sendmsg" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2021-0935": { + "cmt_msg": "net: ipv6: keep sk status consistent after datagram connect failure" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2018-11508": { + "cmt_msg": "compat: fix 4-byte infoleak via uninitialized struct field" + }, + "CVE-2018-11506": { + "cmt_msg": "sr: pass down correctly sized SCSI sense buffer" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()" + }, + "CVE-2017-18202": { + "cmt_msg": "mm, oom_reaper: gather each vma to prevent leaking TLB entry" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2019-9444": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2017-16644": { + "cmt_msg": "media: hdpvr: Fix an error handling path in hdpvr_probe()" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2018-8087": { + "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + } + } + }, + "4.12": { + "4.12.1": { + "CVE-2017-12146": { + "cmt_msg": "driver core: platform: fix race condition with driver_override", + "cmt_id": "d0ccfd55b9c75b90ebcb9c56029b07eddefb1155" + } + }, + "4.12.2": { + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()", + "cmt_id": "34bfc894734d56cca6c5924b5889e6308eeb66e1" + } + }, + "4.12.3": { + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "c1152f1638c53af9ec782d77f3f2e6f6c8fb9b0a" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "c1152f1638c53af9ec782d77f3f2e6f6c8fb9b0a" + }, + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE", + "cmt_id": "b9582dbe58ebcbd9b415d3d10ef5d990ddba720c" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()", + "cmt_id": "f888b9ad79954af0c11d3a646129f1d70b951eec" + }, + "CVE-2017-1000371": { + "cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE", + "cmt_id": "0c9fd20c4ca8fb97f40ea66a2db39f1f9c85797d" + }, + "CVE-2017-1000370": { + "cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE", + "cmt_id": "0c9fd20c4ca8fb97f40ea66a2db39f1f9c85797d" + } + }, + "4.12.4": { + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff", + "cmt_id": "55df2e68c21714444fc3056c5636531ee9d1bc58" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables", + "cmt_id": "464c38d4b9365fb013c568a391a7c89b7148d72a" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time", + "cmt_id": "6c0d8c2a408402f2d83a41b141efc2e5e8e604c4" + } + }, + "4.12.5": { + "CVE-2017-7533": { + "cmt_msg": "dentry name snapshots", + "cmt_id": "75791420f2942f47f4fb5626110723668feea9a7" + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow", + "cmt_id": "cd043db87e4c49fa909a81c0daa2a3786dacf349" + } + }, + "4.12.6": { + "CVE-2017-8831": { + "cmt_msg": "saa7164: fix double fetch PCIe access condition", + "cmt_id": "52bc1dfd016e7a1859138d986670408fc3d830a0" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt", + "cmt_id": "663f828a08af6f54c4f11c1eb16e68ad7a93c34c" + } + }, + "4.12.7": { + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "2a8c396a689114da0fb9164cd07b13fd5b800782" + }, + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "2a8c396a689114da0fb9164cd07b13fd5b800782" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring", + "cmt_id": "91b2b39b49c25a0a76e3ef5302e848e6c9e60cfd" + } + }, + "4.12.9": { + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging", + "cmt_id": "c1cee6062ac9c375cda25bd2d334d54af4bd4c26" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks", + "cmt_id": "e950adf8983f18cf210145af0cda1fe7e6aa8c11" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy", + "cmt_id": "6b2676ed32bad395689998bea6ce2d64aeda02a6" + } + }, + "4.12.10": { + "CVE-2017-17053": { + "cmt_msg": "x86/mm: Fix use-after-free of ldt_struct", + "cmt_id": "a8da876c1e45b75c082a5dc8ce10c0761a10c638" + }, + "CVE-2017-17052": { + "cmt_msg": "fork: fix incorrect fput of ->exe_file causing use-after-free", + "cmt_id": "f5024bb32d4d50b77f4fbc1e7251cf0f21def88e" + } + }, + "4.12.11": { + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value", + "cmt_id": "6c5b60edd786fe18b7be96b26ca980aa2bef0428" + } + }, + "4.12.13": { + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present", + "cmt_id": "9f7df0bca168528aba20794f400be134495551b8" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length", + "cmt_id": "8329b5e8c6cfe8af86344eb849c06ed69c0d868d" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops", + "cmt_id": "9d6412aa06ce75e44fbaf1bfa15454150fd6a803" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops", + "cmt_id": "9d6412aa06ce75e44fbaf1bfa15454150fd6a803" + } + }, + "4.12.14": { + "CVE-2017-14497": { + "cmt_msg": "packet: Don't write vnet header beyond end of buffer", + "cmt_id": "e7ebdeb47c8b14614c65a0a2ad07cf4c04e51469" + }, + "CVE-2017-7558": { + "cmt_msg": "sctp: Avoid out-of-bounds reads from address storage", + "cmt_id": "6da138247b47105eca005464383cae11ac57bdab" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2017-17712": { + "cmt_msg": "net: ipv4: fix for a race condition in raw_sendmsg" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2017-15951": { + "cmt_msg": "KEYS: Fix race between updating and finding a negative key" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2017-16994": { + "cmt_msg": "mm/pagewalk.c: report holes in hugetlb ranges" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2018-10938": { + "cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop" + }, + "CVE-2017-1000252": { + "cmt_msg": "KVM: VMX: Do not BUG() on out-of-bounds guest IRQ" + }, + "CVE-2017-1000255": { + "cmt_msg": "powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2019-14763": { + "cmt_msg": "usb: dwc3: gadget: never call ->complete() from ->ep_queue()" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2017-18549": { + "cmt_msg": "scsi: aacraid: Don't copy uninitialized stack memory to userspace" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2017-18261": { + "cmt_msg": "clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2017-17862": { + "cmt_msg": "bpf: fix branch pruning logic" + }, + "CVE-2017-17863": { + "cmt_msg": "bpf: fix integer overflows" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-18379": { + "cmt_msg": "nvmet-fc: ensure target queue id within range." + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2018-20449": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()" + }, + "CVE-2017-16534": { + "cmt_msg": "USB: core: harden cdc_parse_cdc_header" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration" + }, + "CVE-2017-16530": { + "cmt_msg": "USB: uas: fix bug in handling of alternate settings" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2019-2182": { + "cmt_msg": "arm64: Enforce BBM for huge IO/VMAP mappings" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2017-18224": { + "cmt_msg": "ocfs2: ip_alloc_sem should be taken in ocfs2_get_block()" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2017-18550": { + "cmt_msg": "scsi: aacraid: Don't copy uninitialized stack memory to userspace" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2018-18559": { + "cmt_msg": "net/packet: fix a race in packet_bind() and packet_notifier()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()" + }, + "CVE-2017-15127": { + "cmt_msg": "userfaultfd: hugetlbfs: remove superfluous page unlock in VM_SHARED case" + }, + "CVE-2017-15126": { + "cmt_msg": "userfaultfd: non-cooperative: fix fork use after free" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2017-15129": { + "cmt_msg": "net: Fix double free and memory corruption in get_net_ns_by_id()" + }, + "CVE-2017-15128": { + "cmt_msg": "userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1065": { + "cmt_msg": "netfilter: add back stackpointer size checks" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)" + }, + "CVE-2017-12188": { + "cmt_msg": "KVM: nVMX: update last_nonleaf_level when initializing nested EPT" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2017-18075": { + "cmt_msg": "crypto: pcrypt - fix freeing pcrypt instances" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2018-7740": { + "cmt_msg": "hugetlbfs: check for pgoff value overflow" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-18218": { + "cmt_msg": "net: hns: Fix a skb used after free bug" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2017-15306": { + "cmt_msg": "KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2021-0935": { + "cmt_msg": "net: ipv6: keep sk status consistent after datagram connect failure" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2018-11506": { + "cmt_msg": "sr: pass down correctly sized SCSI sense buffer" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()" + }, + "CVE-2017-18202": { + "cmt_msg": "mm, oom_reaper: gather each vma to prevent leaking TLB entry" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2017-16647": { + "cmt_msg": "net: usb: asix: fill null-ptr-deref in asix_suspend" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2019-9444": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane" + }, + "CVE-2017-16644": { + "cmt_msg": "media: hdpvr: Fix an error handling path in hdpvr_probe()" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2018-8087": { + "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "4.15": { + "4.15": { + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled", + "cmt_id": "1995266727fa8143897e89b55f5d3c79aa828420" + } + }, + "4.15-rc1": { + "CVE-2019-19083": { + "cmt_msg": "drm/amd/display: memory leak", + "cmt_id": "9ea29a1f8b9da52d8eca8b0996f1d84eac548d3b" + } + }, + "4.15.1": { + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits.", + "cmt_id": "7654cae5433700f4f5ae6cafd785b84b52d10468" + } + }, + "4.15.2": { + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control", + "cmt_id": "6acd374af3f3b7dafcfb3081ee7d9ec75fd989da" + } + }, + "4.15.4": { + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt", + "cmt_id": "1113a74590b4597c0d5104bf9f653cc4daad9daf" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message", + "cmt_id": "1a9b65ce31654f5d4edd134c5ad21a0b0846ab1a" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start", + "cmt_id": "20f3bae5957e3c0843e71a6564e3dbd040b7f469" + }, + "CVE-2017-16644": { + "cmt_msg": "media: hdpvr: Fix an error handling path in hdpvr_probe()", + "cmt_id": "2eeaddcc139b5ccf1784148e08c7f2f57ec2c998" + } + }, + "4.15.5": { + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations", + "cmt_id": "3b8e84c8373de4e068e282102425d498d992e49b" + } + }, + "4.15.6": { + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"", + "cmt_id": "008fdd7c3915f5fe5481289e66986f149d824ad5" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE.", + "cmt_id": "3dd13985a916de3f748b07255eaf4b7516921ae0" + } + }, + "4.15.8": { + "CVE-2018-5703": { + "cmt_msg": "tls: Use correct sk->sk_prot for IPV6", + "cmt_id": "c5f3a16c047dfa7f309a2e1ca7d43e7db92ec35b" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()", + "cmt_id": "4fadd1aa760e40ee98507326cb714036b92d1fc1" + } + }, + "4.15.10": { + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets", + "cmt_id": "5c06b89df419ea4c472a68b1e5b668bda52471ba" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes", + "cmt_id": "291a0c2764e4b8f714a6e102ac2fcad6ed7711ba" + }, + "CVE-2018-1065": { + "cmt_msg": "netfilter: add back stackpointer size checks", + "cmt_id": "ec6b058c5431e7e1686c4d7ef42f951473baa78b" + } + }, + "4.15.11": { + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size", + "cmt_id": "b42aa204e1110e20f5a49caaf92a935d39a02112" + } + }, + "4.15.14": { + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()", + "cmt_id": "9a6730ae707b16b038f3731f93f67aa0bd08017f" + }, + "CVE-2018-7740": { + "cmt_msg": "hugetlbfs: check for pgoff value overflow", + "cmt_id": "e0fdb5385c4bf26b4be60c0042344c315c039aeb" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling", + "cmt_id": "8c42170a40fb42726cae09f901b61d17ab56a465" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets", + "cmt_id": "01592437b0ec953300acf8be765721a62e0786b7" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack", + "cmt_id": "69a71b6b418c0052614e8325ca4e91ca4a3d6eef" + } + }, + "4.15.15": { + "CVE-2021-0935": { + "cmt_msg": "net: ipv6: keep sk status consistent after datagram connect failure", + "cmt_id": "812cb9e2340db3f86049b7a2c3cb8fefb0c5bea4" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()", + "cmt_id": "5df0f40809d4ac73ce859681a689cfd328ae5788" + } + }, + "4.15.16": { + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation", + "cmt_id": "9b5b7c382e11be732ab63bdc872876e7c886de65" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case", + "cmt_id": "39fd6d09439714516b75d4b7b07b677f8e7da48e" + } + }, + "4.15.17": { + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()", + "cmt_id": "c16490ba27bb7c5bc5ebe22e50a607f84b6bf06f" + } + }, + "4.15.18": { + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks", + "cmt_id": "e4e64ce3fbc470a5b33a79f1a795e4746a7b50bb" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2018-1000200": { + "cmt_msg": "mm, oom: fix concurrent munlock and oom reaper unmap, v3" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2021-3743": { + "cmt_msg": "net: qrtr: fix OOB Read in qrtr_endpoint_post" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14615": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2019-19082": { + "cmt_msg": "drm/amd/display: prevent memory leak" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-16229": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2019-14763": { + "cmt_msg": "usb: dwc3: gadget: never call ->complete() from ->ep_queue()" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2021-3600": { + "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2021-0342": { + "cmt_msg": "tun: correct header offsets in napi frags mode" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-11884": { + "cmt_msg": "s390/mm: fix page table upgrade vs 2ndary address mode accesses" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2019-19046": { + "cmt_msg": "ipmi: Fix memory leak in __ipmi_bmc_register" + }, + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2018-11412": { + "cmt_msg": "ext4: do not allow external inodes for inline data" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2019-15031": { + "cmt_msg": "powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2021-35039": { + "cmt_msg": "module: limit enabling module.sig_enforce" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-18445": { + "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" + }, + "CVE-2019-13233": { + "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi" + }, + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-18955": { + "cmt_msg": "userns: also map extents in the reverse map to kernel IDs" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2019-2182": { + "cmt_msg": "arm64: Enforce BBM for huge IO/VMAP mappings" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2018-1094": { + "cmt_msg": "ext4: always initialize the crc32c checksum driver" + }, + "CVE-2018-1095": { + "cmt_msg": "ext4: limit xattr size to INT_MAX" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-3347": { + "cmt_msg": "futex: Ensure the correct return value from futex_lock_pi()" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-18805": { + "cmt_msg": "ipv4: set the tcp_min_rtt_wlen range from 0 to one day" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20322": { + "cmt_msg": "ipv6: make exception cache less predictible" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2018-10840": { + "cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2021-3444": { + "cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2019-12984": { + "cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2021-33624": { + "cmt_msg": "bpf: Inherit expanded/patched seen count from old aux data" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2020-0430": { + "cmt_msg": "bpf: reject passing modified ctx to helper functions" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2018-11508": { + "cmt_msg": "compat: fix 4-byte infoleak via uninitialized struct field" + }, + "CVE-2018-11506": { + "cmt_msg": "sr: pass down correctly sized SCSI sense buffer" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2019-25045": { + "cmt_msg": "xfrm: clean up xfrm protocol checks" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2018-8087": { + "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "4.14": { + "4.14": { + "CVE-2017-16647": { + "cmt_msg": "net: usb: asix: fill null-ptr-deref in asix_suspend", + "cmt_id": "baedf68a068ca29624f241426843635920f16e1d" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors", + "cmt_id": "7fd078337201cf7468f53c3d9ef81ff78cb6df3b" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors", + "cmt_id": "2cb80187ba065d7decad7c6614e35e07aec8a974" + } + }, + "4.14.1": { + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument", + "cmt_id": "75d9dd294e2a41ddce75cc02d1675a9cf40873fc" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe", + "cmt_id": "16edf1a6a8a52040841e3e875c76bad0aa28f85f" + } + }, + "4.14.2": { + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()", + "cmt_id": "44ec0aecc73dc3959bdbb6fa733c69dc0bb633f4" + }, + "CVE-2017-16994": { + "cmt_msg": "mm/pagewalk.c: report holes in hugetlb ranges", + "cmt_id": "bbce81fc966f59421e5f54c4bd3d3a4670f45e33" + } + }, + "4.14.3": { + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()", + "cmt_id": "3bfb87ecb4f7e19c53c31b7beca4ecd9bb906a67" + }, + "CVE-2017-16536": { + "cmt_msg": "cx231xx-cards: fix NULL-deref on missing association descriptor", + "cmt_id": "5a482b8a75500ec7516f3d11c7fb063e3f4abc45" + } + }, + "4.14.4": { + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances", + "cmt_id": "8a0bb9ebaa8b8faee61f095757662fe5d7fd8da6" + }, + "CVE-2017-18202": { + "cmt_msg": "mm, oom_reaper: gather each vma to prevent leaking TLB entry", + "cmt_id": "786b924d39bad16ff99aacdb4076df027cc2f8b8" + } + }, + "4.14.6": { + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination", + "cmt_id": "69d5894ce0a67d37f900d2597fc0b2b8cef6c863" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info", + "cmt_id": "0482dcd51004920b13b59995b7afb66df49937da" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts", + "cmt_id": "a52c2829cd60492fc75bafc323145cab1af915f5" + } + }, + "4.14.7": { + "CVE-2018-18559": { + "cmt_msg": "net/packet: fix a race in packet_bind() and packet_notifier()", + "cmt_id": "589983eb9986ea9c851c8906a81781f317207313" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map", + "cmt_id": "9d9a63d74b2b6ed7c30c7d1584d87c16ae8d5862" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct", + "cmt_id": "7bc8eb30f1e02b4dd6fd2869720c64d9bf39d765" + } + }, + "4.14.8": { + "CVE-2018-14619": { + "cmt_msg": "crypto: algif_aead - fix reference counting of null skcipher", + "cmt_id": "96c2dfaebe1a8eba95d43732a1413c777469128c" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input", + "cmt_id": "1621db059603e781f61a9bf33cba639b42faf0bc" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number", + "cmt_id": "7120d742ad8d0f1fe37e4b73827e166fc1e01eea" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address", + "cmt_id": "b6a2ad646c13bb9d1231bce5599cb3176ff33ca4" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer", + "cmt_id": "d78a5506cf0ea112124c1ffa5c0aae09b579d96d" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow", + "cmt_id": "4c5ae6a301a5415d1334f6c655bebf91d475bd89" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify", + "cmt_id": "3df23f7ce7255d1ef2a616071cac359a245fb6de" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed", + "cmt_id": "902ae89f841de0c8d2857919296923f6332e174f" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage", + "cmt_id": "c68b31521d5fb7216cb1113130399afe65437c6c" + } + }, + "4.14.9": { + "CVE-2017-17857": { + "cmt_msg": "bpf: fix missing error return in check_stack_boundary()", + "cmt_id": "2120fca0ecfb4552d27608d409ebd3403ce02ce4" + }, + "CVE-2017-17864": { + "cmt_msg": "bpf: don't prune branches when a scalar is replaced with a pointer", + "cmt_id": "cb56cc1b292b8b3f787fad89f1208f8e98d12c7d" + }, + "CVE-2017-17862": { + "cmt_msg": "bpf: fix branch pruning logic", + "cmt_id": "2b3ea8ceb2bb71e9e58527661261dba127137d9b" + }, + "CVE-2017-17863": { + "cmt_msg": "bpf: fix integer overflows", + "cmt_id": "de31796c052e47c99b1bb342bc70aa826733e862" + }, + "CVE-2017-17853": { + "cmt_msg": "bpf/verifier: fix bounds calculation on BPF_RSH", + "cmt_id": "4d54f7df5131d67f653f674003ec5f52c9818b53" + }, + "CVE-2017-17852": { + "cmt_msg": "bpf: fix 32-bit ALU op verification", + "cmt_id": "6c8e098d0324412d4ae9e06c7e611a96b87faf80" + }, + "CVE-2017-17855": { + "cmt_msg": "bpf: don't prune branches when a scalar is replaced with a pointer", + "cmt_id": "cb56cc1b292b8b3f787fad89f1208f8e98d12c7d" + }, + "CVE-2017-16996": { + "cmt_msg": "bpf: fix incorrect tracking of register size truncation", + "cmt_id": "bf5ee24e87e39548bf30d4e18e479e61a5a98336" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()", + "cmt_id": "6e12ea4fb45ca86cdd7425276b6993455fee947a" + }, + "CVE-2017-17856": { + "cmt_msg": "bpf: force strict alignment checks for stack pointers", + "cmt_id": "c90268f7cbee0781331b96d1423d0f28a6183889" + }, + "CVE-2017-17854": { + "cmt_msg": "bpf: fix integer overflows", + "cmt_id": "de31796c052e47c99b1bb342bc70aa826733e862" + } + }, + "4.14.11": { + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer", + "cmt_id": "21a9c7346ef696161dacbbd9f47dabb0f062c4c8" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free", + "cmt_id": "d87f1bc7d15b89bd3bcf31020eb7f3b3cd6f84b5" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)", + "cmt_id": "aaa5a91ff744f91fb1d1c91853aa0c8f126be563" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps", + "cmt_id": "e3fb538e5715250d6a61a26925215229f2e9f52f" + }, + "CVE-2017-17712": { + "cmt_msg": "net: ipv4: fix for a race condition in raw_sendmsg", + "cmt_id": "3bc400bad0e003d40a0a2412411aed7cbae16f96" + }, + "CVE-2017-15129": { + "cmt_msg": "net: Fix double free and memory corruption in get_net_ns_by_id()", + "cmt_id": "dd9a2648b3e35c2369f580215d916baf7e23253a" + } + }, + "4.14.13": { + "CVE-2017-18075": { + "cmt_msg": "crypto: pcrypt - fix freeing pcrypt instances", + "cmt_id": "7156c794b8ab462705e6ac80c5fa69565eb44c62" + } + }, + "4.14.14": { + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl", + "cmt_id": "242e20a5b3cc2b99ace977546d3cffc6a2a35991" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio", + "cmt_id": "653c41ac4729261cb356ee1aff0f3f4f342be1eb" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op", + "cmt_id": "5edbe3c0249f54578636b71377861d579b1781cf" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element.", + "cmt_id": "02462928e2234eea95dd1ce05ca1f2c02088dc13" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()", + "cmt_id": "5d127d15ad2f9f33af788f1edf720ba29317f55b" + } + }, + "4.14.15": { + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "c7b8be81fc5506a6f2f9f01a06f6806bcca7d48a" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation", + "cmt_id": "17ae6ccfe5dd85605dc44534348b506f95d16a61" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "c7b8be81fc5506a6f2f9f01a06f6806bcca7d48a" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free", + "cmt_id": "c3162384aed4cfe3f1a1f40041f3ba8cd7704d88" + } + }, + "4.14.16": { + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled", + "cmt_id": "54e67ba7d20a5921cfe712cfe4bd773e75df10e0" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks", + "cmt_id": "19848ca7b7dad5153860239c893c1eadd603217e" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks", + "cmt_id": "671624872144abc37bc5e8f3b27987890f6e87f3" + } + }, + "4.14.17": { + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits.", + "cmt_id": "7a3cee43e935b9d526ad07f20bf005ba7e74d05b" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release", + "cmt_id": "d5e06a1867210049bbfe27864ee0a40cfd9b1e9b" + } + }, + "4.14.18": { + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control", + "cmt_id": "343c91242d092852ab22411780f886317d7001aa" + } + }, + "4.14.20": { + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt", + "cmt_id": "ea96d8f676dd3caeb77e3dc509c880cc81d303a6" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message", + "cmt_id": "f232bfdcdd768bb6ba5945f1f8f28faa94fc10b8" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start", + "cmt_id": "fd31a38d268f50afe9c5cd3d4beafa020ad39e90" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code", + "cmt_id": "e5e1e153ecd40c2b09c23d2b2c161a6c8ddbba07" + }, + "CVE-2017-16644": { + "cmt_msg": "media: hdpvr: Fix an error handling path in hdpvr_probe()", + "cmt_id": "dd24d173b50af3aadb1ea2e04edaa8d68ca59b23" + } + }, + "4.14.21": { + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations", + "cmt_id": "7466294dad8963e29f051d8ab2f4d3f67d2f62a6" + } + }, + "4.14.22": { + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"", + "cmt_id": "b46af094b82a47ca1cbba9092578f8f96af82798" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE.", + "cmt_id": "441b5d10e4602b25ad960d1ca1c6bb77e788c220" + } + }, + "4.14.25": { + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()", + "cmt_id": "1fc74a57a8ae863c95afedef2510e7e42b194e56" + } + }, + "4.14.27": { + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets", + "cmt_id": "eaa06bfba8eabd44ce952758046492eebc973bbe" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes", + "cmt_id": "5c1c405d393648da95339c3e0f2dcfd7a1021388" + }, + "CVE-2018-1065": { + "cmt_msg": "netfilter: add back stackpointer size checks", + "cmt_id": "638c2e4eff89aae86593e80ac2be01eee195fccb" + } + }, + "4.14.28": { + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size", + "cmt_id": "59b0613d3f40f0ba621bb9c7ddf06dea2948e0b7" + } + }, + "4.14.31": { + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()", + "cmt_id": "2a2b9ef3092680bdf09751d55420910f81fd0c3c" + }, + "CVE-2018-7740": { + "cmt_msg": "hugetlbfs: check for pgoff value overflow", + "cmt_id": "1e8628443ede418464b0ab101b24fbb7030949b2" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling", + "cmt_id": "06b2810150542cfe0e66407c77ea2de6790e35dc" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets", + "cmt_id": "c8deec7181212f170191c7ffbb01a16367682f5b" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack", + "cmt_id": "5a29ce2b9880a26e1ac95169dedabc988360c734" + } + }, + "4.14.32": { + "CVE-2019-15239": { + "cmt_msg": "unknown", + "cmt_id": "dbbf2d1e4077bab0c65ece2765d3fc69cf7d610f" + }, + "CVE-2021-0935": { + "cmt_msg": "net: ipv6: keep sk status consistent after datagram connect failure", + "cmt_id": "a8f02befc87d6f1a882c9b14a31bcfa1fbd3d430" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()", + "cmt_id": "91d27e0c302501e148460db9981b5b04481781ce" + } + }, + "4.14.33": { + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation", + "cmt_id": "ca04476df8fd39c71818352db43090bd17dd1d58" + }, + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case", + "cmt_id": "1f17d5033fe3c435556d8fb731f3a51ca073ce85" + } + }, + "4.14.34": { + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()", + "cmt_id": "8644d14c3240b6875c9e0e72c346146c24a6d8c1" + } + }, + "4.14.35": { + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks", + "cmt_id": "9a0a509839f31dc17f2ea788dc362c93589e077a" + } + }, + "4.14.36": { + "CVE-2019-14763": { + "cmt_msg": "usb: dwc3: gadget: never call ->complete() from ->ep_queue()", + "cmt_id": "59d3a952e4f3d505f9444e86db069081323351c7" + }, + "CVE-2018-1094": { + "cmt_msg": "ext4: always initialize the crc32c checksum driver", + "cmt_id": "26dbb30c58ffb85bc015bd5e58831483d50f7d18" + }, + "CVE-2018-1095": { + "cmt_msg": "ext4: limit xattr size to INT_MAX", + "cmt_id": "a57eb14b740e6175aff8b8941bec628403992dfa" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test", + "cmt_id": "6e513bc20ca63f594632eca4e1968791240b8f18" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated", + "cmt_id": "8e0e94683f8449f4e83b4b563b80eb9c76b9e18f" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi", + "cmt_id": "96dc465173a1f790e805246206aee3d18770f614" + } + }, + "4.14.37": { + "CVE-2018-8087": { + "cmt_msg": "mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()", + "cmt_id": "afadc440a1cc08895f451b4a9db551a45f2a1a21" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace", + "cmt_id": "ad10785a706e63ff155fc97860cdcc5e3bc5992d" + } + }, + "4.14.38": { + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()", + "cmt_id": "68c09d548bfc61aec99fa9a24e703c3d6fdba9b1" + } + }, + "4.14.39": { + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override", + "cmt_id": "23abff7b984ff46b78b9964f9cdba42036b4149a" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer", + "cmt_id": "f671ee8de31a3c2702250e64e5f18ebceb21f1e6" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers", + "cmt_id": "b39430ea068797bb45b72429db3743064280b1be" + } + }, + "4.14.41": { + "CVE-2018-1000200": { + "cmt_msg": "mm, oom: fix concurrent munlock and oom reaper unmap, v3", + "cmt_id": "2270dfcc4b12d49c6d74394d245858ae882a8b79" + }, + "CVE-2018-11508": { + "cmt_msg": "compat: fix 4-byte infoleak via uninitialized struct field", + "cmt_id": "ef7c4825fe5fe9ed251bda8d4c04d47fe33c3afb" + } + }, + "4.14.42": { + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas", + "cmt_id": "5c9a9508de30d4d27a270047c7ab5f2817b1366d" + } + }, + "4.14.43": { + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors", + "cmt_id": "ec0c93951ecb3ab9463c9a0d0a79c69e4bcb2b2a" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()", + "cmt_id": "8410540f5aaf06ab01197443371be89822971e58" + } + }, + "4.14.44": { + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata", + "cmt_id": "58442874542fb41fd53de4ab34be180ad43779c9" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()", + "cmt_id": "d827bea2d18c07ba514f7d48cde49f90da9a1384" + } + }, + "4.14.45": { + "CVE-2018-11506": { + "cmt_msg": "sr: pass down correctly sized SCSI sense buffer", + "cmt_id": "2a039b93679fb2e974bedf5b0d76da81731474ba" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI", + "cmt_id": "54881db3251a48f9a27ac8b7223a9b421757d395" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c", + "cmt_id": "1d1646c408f62148fd2bbc399927bdc5381cb3ba" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().", + "cmt_id": "ccf92117d49d77f3d88ad81d63ea5c0d02a94e3f" + } + }, + "4.14.49": { + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits", + "cmt_id": "16d7ceb04b554207aa68dd27c1bc11f8933813fd" + } + }, + "4.14.50": { + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access", + "cmt_id": "53e4b19fcd0ce08933e0f7a7fe11654f6eac1f19" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions", + "cmt_id": "b1bd9caf5e98d8111361f53367fece3444b0a7c2" + } + }, + "4.14.52": { + "CVE-2018-10840": { + "cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs", + "cmt_id": "21542545990c5aba4b919ac0f8c8ae6a408b49d4" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory", + "cmt_id": "7446344baafba2f23da58ac837b86770ec977b90" + }, + "CVE-2018-11412": { + "cmt_msg": "ext4: do not allow external inodes for inline data", + "cmt_id": "e81d371dac30019816a1c5a3a2c4c44bb3c68558" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()", + "cmt_id": "91717ffc9057f38a0203a40ef36ae2e482fd7cbe" + } + }, + "4.14.53": { + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation", + "cmt_id": "9aa818d42bf5f5477f66dbc941b4daddfcae290d" + } + }, + "4.14.55": { + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()", + "cmt_id": "50b4d984f55e7e8d75f75da6803505ca3c122cef" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors", + "cmt_id": "ac93c718365ac6ea9d7631641c8dec867d623491" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data", + "cmt_id": "deb465ec750b80776cc4ac5b92b72c0a71fd4f0b" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()", + "cmt_id": "ac48bb9bc0a32f5a4432be1645b57607f8c46aa7" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()", + "cmt_id": "d69a9df614fc68741efcb0fcc020f05caa99d668" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid", + "cmt_id": "44a4bc970bfae625d0ec9ecdfefc88c9d93dfe6c" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body", + "cmt_id": "8a9ef17c0dc93def47e17b227ada95c682592a1d" + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse", + "cmt_id": "6e51bfa950864343cfe210a75268e826a2b4b2e8" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks", + "cmt_id": "c24aab6d86640ccf321b87be6096319f55b16274" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits", + "cmt_id": "0321e68838d7ba2528b367b879b2fcf9d96a2099" + } + }, + "4.14.56": { + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories", + "cmt_id": "298243a5fb640f018e2fae22c0c895f1b27f0963" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler", + "cmt_id": "90f2a76ccd37cce2530df49335bcea6cd0e23797" + } + }, + "4.14.57": { + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent", + "cmt_id": "c59a8f13f36b51f2100111121b39c6d15eca124d" + }, + "CVE-2017-18224": { + "cmt_msg": "ocfs2: ip_alloc_sem should be taken in ocfs2_get_block()", + "cmt_id": "1ccab2bf726e1cd9292deecf4d72d732527035d6" + } + }, + "4.14.58": { + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically", + "cmt_id": "5d251646ab1588077b26e89dcaa116aba105d097" + } + }, + "4.14.59": { + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()", + "cmt_id": "f3a5ba6310e11df370f6888ed716d1486896d983" + } + }, + "4.14.60": { + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug", + "cmt_id": "e27dad1eb1ac7bedb5a033ac2e068543742c807b" + } + }, + "4.14.62": { + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated", + "cmt_id": "6f021e4ef39ace7f58c415856aef9308c70e89b9" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp", + "cmt_id": "59f35b983e8aeb98188c6ef93f8eabc594f8f953" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size", + "cmt_id": "7d29fb53439c8c91874550cc078eda6db8feafe7" + } + }, + "4.14.63": { + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "e456004eb77734e274e520c83ad9be76736e622c" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB", + "cmt_id": "f374b5593e44c01265156b4c4070b618097f401b" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "e456004eb77734e274e520c83ad9be76736e622c" + } + }, + "4.14.64": { + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report", + "cmt_id": "6e2c702e797c25b49dac3a9f663c449f30cf8efc" + } + }, + "4.14.67": { + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()", + "cmt_id": "4bc32484df6a3bdc173301adff0c2fdc66667a40" + } + }, + "4.14.68": { + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status", + "cmt_id": "73b2e7073b51de0b03ebd15c97dd3ad0c3470810" + } + }, + "4.14.69": { + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case", + "cmt_id": "0affbaece6d0b7c75c5166732d0481ae9a28be60" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size", + "cmt_id": "7188f7416438a34412a6702f548f81be9e2cf56c" + } + }, + "4.14.70": { + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "77be9452d0e5768bab9a041a62116cbeb9dc3174" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "e37957305de356b4f8719a3a4c7bc1453a2f0ca3" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()", + "cmt_id": "68e787c3c80059c776d1d7afb20f5eb9f20237a5" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized", + "cmt_id": "0cdbc3faf960de16ebe8a427feb3b0544ad983cc" + } + }, + "4.14.71": { + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments.", + "cmt_id": "1c44969111cc68f361638b6e54f5a176609aa05a" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode", + "cmt_id": "7fb2b50ee59689578d5a712633d1e6755fc98933" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely", + "cmt_id": "06274364edb4407b386a996a7ff46c3ca3459b70" + } + }, + "4.14.73": { + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT", + "cmt_id": "9951e17efd05b8ad49bbc0db2e6b483f95d94d86" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation", + "cmt_id": "755e45f3155cc51e37dc1cce9ccde10b84df7d93" + } + }, + "4.14.74": { + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed", + "cmt_id": "d61ba3417e4fb71963441aa0c2e9c26f4568215b" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace", + "cmt_id": "38d070f9090af15b5bdb26fc0e084b22f34eabd9" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl", + "cmt_id": "04bc4dd86d0f2b166640c8ea5b7a030d92a3d993" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep", + "cmt_id": "a4dbaf7c2de0d622e0fe29840dd2bf4a281277a5" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling", + "cmt_id": "3e3f075f72bd2dfcd5211bd1ff3919bc118ad4cd" + } + }, + "4.14.75": { + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root", + "cmt_id": "f8566a92ab75d442a823453414c6158b0b3c5ce7" + } + }, + "4.14.76": { + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()", + "cmt_id": "309a1c5cfc598c162dfc951fac040554164056e4" + } + }, + "4.14.78": { + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page", + "cmt_id": "541500abfe9eb30a89ff0a6eb42a21521996d68d" + } + }, + "4.14.82": { + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace", + "cmt_id": "fdc427442b374e84077d4214733764efb1a38a0e" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set", + "cmt_id": "6d1c38aa47d432f425c5829261eaa8e624274a4f" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak.", + "cmt_id": "a8c254d8e96032d5bb235cb2e777203d9acda09d" + } + }, + "4.14.86": { + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone", + "cmt_id": "f3d6361a96a455c8ba12226a04efa67a0ada4966" + }, + "CVE-2018-5703": { + "cmt_msg": "tls: Use correct sk->sk_prot for IPV6", + "cmt_id": "2a0f5919e1e6a1c0423d895ab75eb15f94a67c69" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks", + "cmt_id": "b8321ccd045710ee04fd5322c34cadd13a5e58af" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count", + "cmt_id": "f9cf5462b51d98026275cc51437fc531e808b64a" + }, + "CVE-2018-14615": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize", + "cmt_id": "d7d9d29a837358636e12fe09c90a7882b53b2220" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum", + "cmt_id": "30130700acfad8a705c109325379f5bbe21b3ccc" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature", + "cmt_id": "0081c90ebacebb3a82d0d24bf0f42273ce2d902e" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie", + "cmt_id": "107b02c81a8761f1f7efc1e8b54d435324ccd13e" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk", + "cmt_id": "f7eef132ccc95c9af50b647c5da0511d2b8492f8" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time", + "cmt_id": "34407a175a59b668a1a2bbf0d0e495d87a7777d8" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item", + "cmt_id": "9f268b5cf2d6a716779dfe11f4bc02d6461db693" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees", + "cmt_id": "c0dfb99847851fb830d1e8ea7d5e0571f50c325a" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge", + "cmt_id": "3fd73c8a71f299e30359a63add1f33e3fd834831" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode", + "cmt_id": "b16d0c5d32468a0624505a7b6b211e20488295e9" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting", + "cmt_id": "30cdc0c3bac950bebd3ba59f5ff980cdd3710e0f" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE", + "cmt_id": "cb7ccb9924bb3596f211badf0d2becf131a979cd" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization", + "cmt_id": "83f00ab9a7c03e9f1410727d985b7fe9473002e1" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize", + "cmt_id": "d7d9d29a837358636e12fe09c90a7882b53b2220" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer", + "cmt_id": "fd6cc33d0775b0d902906d88dd05cc1a2a059f8d" + } + }, + "4.14.87": { + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation", + "cmt_id": "60720df8bf43e8ca2ce1a17936904a52129c8471" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails", + "cmt_id": "82c5a8c0debac552750a00b4fc7551c89c7b34b8" + } + }, + "4.14.88": { + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size", + "cmt_id": "7b6e85da8d94948201abb8d576d485892a6a878f" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p", + "cmt_id": "f2a4f7622d052eb987e8693633468c239c13575a" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2", + "cmt_id": "38fce19d4d7bc8acfa183ee2918758d279a69c9a" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers", + "cmt_id": "f15c072d6576c5e2b693c22e39ccc9103c952078" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c", + "cmt_id": "19f74e45746253cafb8cb1e773041e7cadbac622" + } + }, + "4.14.91": { + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing", + "cmt_id": "cc70f14956fa0ea84ee1a3a5b79347730c6c2d08" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data", + "cmt_id": "49be8dc589aee04c64d61e362c5029ab20fd6fd7" + } + }, + "4.14.93": { + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()", + "cmt_id": "1117b7a380f4b4f575d90a318a43d2e168c01fbd" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c", + "cmt_id": "c6a9a1ccafc49fe95d8de54eef154ad5c3b94077" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late", + "cmt_id": "3f2e4e1d9a6cffa95d31b7a491243d5e92a82507" + } + }, + "4.14.94": { + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()", + "cmt_id": "65dba32522065b79a16393efc75f8006c2c3dbb8" + } + }, + "4.14.95": { + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification", + "cmt_id": "39ff087b5c6be2ff0b08e617d334e5bf72a08b44" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len", + "cmt_id": "b9119fd2749c1459416ebb559cf7c1d379786cff" + } + }, + "4.14.96": { + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check", + "cmt_id": "e89ec9b92f9b75b44e1ff9f52dab48bd01834ed6" + } + }, + "4.14.99": { + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)", + "cmt_id": "ef1b3d4893cec543305d30e8160df8c096135950" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)", + "cmt_id": "8c1b11bc3555b5d1207b0e179cbdd8b945e71e69" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)", + "cmt_id": "1c965b1b5ecc2c9e1d59b2514cedb6f7483a0241" + } + }, + "4.14.102": { + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware", + "cmt_id": "60cd31866de4386d940e55073491c3ee17ca593e" + } + }, + "4.14.103": { + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release.", + "cmt_id": "6e4c01ee785c2192fcc4be234cedde3706309a7e" + } + }, + "4.14.105": { + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()", + "cmt_id": "f5817069248630b3b7b17ebfcdee0b679c52be33" + } + }, + "4.14.106": { + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()", + "cmt_id": "46a5caa79ff73c9403ab37475ef47ed4c027e712" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails", + "cmt_id": "b275f8e6a0096cac11cf697c4e3ad226070264f5" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file", + "cmt_id": "069fb92ea221c72bd75f4863b3540420082f32ba" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject", + "cmt_id": "306bbaeb077068141d472b922ae1adf7ab81fd72" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow", + "cmt_id": "aa4ba765e0903926de64b359e8653bfd29a3c353" + } + }, + "4.14.107": { + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()", + "cmt_id": "1aa1e0a3f6dde5c37bb5d6a9121847b95b255c1f" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails", + "cmt_id": "07c2216c3783daca34ea0d86affb9dfc5346f183" + } + }, + "4.14.108": { + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()", + "cmt_id": "c02fd076842636fb7506d4ca8a2bb3f91faf1af3" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()", + "cmt_id": "8d6df5097c0005320ab6f3cd8dda2ef31db6c6d1" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit", + "cmt_id": "be0b155c2b2f8c39adaa1641f3f6a4be47277993" + } + }, + "4.14.109": { + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()", + "cmt_id": "a1dbb34da6f2edf321df5023cb2accd92579269b" + } + }, + "4.14.110": { + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success", + "cmt_id": "e331c9066901dfe40bea4647521b86e9fb9901bb" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links", + "cmt_id": "0d9ef3f5b07e4b6fe6105a45603de1e133e4df49" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt", + "cmt_id": "82868814a87236b17ac588fbb779c87616e99345" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path", + "cmt_id": "111fdc6e948b36115e29cf3b1981058d033ffd54" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer", + "cmt_id": "2b59d36f22622c92c0b06aee7571f0a86a217188" + } + }, + "4.14.111": { + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed", + "cmt_id": "90fca247abf6adc1ee6eef9b3de199448c8a4ad6" + } + }, + "4.14.112": { + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN", + "cmt_id": "429977fd9f7153607230a6040ee12510a525e930" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().", + "cmt_id": "c8a88799e632045399af886a1b1a5205e5d49897" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()", + "cmt_id": "adbb8bdd392db14dc80ad1ac29f8f1d37ab57a62" + } + }, + "4.14.113": { + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit", + "cmt_id": "0ba1fa56351e6e9c2f8db4ffc823cb7057e4ea82" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths", + "cmt_id": "6588a490bfe1b879f11b5e74724ef53a33b68641" + } + }, + "4.14.114": { + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p", + "cmt_id": "47ad82a34560ea70e85d2eb56be0ada03dc4fd35" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "bb461ad8e6e0653fc6bd0f26d9173bab0aec235b" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "bb461ad8e6e0653fc6bd0f26d9173bab0aec235b" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect", + "cmt_id": "d11a33e9ba584bb6f5cc74df9d74b26156ba9bb2" + } + }, + "4.14.115": { + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container", + "cmt_id": "73a95f1a41c0bb586b8c62622ebf25aca1582af3" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference", + "cmt_id": "2617f9af19ce93c509ebf3fd3ce26048b8f85216" + } + }, + "4.14.116": { + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get", + "cmt_id": "c88a0aa7ace7eb10dca42be59f21e2cbd263575e" + } + }, + "4.14.117": { + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal", + "cmt_id": "5696fa3f42168ee33256c0b0b72ca963d224327f" + } + }, + "4.14.118": { + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout", + "cmt_id": "3739f98aea7113a21d11b1a604525049e422e29e" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow", + "cmt_id": "2c33156b2d2f5efe820d8efdd610fb168c9acf72" + } + }, + "4.14.119": { + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "91788fcb21d008b1b7ac6beae20522725fa78239" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "91788fcb21d008b1b7ac6beae20522725fa78239" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "91788fcb21d008b1b7ac6beae20522725fa78239" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "91788fcb21d008b1b7ac6beae20522725fa78239" + } + }, + "4.14.120": { + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl", + "cmt_id": "1a3a561df5e176a4422270e3d2cca1cd835b292e" + } + }, + "4.14.121": { + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block", + "cmt_id": "d7d9e4823b658eb795f4a379d121d3f0539c1117" + } + }, + "4.14.122": { + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink", + "cmt_id": "1a2bb5125acb5be09ac8dcbf0f1e47ec28468fdc" + } + }, + "4.14.123": { + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd", + "cmt_id": "ccebaeca5089c49f2b331e91334b2d2e7a40e53c" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module", + "cmt_id": "f1c9f1f3665635d86e4d507312f4d114d0d738e3" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "7c9290b56da477b54fab5dc48e1d21cfb8dc46f4" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited", + "cmt_id": "f9ba91b5d1bfb6124640e00dca6562f69b71ca19" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "7c9290b56da477b54fab5dc48e1d21cfb8dc46f4" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit", + "cmt_id": "b7eaea002ad0a3d2563df9d18e2ca3c6bd81abd3" + } + }, + "4.14.124": { + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()", + "cmt_id": "385ee66eaf88e1f04be973f623b81e4bf0ec0c6f" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe", + "cmt_id": "47ffaae93ea154ae149315389a30780fa3189caf" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb", + "cmt_id": "5a7adcda3de26a44fc0fa3f68199358b1527daf4" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time", + "cmt_id": "f18227d08e6b50717e1560a86fbebda0ca911507" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim", + "cmt_id": "c2a035d7822ac8d2870cd6dbaadc1ab407713b83" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash", + "cmt_id": "e10789acbe6a76b304f45cbc8bb77a926ae4f201" + } + }, + "4.14.127": { + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl", + "cmt_id": "cd6f35b8421ff20365ff711c0ac7647fd70e9af7" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits", + "cmt_id": "9daf226ff92679d09aeca1b5c1240e3607153336" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs", + "cmt_id": "d632920554c5aec81d8a79c23dac07efcbabbd54" + } + }, + "4.14.128": { + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead", + "cmt_id": "af1630c6dc4fd96c09fef088f9c400c35e259e72" + } + }, + "4.14.129": { + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed", + "cmt_id": "5992a6926eb037cb8ed30521c74e2bef082a8946" + } + }, + "4.14.130": { + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()", + "cmt_id": "b1013624a8adb9caa83b4c9f487778c7b51467a0" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA", + "cmt_id": "7a680d6e5441400b768d6e6cfe5524726ebd6b7f" + } + }, + "4.14.133": { + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME", + "cmt_id": "bf71ef9655d25e8b275ec6ed649b6bd719231ddc" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer", + "cmt_id": "37eaa74451c1003a6bec548c957890c264559463" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check", + "cmt_id": "05206de4e9ae033afd32f685c4a005cbc1dceb39" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop", + "cmt_id": "ae446749492d8bd23f1d0b81adba16e5739dc740" + } + }, + "4.14.134": { + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()", + "cmt_id": "b1459fb34061337efbf0d47a3ba6208f2f59829d" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor", + "cmt_id": "d50f6b58d7ad30ad8e96c0bbc3e5ecfe9b91ba77" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading", + "cmt_id": "c760ecb74f84f729ae31b9fbc6b772923cdc78df" + } + }, + "4.14.135": { + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free", + "cmt_id": "ba110e6dc391f70195c161bcc3de2c58ba705045" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()", + "cmt_id": "df56de8931b924c1d850b80e1b22b62449758e90" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level", + "cmt_id": "81bf168d855cc1d97a7c9cde6787ff42485556c8" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module", + "cmt_id": "18f05a6fc4cfb78ff1de275d9ebf88c3ed5522a2" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking", + "cmt_id": "193a754afbe979a43893c88373a625ed384123ab" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params", + "cmt_id": "a904a690ea0317fcd88c5b9dfef40ef0f98d9530" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer", + "cmt_id": "80637a906eded08e04ed8a6fbbdd2b8112eaa387" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM", + "cmt_id": "26bee6ef0d72193d58a085610fe49169d23baa83" + } + }, + "4.14.136": { + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc", + "cmt_id": "c4c213d9aadc85a2808b04d3676970ea5f90340e" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations", + "cmt_id": "69f9c2bc3f754ad1d610b30b940681d678c8e684" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers", + "cmt_id": "d0919216e468d5613cc8c53d4d0676026960fe39" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect", + "cmt_id": "3566a98e59b5cb19829d21bfe18cd396812ce15e" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer", + "cmt_id": "a4a3c070b8760f71c8311399fa9bfe67c8629bca" + } + }, + "4.14.137": { + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations", + "cmt_id": "83e6e48e70a133a5ea6167bf152ce2b274008b3d" + } + }, + "4.14.139": { + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices", + "cmt_id": "dc741536d5d04065217a8402c52ad49df4cf134c" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices", + "cmt_id": "15312ff709e6a5598a33edb3d31882951233d765" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete", + "cmt_id": "f0d684599b4f2525a6a7fe0cde8dff6800d16a22" + } + }, + "4.14.140": { + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion", + "cmt_id": "282a771475c2016ef77871f4438d9aaf9c8aa2b7" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device", + "cmt_id": "d65ca54d05c209571cf2b3913277f75ab477e214" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough", + "cmt_id": "e630f38040b5d2ecc56920742f7bafd57834cd2a" + } + }, + "4.14.141": { + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT", + "cmt_id": "044d098441df8fabffba3b084a70beba0e77f8d4" + } + }, + "4.14.142": { + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term", + "cmt_id": "6e1a602dfd51709538fc371d053708934909e3ba" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown", + "cmt_id": "3a647417696217c5861a81ccfe5d2e6791d696ac" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit", + "cmt_id": "96b0e80b6d5fb88c4f5b1e9d5224f2aa56395926" + } + }, + "4.14.144": { + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num", + "cmt_id": "7e9480b480a57fb4ef2e4d2c2cddbb1a31d56b33" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction", + "cmt_id": "32b803e81ce17eec816f09d5388ef0a1cc9e4c2f" + } + }, + "4.14.146": { + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "a723f89aa82fd51f2fc2b8c71928324531b37215" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "a723f89aa82fd51f2fc2b8c71928324531b37215" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "a723f89aa82fd51f2fc2b8c71928324531b37215" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer", + "cmt_id": "120d5674a14f5d641970bc4287a752e60415b17c" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking", + "cmt_id": "bf81752d808cd31e18d9a8db6d92b73497aa48d2" + } + }, + "4.14.147": { + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "b6a2d6c11272b3cf5d2d902bb9aaf7558560a5eb" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "70f80cb205649c7350617ca79515b98419e90475" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "6567debe7f9c0423e18a758060cc63ee69e2e7d0" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()", + "cmt_id": "580ee4a521ddc18aad5c750cc84bf43171599b29" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "371af137855d633d7c6226f659bbb6dcceb21322" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "272f46fe19daa1a18c0243cc8ac150e291ea51fd" + } + }, + "4.14.148": { + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers", + "cmt_id": "dca8aabd7198e1aa7210ff2de081befba79d0d41" + } + }, + "4.14.149": { + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect", + "cmt_id": "481376cc2ccb32113a2492ed1f8de32b5c777b00" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head", + "cmt_id": "01ec813e457954d8eeaf768d57d625752d245bc9" + } + }, + "4.14.150": { + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure", + "cmt_id": "6921174cd2fb5f2d0608770fe23056ab128b6d97" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect", + "cmt_id": "b074263b69bc7683d5ac595cb135b4b5dfd04813" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect", + "cmt_id": "10b0e388a18353d224ccf17cc46a57f1070abb2b" + } + }, + "4.14.151": { + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak", + "cmt_id": "0cafebaf5719dc84361e39f3f3874721ec95d1af" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack", + "cmt_id": "1db19d6805d9dc5c79f8a19dddde324dbf0a33f9" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs", + "cmt_id": "63eb9c2849bc377c6bbf491f752c6cc6b9b75bca" + } + }, + "4.14.152": { + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init", + "cmt_id": "8f7b8f1d14d714181b35e69f4cb73f02ea8f0156" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code", + "cmt_id": "1b940dd55d42133791d7ba4841adfcf436fab98e" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()", + "cmt_id": "ce1dee3c1a88a534f561310f16e2eed3e686f28a" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()", + "cmt_id": "ce1dee3c1a88a534f561310f16e2eed3e686f28a" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()", + "cmt_id": "119e9aef452a6b6976d20dac8f35aa2dc3e01348" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks", + "cmt_id": "2a571bd399084762a67519f35ef586407fbd3cb2" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs", + "cmt_id": "e13a3d84494ca7b560551a9927231e7ecf27d96a" + } + }, + "4.14.153": { + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash", + "cmt_id": "a9de6f42e945cdb24b59c7ab7ebad1eba6cb5875" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add", + "cmt_id": "9f4ca715dae36ff5b737d56165df1b7964a2cb3e" + } + }, + "4.14.154": { + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq", + "cmt_id": "d905f0cea5e0f29b8aced5a38b1ce243051887de" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak", + "cmt_id": "3f5e99731cd55f9be6468e9af7985a838ce7255b" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry", + "cmt_id": "82e77746f07db70367f66ef272256037d6415353" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables", + "cmt_id": "82e0caec38b8eb2ec4fa90b614ba02fc297faeb7" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs", + "cmt_id": "d302d64a90b0b390ead3f70832aac2662e34323b" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices", + "cmt_id": "3dec71e388f95382d83ebb5589f0016eac4a6d2b" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect", + "cmt_id": "72e535208bc328e0617a8adb242bf8d89cdfd7d4" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR", + "cmt_id": "74bccd0ec712fdff716cec80ba1553d41bc887b8" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure", + "cmt_id": "81370ee55d9250e0744e09493186cb0e071dbcb2" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak", + "cmt_id": "89a23a5d03956b44eac1a778806449577d690c6c" + } + }, + "4.14.155": { + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()", + "cmt_id": "5edab14154213a4b6bcc527f60adb6124034a0be" + } + }, + "4.14.157": { + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch", + "cmt_id": "bc06abfb2bc7e5856f997ebc57c361caa08cd961" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking", + "cmt_id": "9a611c200ee2777bb3551ee1d979bf923b93653a" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop", + "cmt_id": "4a2c9b037a08b8496f04a76987332ca6f19bd794" + } + }, + "4.14.158": { + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()", + "cmt_id": "0583dc6fceb6b70cbd7e39802da41d8269fe82ac" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling", + "cmt_id": "eb3257cba634f9a520467f6c8c56f4abfa347484" + } + }, + "4.14.159": { + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client", + "cmt_id": "39de8cc3678f5cd1f4e0ae274c20acabbd85a8b1" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report", + "cmt_id": "41b3b8e0775465c33083ce1998df7f15c039c9bf" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)", + "cmt_id": "f70609f898d63973388b36adf3650489311b13b9" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails", + "cmt_id": "0d8b2921af273b9545e16ad21375fabcb647c56e" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely", + "cmt_id": "d5a2955049171e48feba628e60f15206689bba94" + } + }, + "4.14.161": { + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure", + "cmt_id": "3feec89682118fad5139e745c3453a4cf8580ef0" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring", + "cmt_id": "1cdafe368ec4ad7e878eddc30ea0d11a0f57b222" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe", + "cmt_id": "9c84ba30947a9d8ac2c67abaafc17087ead04426" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string", + "cmt_id": "679c4f27b8958b65bb51d1c3dfdbf3befe4a33a3" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo", + "cmt_id": "665c9af8987880414e141e623bf7e6481d1c1696" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference", + "cmt_id": "b88d9f8b8ba5722ab4aef7d01c2a5a66b5414b83" + } + }, + "4.14.162": { + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev", + "cmt_id": "2dece4d6d13fe179ee3a5991811712725a56e2f7" + } + }, + "4.14.163": { + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state", + "cmt_id": "2d7c27957cac081eeacea7c38d8c9c59049883dc" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected", + "cmt_id": "82df1d3fa11bc7b25789efa4232bf0c188c8bc72" + } + }, + "4.14.164": { + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()", + "cmt_id": "ec3bb975c6013aa2f5e8a96a0bee2c8d39618e89" + }, + "CVE-2020-0430": { + "cmt_msg": "bpf: reject passing modified ctx to helper functions", + "cmt_id": "7fed98f4a1e6eb77a5d66ecfdf9345e21df6ac82" + } + }, + "4.14.165": { + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()", + "cmt_id": "c2544fb30080aecc3fff99f2e97999ce8e625f45" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'", + "cmt_id": "c807f43500e14ed24599106745bb6005665f74d6" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error", + "cmt_id": "f4e8c78fad1294c785de5e92562862dbef1e9c1e" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()", + "cmt_id": "af62c38b0f86539504dc5c0e5dcfc7613b1150a5" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb", + "cmt_id": "32079b0c59f4620fdf7a5576af7502b0d05fcb01" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages", + "cmt_id": "cb0a3edf8d00740303e5b42e9c0e72d924fc23d2" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch", + "cmt_id": "39465647eda707db7c7561006da3a8450ca634b9" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf", + "cmt_id": "6ddbe82681d911534f460e6afd297fcf7f388049" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak", + "cmt_id": "4af2276845448609264360e95973246f222a7d86" + } + }, + "4.14.166": { + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp", + "cmt_id": "d0c15c1e8f9223552818fe5340b0427483b34f22" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap", + "cmt_id": "ffe76c896fbc91af8859aaea15b75b0b887960f3" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable", + "cmt_id": "db1fb5a39747a680a4cc182c8bb4648b845a841f" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions", + "cmt_id": "ba8bbddaa188235df007411fdead5832f9e0cb59" + }, + "CVE-2019-2182": { + "cmt_msg": "arm64: Enforce BBM for huge IO/VMAP mappings", + "cmt_id": "68a066f6ff13e7029d54da9d322ad686694c7039" + }, + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error", + "cmt_id": "1059b758b6fb0fb6949b8c0474d5db27ea269b01" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization", + "cmt_id": "57e1b5f6b55acb655358bd62c7e2f14d8af90e0a" + } + }, + "4.14.167": { + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl", + "cmt_id": "fedf64ea8f461ac51d9772998b277a30cbf8375e" + } + }, + "4.14.168": { + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame", + "cmt_id": "f4c8d9e5ea524d7f53e54da2920a7d1250822ec5" + } + }, + "4.14.169": { + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "5cdd9e0e7ee99caf59ad54fa833eeb6033386875" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "5cdd9e0e7ee99caf59ad54fa833eeb6033386875" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU", + "cmt_id": "c39c4e9116943faf30fb7fb9cc1e739c732b4443" + } + }, + "4.14.170": { + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow", + "cmt_id": "6560fd66278fec045902010ff7b07878a13e501f" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls", + "cmt_id": "b56f2a4a4327f609e30872e37eda6d73a6433ed2" + } + }, + "4.14.171": { + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()", + "cmt_id": "43e189049f32740c0d015f43a407658ac53d1743" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()", + "cmt_id": "49e9f1057ef968af57a62860697898cb35246936" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors", + "cmt_id": "52f001bf9ba6d5fc628852dd6102a98f573e0b3b" + } + }, + "4.14.172": { + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it", + "cmt_id": "e4c587650f64608fcd3506fa2cb47f81c0f88348" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode", + "cmt_id": "ee1238c0285f40d8297e70f3aaa0d8a981ea0b53" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference", + "cmt_id": "2011a54b6161cdeb42ec8d7843170977701f97b6" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped", + "cmt_id": "60ba005bbf5751c2c58ca23ccfc9289ae06782b7" + } + }, + "4.14.173": { + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "1855aaccd74cb9528c24ceb6bc15358a411f65ff" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race", + "cmt_id": "432ef54c0444e7cab85a291347bfc1f69ee6257a" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "1855aaccd74cb9528c24ceb6bc15358a411f65ff" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname", + "cmt_id": "ff8e12b0cfe277a54edbab525f068b39c7ed0de3" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE", + "cmt_id": "ffe09a48bd96094786c303f1cf29b32a29aa6dc8" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()", + "cmt_id": "edde9fcd5f41b2e22e455250214de0c4b126b255" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation", + "cmt_id": "864ef06aaef5b164669a5292eb822c454c46dd69" + } + }, + "4.14.174": { + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()", + "cmt_id": "992a5c90af04da6e1e047f10c5ee5d6d8752a699" + } + }, + "4.14.175": { + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue", + "cmt_id": "e52694b56eb6d4b1fe424bda6126b8ce13c246a8" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks", + "cmt_id": "e251c592321cb82e5f31b06542b2f1f6e81cb2b8" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable", + "cmt_id": "f0c92f59cf528bc1b872f2ca91b01e128a2af3e6" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer", + "cmt_id": "dc0ea9b710102ef628a26663d892031a2c381549" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks", + "cmt_id": "ea7d13d02a76c76dd3a0ee7bda97bb4361473b62" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks", + "cmt_id": "b4ac6fbe5b1a3cb83d84cb9f7ab8df71d104f535" + } + }, + "4.14.176": { + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding", + "cmt_id": "d0a7c3373404bd931565f361802d320462fbe9f9" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED", + "cmt_id": "c51609ac4c48d31a8881af669f1192d2ee405928" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter", + "cmt_id": "574eb136ec7f315c3ef2ca68fa9b3e16c56baa24" + } + }, + "4.14.177": { + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits", + "cmt_id": "28c63ef17d620f0e95458c56c5d839ea3de3e500" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body", + "cmt_id": "f83b75ef20ac868046f90a7006b44bfea671a7c3" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle", + "cmt_id": "66a93f57330d3e172bf2c3da29f0501634bfac7a" + } + }, + "4.14.178": { + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity", + "cmt_id": "795762468125a6412c089651e74f780bee154118" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount", + "cmt_id": "e21c8c03af20932c15d8b1d3bb9cbad9607a6eab" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary", + "cmt_id": "b49aa64f1d2526de71ae0354d37026e5861ccb4b" + } + }, + "4.14.179": { + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "90d4469b0aefac7695e48a641551f74a38f55613" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "90d4469b0aefac7695e48a641551f74a38f55613" + } + }, + "4.14.181": { + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size", + "cmt_id": "ec236cd6a254da2192c35a65fa0011a0268d66b7" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap", + "cmt_id": "0f5ae0f5b2675e4e703b980221976a1c2d79dba9" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC", + "cmt_id": "3d1e9fbbfb888ef59697766561e982524c0a6a03" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup", + "cmt_id": "8ab8786f78c3fc930f9abf6d6d85e95567de4e1f" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses", + "cmt_id": "8645ac3684a70e4e8a21c7c407c07a1a4316beec" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary", + "cmt_id": "1d295b32df866ea09aa8cc94500ed6e96e2ea09e" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr", + "cmt_id": "ae811cecbbb231f11a84acaf74baca1283b964c7" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU", + "cmt_id": "7a35c8cbf2522e4f45d266dca95dacc71cf412ed" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write", + "cmt_id": "3f743dd319951491d005ea51470e180f6df9125e" + } + }, + "4.14.182": { + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU", + "cmt_id": "26f8819ddd10141ebe7bbce700fbab36bfa5f478" + } + }, + "4.14.183": { + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()", + "cmt_id": "61ce1733b30fdcf45e31308bc7795b6dc7f2ffba" + } + }, + "4.14.184": { + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii", + "cmt_id": "26079af52bf616bc492acc1fe41dce53fe199456" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()", + "cmt_id": "9c98ba3f69b156c9fee72b71260d51f623a4a457" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open", + "cmt_id": "7821131c16cb2d32a5014009b50d362317418556" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap", + "cmt_id": "469ef673629d36d8ed5912b52f5d87ecc0309b3c" + } + }, + "4.14.185": { + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free", + "cmt_id": "033e86f47388583d460e1ea075fc4581d23c0fe1" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'", + "cmt_id": "b25df2918ba94ccc0ae44b4bb53f0f76a4bb0e96" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()", + "cmt_id": "3b6c93db0a02b843694cf91f8bacd94f8e7259c8" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown", + "cmt_id": "d808ea8d0b4deaf6be37a58d41550df48f117a3a" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.", + "cmt_id": "b4eba1edf71e3ce882d79fd46d654770a7b277b0" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.", + "cmt_id": "96f1500aedc9ee67ad9614917d7c6e97bc7dbaa1" + } + }, + "4.14.186": { + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce", + "cmt_id": "80d90125a3e1c98aafb6b13e62bd680fe9a4cd5a" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()", + "cmt_id": "a43abf15844c9e5de016957b8e612f447b7fb077" + } + }, + "4.14.187": { + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify", + "cmt_id": "115267e8d9fce8d5efe0949f1d2e5cee30441cf7" + } + }, + "4.14.188": { + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support", + "cmt_id": "15fefb108c7af7ec8e19a88caed928d8b88120ff" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect", + "cmt_id": "4336374bc2220bf3c439b70c31d9e8f6f9583ea8" + } + }, + "4.14.189": { + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()", + "cmt_id": "82fd2138a5ffd7e0d4320cdb669e115ee976a26e" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"", + "cmt_id": "5cd9ec70b9f6431fc3e60075c01bc00f08c5606b" + } + }, + "4.14.190": { + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()", + "cmt_id": "c5760ab7aae09899412646e0cf842e23bea5b7a2" + } + }, + "4.14.191": { + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree", + "cmt_id": "8a443ffcf7b572c071398644d35cf9cc55cfa2cb" + } + }, + "4.14.192": { + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak", + "cmt_id": "8d75cc141d702ebc280dde2b32b50cfdea3a02b3" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value", + "cmt_id": "6a27f426266ac0d29faa95bed8934afeef1f9d13" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe", + "cmt_id": "12273ec840cc67b2ec469ee5f5214559357436bb" + }, + "CVE-2018-8043": { + "cmt_msg": "net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()", + "cmt_id": "9e06953ee2a406c4bf4ff08c700d3ce1254974d1" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid", + "cmt_id": "a42f149865da48f25e5a49ca344dbcad61b66ae1" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out", + "cmt_id": "83c212df7794563a2f45a3be8fbc097e352b2c3a" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out", + "cmt_id": "5502de13f91db625b063cb9d0793c7391f38452d" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct", + "cmt_id": "3a156abd24346a3188eb7e88cf86386a409e0d02" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit", + "cmt_id": "fd4a641bb5731c0ce5397698560a823602dbaac2" + } + }, + "4.14.193": { + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity", + "cmt_id": "583bcbc024f6bf8daa266f4f71b99e9d6e78c40b" + } + }, + "4.14.194": { + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check.", + "cmt_id": "980415fffec6952602edac586eb8c3a7d3f50b43" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()", + "cmt_id": "d91299b8382b129156708708d69876e753b9ade6" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space", + "cmt_id": "10742034076daea73acc17779e8f234060e03489" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow", + "cmt_id": "e4ddf4e58946c7dfe8568a21ee3d27b03d96bc56" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling", + "cmt_id": "041a5a238a1e31992b5f22ef4f9792729d3b46ca" + } + }, + "4.14.195": { + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()", + "cmt_id": "fbbfd55a40d5d0806b59ee0403c75d5ac517533f" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()", + "cmt_id": "89346bc395e7bc0a7d3c36c824782050b17d4fec" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit", + "cmt_id": "6875d79ba740f47a480908cf9fa791715ea0e4f1" + } + }, + "4.14.197": { + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers", + "cmt_id": "c4b219136040bc57e9704afee8f5c5a9430795a5" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input", + "cmt_id": "a083dcdcfa2568747112edf865b3e848d70835e5" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec", + "cmt_id": "b7aae706e84ac271f755a574d6a18fc9b42e8e8f" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"", + "cmt_id": "c5c6e00f6cc5d3ed0d6464b14e33f2f5c8505888" + } + }, + "4.14.198": { + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory", + "cmt_id": "1356c3e8539ac48b9362e60b1fa80ec06bb960ec" + } + }, + "4.14.199": { + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping", + "cmt_id": "af4a88994936474294b2f484be01117dc7550e68" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code", + "cmt_id": "6e2e0735dadecc1c1657e458e8f88e0ca6a4ec04" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support", + "cmt_id": "34c050b531a72639e61a3be24b608604753f885a" + } + }, + "4.14.200": { + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve", + "cmt_id": "494648fc5286830b149bc1c1a059a827a45df3c8" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation", + "cmt_id": "05570d97443f8e569a79cf6e140f5ed96e6ac172" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()", + "cmt_id": "8f0addb36dd1c61fe0f1a458a48b1a5ddc96aa24" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()", + "cmt_id": "40a023f681befd9b2862a3c16fb306a38b359ae5" + } + }, + "4.14.201": { + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv", + "cmt_id": "5b08356f184a0314d87f9a889be2ed9fef087691" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum", + "cmt_id": "60634d81cb43b19817b79a8a1d38e25e907e5ea1" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum", + "cmt_id": "60634d81cb43b19817b79a8a1d38e25e907e5ea1" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done", + "cmt_id": "23fb662b13e4f75688123e1d16aa7116f602db32" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()", + "cmt_id": "30386c13a1bfb0d1ce59ea83b825aa73bd516bc5" + } + }, + "4.14.202": { + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm", + "cmt_id": "7c9748f455b9206b279a4710210c902cb1f275e2" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members", + "cmt_id": "d53b1e94d08c032754a9aabeb3df309209c00347" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel", + "cmt_id": "2acf87436517894275a804210caa33b9a08cf93c" + } + }, + "4.14.203": { + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list", + "cmt_id": "d4c49b6733c3125c3cc71617399d22f5b8ff962f" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter", + "cmt_id": "e1b8b57623521b7f4974476a20bd6ff971fde6c4" + } + }, + "4.14.204": { + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace", + "cmt_id": "818783bf8da5c20eb75a6bcf749eb97003ea9983" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed", + "cmt_id": "0182d680ead968cea5673ed5dcac0e4505a75f29" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers", + "cmt_id": "7f4c966f2ad5f580fd5b1e2dcb19ba1c06a9254f" + } + }, + "4.14.205": { + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8", + "cmt_id": "9900bf4d433be6a2ed8c158779137c7a4742ab67" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent", + "cmt_id": "ee55b8c6bf4d59c7b82079b8a7d67597bb3a5539" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY", + "cmt_id": "9421bad22e9fb7f513d81ef8fec513c8a4850c0d" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler", + "cmt_id": "978c31f09d59cdd52cadc462f12862376e72f618" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free", + "cmt_id": "8268f88785ca9476c68da06d1f93c3d0d9747d28" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler", + "cmt_id": "978c31f09d59cdd52cadc462f12862376e72f618" + } + }, + "4.14.206": { + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access", + "cmt_id": "bab6310b64994ee6ca679d86c90ca24111783516" + } + }, + "4.14.207": { + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function", + "cmt_id": "30c8324e9e7ee57b58af2501cb7db5d9d4f7b69b" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking", + "cmt_id": "025ea15db5665fa14d1c48e39aa788acaf30471b" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it", + "cmt_id": "b559da71974b5eb93311f7f475b2e4b16c0f9bb3" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()", + "cmt_id": "65c4000ccf7cc58a455977c5ec928525954058ac" + } + }, + "4.14.208": { + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry", + "cmt_id": "db01cad9efe3c3838a6b3a3f68affd295c4b92d6" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths", + "cmt_id": "436aff975718106d8e168fde69a3786962ca356e" + } + }, + "4.14.209": { + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times", + "cmt_id": "e712cefb3699ea978611edb3c2a5d3acd57d4004" + } + }, + "4.14.210": { + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference", + "cmt_id": "3b68f5961224b7948004fd8a8e185867ecab7974" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference", + "cmt_id": "3b68f5961224b7948004fd8a8e185867ecab7974" + } + }, + "4.14.211": { + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows", + "cmt_id": "f1fbbcb61d840792ae38bc4007160fc80c14ee90" + } + }, + "4.14.212": { + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()", + "cmt_id": "882e038d2cd276163a8fc7bbeffda59ae0924471" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking", + "cmt_id": "8deb3d9018400fab0a7401a910d3341053f5ec82" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup", + "cmt_id": "bccd77063e971a006164968873f4c2918b7188e6" + } + }, + "4.14.213": { + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree", + "cmt_id": "4a0809752ef23cd4be99b0cd8f7586c8ed7bd433" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing", + "cmt_id": "92d4ced9881361aefa2f7bc58dab19aa4d28ddf8" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()", + "cmt_id": "62afce1adda51bd9d033dbec1dfe413891021bae" + } + }, + "4.14.214": { + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start", + "cmt_id": "d367530330f7f638eecdfc724ae276546f1b1e68" + } + }, + "4.14.215": { + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup", + "cmt_id": "c842ead67ae3cac58e84e7880153e68cccd59773" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name", + "cmt_id": "6766064c794afeacc29b21fc09ea4dbe3cae1af3" + } + }, + "4.14.217": { + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export", + "cmt_id": "0f60f9d1e6182d9440614c13cdf6106e2d470f89" + } + }, + "4.14.218": { + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call", + "cmt_id": "fdb2310d58812b15f6b460509b43ff0b87e59367" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback", + "cmt_id": "30f2a89f9481f851bc68e51a1e7114392b052231" + } + }, + "4.14.219": { + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections", + "cmt_id": "51359110d9d9b0231dc6a60716895104c73e7770" + } + }, + "4.14.222": { + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()", + "cmt_id": "fd8ec8c708953323feb7c6177d894d39a23b08e4" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()", + "cmt_id": "5571633988e02a1107720544a57ab4878c4446be" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents", + "cmt_id": "b71cc506778eb283b752400e234784ee86b5891c" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()", + "cmt_id": "da2e2a5c88abfe0974b4b8575c798fcafb552fc9" + } + }, + "4.14.223": { + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same", + "cmt_id": "00022873fdc1a304fd89016d227e3781f413dfbd" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl", + "cmt_id": "d4b7440883871cbcaf6c1cd95a76048a86b005c7" + } + }, + "4.14.224": { + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy", + "cmt_id": "d4daa80676bfa53359ae31e601105cbdefaf2554" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE", + "cmt_id": "1a588b51ff984aadc027078125064807c5c7bc3f" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities", + "cmt_id": "6c6711c1a0cd2675f9c537c96bd70ecdd84c5d3e" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities", + "cmt_id": "6c6711c1a0cd2675f9c537c96bd70ecdd84c5d3e" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis", + "cmt_id": "893a88ea0ee11a1f5e2279cad3c0ed7736187288" + } + }, + "4.14.226": { + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure", + "cmt_id": "593b7ff46bc064f2acac9ed6b7baa3189d2bcd90" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts", + "cmt_id": "ab44f7317c16ddcf9ee12ba2aca60771266c2dc6" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf", + "cmt_id": "04f879ba79b056041972122c1dc597b79d2464e5" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()", + "cmt_id": "33cdc63f0e07abf637ba326b6016731be958088d" + } + }, + "4.14.227": { + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root", + "cmt_id": "0fbf41006d8c850963049c35563e7775fe7c2164" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions", + "cmt_id": "6d7724c9c507d5b526991dcdef861c6b28c45eb2" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status", + "cmt_id": "403fdabcc1bcd0d31f9fcb9b9b2e831214ab2192" + } + }, + "4.14.228": { + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()", + "cmt_id": "db108b67d81397cdbaf3f91aeca6e5eb5f71de1d" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()", + "cmt_id": "749d2e33bfbacb3112cbfaafde75e507cb46c67d" + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices", + "cmt_id": "ba73e621ced58ff4ad1020a140ccb5843da1cb26" + } + }, + "4.14.229": { + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len", + "cmt_id": "64cf6c3156a5cbd9c29f54370b801b336d2f7894" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()", + "cmt_id": "8aa6e548a5ee59c91e9e5d67fd6de5cbaa5c458a" + } + }, + "4.14.230": { + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64", + "cmt_id": "32f9a870ab6b1f72f100e9db55b8a022072f78a6" + } + }, + "4.14.231": { + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault", + "cmt_id": "d103fd20f0539e2bd615ed6f6159537cb7e2c5ba" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write", + "cmt_id": "522a0191944e3db9c30ade5fa6b6ec0d7c42f40d" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()", + "cmt_id": "02b99cae71335f9f38d0a164ffe3a7a1328f44fc" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()", + "cmt_id": "892e1f065c1b3c99a12a1a41683f9ddbc22abb3e" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()", + "cmt_id": "538a6ff11516d38a61e237d2d2dc04c30c845fbe" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()", + "cmt_id": "b1d5c07a3b597766bbf5bf61083cd65e72034144" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write", + "cmt_id": "522a0191944e3db9c30ade5fa6b6ec0d7c42f40d" + } + }, + "4.14.232": { + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue", + "cmt_id": "407faed92b4a4e2ad900d61ea3831dd597640f29" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock", + "cmt_id": "54b63c76b9bb95fba20cd268086ee448f87208c6" + } + }, + "4.14.233": { + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()", + "cmt_id": "40286f0852d2ecfa713438199557c706dc6a8db3" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy", + "cmt_id": "21f6aee6682a1f7415e23f96ce94ff387d9cdb2e" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller", + "cmt_id": "40acc1aa3e2a705a3c2ed171ed563ef04f7ba19e" + } + }, + "4.14.234": { + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical", + "cmt_id": "4555cee33f7d75c1ee69902c872c9d1e9568ebd5" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical", + "cmt_id": "4555cee33f7d75c1ee69902c872c9d1e9568ebd5" + } + }, + "4.14.235": { + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF", + "cmt_id": "5217f9cab7dd28e9c7626cd795e51da98ecb2af4" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks", + "cmt_id": "f643397142c196d3ac653b2df32997dad991cb29" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks", + "cmt_id": "f643397142c196d3ac653b2df32997dad991cb29" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails", + "cmt_id": "6f6ac2a7959b1864886d07fcf3b9cec587dfe635" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks", + "cmt_id": "a3558e1b75fefb2299659ee0070ee917927d9220" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames", + "cmt_id": "557bb37533a365f9d8a0093ecce29417da4b9228" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted", + "cmt_id": "c39f180c7bd8379de238a4fd4a2f7515e03802f8" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers.", + "cmt_id": "f1fd7a174018f1107881150c6c2ce00e49a1e643" + } + }, + "4.14.236": { + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order", + "cmt_id": "fa7d2874963312030d9618541b9bc2e549e19ac1" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect", + "cmt_id": "ffff05b9ee5c74c04bba2801c1f99b31975d74d9" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object", + "cmt_id": "88481ea480756644b5221648216bb67866e51391" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect", + "cmt_id": "ffff05b9ee5c74c04bba2801c1f99b31975d74d9" + } + }, + "4.14.238": { + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head", + "cmt_id": "4fa028860bb1656f370851c2c26de15fc67da300" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation", + "cmt_id": "3ba51ed2c3ac36aa947d0b250d318de6ed7cf552" + } + }, + "4.14.240": { + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation", + "cmt_id": "4b55d7b3106a410cdab4ea60f5e55ca0668c6a09" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return", + "cmt_id": "f01bfaea62d14938ff2fbeaf67f0afec2ec64ab9" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()", + "cmt_id": "630f13442f1472abe5013ef98f76a3bbca64dd80" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header", + "cmt_id": "29d882f9a6a6219a1c59729e1f43fa40663903e4" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations", + "cmt_id": "3c07d1335d17ae0411101024de438dbc3734e992" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited", + "cmt_id": "56cf748562d3cbfd33d1ba2eb4a7603a5e20da88" + } + }, + "4.14.241": { + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory", + "cmt_id": "edddc79c4391f8001095320d3ca423214b9aa4bf" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.", + "cmt_id": "76598512d5d7fc407c319ca4448cf5348b65058a" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow", + "cmt_id": "b67a821813c7b8160b54d83928281fec84a42d88" + } + }, + "4.14.242": { + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK", + "cmt_id": "af3e2b87b36100c28feb71da52c57293c4540690" + } + }, + "4.14.243": { + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages", + "cmt_id": "46d75ff2c1beebe90e7af8887256d8f0323679e4" + } + }, + "4.14.244": { + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer", + "cmt_id": "1994eacac7af52da86e4b0cb6ae61621bef7393f" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed", + "cmt_id": "517b875dfbf58f0c6c9e32dc90f5cf42d71a42ce" + } + }, + "4.14.245": { + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data", + "cmt_id": "5e0e782874ad03ae6d47d3e55aff378da0b51104" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)", + "cmt_id": "26af47bdc45e454877f15fa7658a167bb9799681" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)", + "cmt_id": "6ed198381ed2496fbc82214108e56a441d3b0213" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries", + "cmt_id": "2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda" + } + }, + "4.14.246": { + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page", + "cmt_id": "cea9e8ee3b8059bd2b36d68f1f428d165e5d13ce" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start", + "cmt_id": "99279223a37b46dc7716ec4e0ed4b3e03f1cfa4c" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking", + "cmt_id": "3f488313d96fc6512a4a0fe3ed56cce92cbeec94" + } + }, + "4.14.247": { + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap", + "cmt_id": "b1b55e4073d3da6119ecc41636a2994b67a2be37" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing", + "cmt_id": "9569234645f102025aaf0fc83d3dcbf1b8cbf2dc" + } + }, + "4.14.248": { + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions", + "cmt_id": "daf48f68fca9040b542282a5cd17397af316dd89" + } + }, + "4.14.249": { + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()", + "cmt_id": "3707e37b3fcef4d5e9a81b9c2c48ba7248051c2a" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses", + "cmt_id": "9d76f723256d68eea16f0c563fc80b3c14258634" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()", + "cmt_id": "3707e37b3fcef4d5e9a81b9c2c48ba7248051c2a" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device", + "cmt_id": "4c0db9c4b3701c29f47bac0721e2f7d2b15d8edb" + } + }, + "4.14.250": { + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer", + "cmt_id": "0135fcb86a0bc9e4484f7e1228cadcc343c5edef" + } + }, + "4.14.251": { + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()", + "cmt_id": "1caaa820915d802328bc72e4de0d5b1629eab5da" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()", + "cmt_id": "f34bcd10c4832d491049905d25ea3f46a410c426" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets", + "cmt_id": "3401bca8827ba4918b3d582bd2c27708d4b133fe" + } + }, + "4.14.252": { + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk", + "cmt_id": "41f0bcc7d9eac315259d4e9fb441552f60e8ec9e" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk", + "cmt_id": "41f0bcc7d9eac315259d4e9fb441552f60e8ec9e" + } + }, + "4.14.253": { + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound", + "cmt_id": "9b6b2db77bc3121fe435f1d4b56e34de443bec75" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()", + "cmt_id": "aaa5e83805b09c7ed24c06227321575278e3de1d" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object", + "cmt_id": "a2efe3df65359add2164740a5777c26e64dd594b" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound", + "cmt_id": "9b6b2db77bc3121fe435f1d4b56e34de443bec75" + } + }, + "4.14.254": { + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk", + "cmt_id": "82ad781d98040b4a5eea4eeb9a5acdd200a420c6" + } + }, + "4.14.255": { + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()", + "cmt_id": "8d6c05da808f8351db844b69a9d6ce7f295214bb" + } + }, + "4.14.256": { + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request", + "cmt_id": "6e2944d8bbc58682691438b57620491b5a4b7cfb" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()", + "cmt_id": "cd76d797a690969186c0c100e8a301c4480e4e7f" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file", + "cmt_id": "1d0606dc3e27e6c281a2684cb8bdf47134051114" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task", + "cmt_id": "8989da231b3b989e48d885d61345fe290114b648" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()", + "cmt_id": "3eb50acbc96c9de3d8a056982938ece9bd1c2b91" + } + }, + "4.14.257": { + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare", + "cmt_id": "7bf1f5cb5150b1a53f6ccaadc0bc77f8f33206c8" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it", + "cmt_id": "98548c3a9882a1ea993a103be7c1b499f3b88202" + } + }, + "4.14.258": { + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()", + "cmt_id": "a36e1978c6cb6282fadd5d62d4b3e7808cf0597b" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests", + "cmt_id": "e7c8afee149134b438df153b09af7fd928a8bc24" + } + }, + "4.14.259": { + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb", + "cmt_id": "20fdf274472998123a8d173ba4cb6282ff6b63bd" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages", + "cmt_id": "9bebb2eedf679b3be4acaa20efda97f32c999d74" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection", + "cmt_id": "eae85b8c6e17d3e3888d9159205390e8dbcff6a8" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms", + "cmt_id": "68b78f976ca47d52c03c41eded207a312e46b934" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms", + "cmt_id": "4bf81386e3d6e5083c93d51eff70260bcec091bb" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms", + "cmt_id": "5ac3b68b79c9e964dd6f3cf80ff825518e502b79" + } + }, + "4.14.260": { + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()", + "cmt_id": "88dedecc24763c2e0bc1e8eeb35f9f2cd785a7e5" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD", + "cmt_id": "a7b0ae2cc486fcb601f9f9d87d98138cc7b7f7f9" + } + }, + "4.14.261": { + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0", + "cmt_id": "3d556a28bbfe34a80b014db49908b0f1bcb1ae80" + } + }, + "4.14.262": { + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep", + "cmt_id": "a025db5658d5c10019ffed0d59026da8172897b6" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate", + "cmt_id": "2af625c89bf4a41c8a0bc818d8cf30a291f216ca" + } + }, + "4.14.263": { + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash", + "cmt_id": "93e83b226a16bcc800013c6e02c98eef7ba9868c" + }, + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode", + "cmt_id": "2cd45139c0f28ebfa7604866faee00c99231a62b" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure.", + "cmt_id": "4a2cec066dc8d099d30c649ae7ed26771029e0b5" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()", + "cmt_id": "8c9261b84c9b90d130d97fc7d13727706253af87" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()", + "cmt_id": "d5e6dff8c92943a2719fa5415cc3d333e57d5d90" + } + }, + "4.14.264": { + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store", + "cmt_id": "eed39c1918f1803948d736c444bfacba2a482ad0" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy", + "cmt_id": "e8d092a62449dcfc73517ca43963d2b8f44d0516" + } + }, + "4.14.265": { + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails", + "cmt_id": "516f348b759f6a92819820a3f56d678458e22cc8" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions", + "cmt_id": "6824208b59a4727b8a8653f83d8e685584d04606" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format", + "cmt_id": "a312cbdb9045a52e5c1fec4ac7b86895f508dc76" + } + }, + "4.14.266": { + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent", + "cmt_id": "b391bb3554dd6e04b7a8ede975dbd3342526a045" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records", + "cmt_id": "fde4ddeadd099bf9fbb9ccbee8e1b5c20d530a2d" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path", + "cmt_id": "e6f580d0b3349646d4ee1ce0057eb273e8fb7e2e" + } + }, + "4.14.267": { + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command", + "cmt_id": "4c22fbcef778badb00fb8bb9f409daa29811c175" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests", + "cmt_id": "c7ad83d561df15ac6043d3b0d783aee777cf1731" + } + }, + "4.14.269": { + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc", + "cmt_id": "fdc22192d49fa577d8397b39f8ef8141cb1d62aa" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length", + "cmt_id": "fbc3c962b6eb42b1483d00d8ea28b61b9f2fff26" + } + }, + "4.14.270": { + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf", + "cmt_id": "6936d1097e9cb891e1daaa8aab1b9c080f5e59a2" + } + }, + "4.14.271": { + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()", + "cmt_id": "1b2f59f854e7069ba059adfe03d648ea643eba51" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()", + "cmt_id": "a37eb077983e678bece23d4061fe5a6614f41354" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs", + "cmt_id": "2d44960d3edf9994998ff798ef618e666c4f0143" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()", + "cmt_id": "22fd4f3fc1cd37d3daa4462f3184b20adb9342f5" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()", + "cmt_id": "1b2f59f854e7069ba059adfe03d648ea643eba51" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status", + "cmt_id": "fbb5d5edd233c25774109dc0a673702c7b4985e5" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE", + "cmt_id": "35c13d13becb5b951ea0fc708dda03fe900cf879" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE", + "cmt_id": "35c13d13becb5b951ea0fc708dda03fe900cf879" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD", + "cmt_id": "85938688be23ecd36a06757096896b2779b80d97" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case", + "cmt_id": "67d21d5bddef88c1977378e4aca2b9c6a4af9edc" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()", + "cmt_id": "1b9f4115738af90427a8c94a3980bc52fbb23296" + } + }, + "4.14.272": { + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device", + "cmt_id": "d03aba820f1549c9f3b1d14bf48fa082663d22b5" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error", + "cmt_id": "e0956dd95ddd6b02b7eb084d127b926a509ae8e7" + } + }, + "4.14.274": { + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION", + "cmt_id": "d908d2776464a8021a1f63eba6e7417fbe7653c9" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()", + "cmt_id": "0f294bc04be87f1c9e1d1a908db9fcc84ce94210" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()", + "cmt_id": "a3cc32863b175168283cb0a5fde08de6a1e27df9" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation", + "cmt_id": "2c8abafd6c72ef04bc972f40332c76c1dd04446d" + } + }, + "4.14.276": { + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path", + "cmt_id": "29d967c18737ce04f372831c4542e71da1a8d5c8" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register", + "cmt_id": "fcdaaeb7eb5d52941ceb2fdcec0e2170c9bf3031" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE", + "cmt_id": "f1442ed84c43610ca8ab77deb9ca991e7354746c" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()", + "cmt_id": "a2793cb58444d4411810cc555eb45b8f4a228018" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks", + "cmt_id": "a70bcf9ed08f3628a9324f054b0e041697b26853" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path", + "cmt_id": "cdced1015a63a7f100b5867ebb9a40271f891411" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect", + "cmt_id": "858642789ada1b48630f322e59416ca9fca3e6b7" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io", + "cmt_id": "0ab55e14cf5fd40c39109969c8b04a25870f5d1e" + } + }, + "4.14.277": { + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()", + "cmt_id": "c44a453ffe16eb08acdc6129ac4fa0192dbc0456" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers", + "cmt_id": "331210983ba5ce82bf63b827bca0e1c833f293db" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path", + "cmt_id": "a5e2259173eb52a728bbf32e02aa9a388451e614" + } + }, + "4.14.278": { + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create", + "cmt_id": "d2b8e8fbac9f175388d2808ade90d86402642b01" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs", + "cmt_id": "ced30680fb1c7c1daae39a9384d23cd1a022585f" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default", + "cmt_id": "b7fa84ae1171a3c5ea5d710899080a6e63cfe084" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()", + "cmt_id": "0511cdd41a03ab396602dded4e778c5edcd8dcd1" + } + }, + "4.14.279": { + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls", + "cmt_id": "a42aa926843acca96c0dfbde2e835b8137f2f092" + } + }, + "4.14.281": { + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self", + "cmt_id": "dee63319e2d1abd5d37a89de046ccf32ca8a8451" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"", + "cmt_id": "aaf166f37eb6bb55d81c3e40a2a460c8875c8813" + } + }, + "outstanding": { + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2019-9444": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2018-20449": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + } + } + }, + "4.17": { + "4.17-rc1": { + "CVE-2019-19083": { + "cmt_msg": "drm/amd/display: memory leak", + "cmt_id": "9ea29a1f8b9da52d8eca8b0996f1d84eac548d3b" + } + }, + "4.17-rc6": { + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size", + "cmt_id": "20943f984967477c906522112d2b6b5a29f94684" + } + }, + "4.17.2": { + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access", + "cmt_id": "0c950f7417267db597e73170d7694ba7f09f77a0" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions", + "cmt_id": "9c3c30575618ba14d4fa67c887a32c05dc55e6fd" + } + }, + "4.17.3": { + "CVE-2018-10840": { + "cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs", + "cmt_id": "0ea1fdcb048f7297153109a2fdced98fe887b0c0" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory", + "cmt_id": "a8c0b29a879d56e7bd0cad37fa472876aef69dd9" + }, + "CVE-2018-11412": { + "cmt_msg": "ext4: do not allow external inodes for inline data", + "cmt_id": "49e5abce91a0538a909794681619a2580dccfce0" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()", + "cmt_id": "be3bb23cc0e4943922db828b923648af7a9f2dc3" + } + }, + "4.17.4": { + "CVE-2018-12633": { + "cmt_msg": "virt: vbox: Only copy_from_user the request-header once", + "cmt_id": "a61b352a7c23191108ae0c747a170f6bce5b154a" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation", + "cmt_id": "ac6992286f1bb8fe86b2a924849f922edabed4ab" + }, + "CVE-2018-12714": { + "cmt_msg": "tracing: Check for no filter when processing event filters", + "cmt_id": "a6974c2f8e8b6f29ba3bcdb508ace850a26823fc" + } + }, + "4.17.6": { + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()", + "cmt_id": "787b882d9178c35eb2e06e974f3c37fc14829e53" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors", + "cmt_id": "0f2e7fe6d2cc8903765dac6eea7d7aa96e9ad823" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data", + "cmt_id": "0abaed0c74f4dbd3f5a9dcb9fb6b472735874b5e" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()", + "cmt_id": "425a51f7b055ccc66ea7fd0415eb905ede66622d" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()", + "cmt_id": "a266689c463cc6057400d1cfdf85b8e3ef7b6efd" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid", + "cmt_id": "b94094f668a9bf7837c275cd6e49bf29def3c77f" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body", + "cmt_id": "1f18321d31d0971a5e9a02a9e67a6d94b638fca3" + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse", + "cmt_id": "ae78cf6c0c2e2ea05f9d2d6bd59f702fd1e8220c" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks", + "cmt_id": "77d4024c10f3271dc7e799890e15df8fcadebcda" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits", + "cmt_id": "f869e0b631a6a7befe595dbad0b2e3662c6d1a99" + } + }, + "4.17.7": { + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories", + "cmt_id": "3dcb24abc93cad1afb87b3f30fd5bf348b49d5a7" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler", + "cmt_id": "ce6037ad83d4d1a27f11c352eb8fab10b1a4e97c" + }, + "CVE-2020-0430": { + "cmt_msg": "bpf: reject passing modified ctx to helper functions", + "cmt_id": "49fde2180b48cd15d6b2a51416bbf1c4be5d77a2" + } + }, + "4.17.10": { + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically", + "cmt_id": "f5f3789f192981a482856a69bd2ef38088f0e635" + } + }, + "4.17.11": { + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()", + "cmt_id": "db11182a1e38e7149804962111622b15bd9aeff2" + } + }, + "4.17.12": { + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug", + "cmt_id": "da1320feb7d48f2a4c5e02b253d5a2186d2bee6c" + } + }, + "4.17.13": { + "CVE-2018-14678": { + "cmt_msg": "x86/entry/64: Remove %ebx handling from error_entry/exit", + "cmt_id": "6557adc69262f90b3f1ddf3d4f874e203894a246" + } + }, + "4.17.14": { + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated", + "cmt_id": "39dc3fb32fd4bf0fde9e8c971dec8228722f0a70" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp", + "cmt_id": "173f00f40107e5099eb8a74ea7b7ff0e662ec80b" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size", + "cmt_id": "2972e3f6816c7dc0d4804ae82a3d02ffb94068dc" + } + }, + "4.17.15": { + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "f6b2c7253830473fedb8b5680894660e78e03aea" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "f6b2c7253830473fedb8b5680894660e78e03aea" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB", + "cmt_id": "0a9da8dd128e2e3038b0b4355cc639769047976d" + }, + "CVE-2018-15594": { + "cmt_msg": "x86/paravirt: Fix spectre-v2 mitigations for paravirt guests", + "cmt_id": "7676d2dee2b687449bb501a98062863741b30bc8" + } + }, + "4.17.16": { + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report", + "cmt_id": "0c37356f695faeb8f47c9107707bd47b53622a46" + } + }, + "4.17.19": { + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()", + "cmt_id": "df2ef7a510fa4c784adc53ef72b1b392a4033ad2" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2020-12465": { + "cmt_msg": "mt76: fix array overflow on receiving too many fragments for a packet" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2021-3444": { + "cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2021-3743": { + "cmt_msg": "net: qrtr: fix OOB Read in qrtr_endpoint_post" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2018-14615": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak" + }, + "CVE-2019-19077": { + "cmt_msg": "RDMA: Fix goto target to release the allocated memory" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-19072": { + "cmt_msg": "tracing: Have error path in predicate_parse() free its allocated memory" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2019-16229": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2019-19082": { + "cmt_msg": "drm/amd/display: prevent memory leak" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-9162": { + "cmt_msg": "netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2021-3635": { + "cmt_msg": "netfilter: nf_tables: fix flowtable list del corruption" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-11884": { + "cmt_msg": "s390/mm: fix page table upgrade vs 2ndary address mode accesses" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2019-19046": { + "cmt_msg": "ipmi: Fix memory leak in __ipmi_bmc_register" + }, + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2019-19048": { + "cmt_msg": "virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2019-15031": { + "cmt_msg": "powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2019-12984": { + "cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-18445": { + "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" + }, + "CVE-2019-13233": { + "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14385": { + "cmt_msg": "xfs: fix boundary test in xfs_attr_shortform_verify" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2018-18955": { + "cmt_msg": "userns: also map extents in the reverse map to kernel IDs" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12768": { + "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-0149": { + "cmt_msg": "i40e: Add bounds check for ch[] array" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2021-4135": { + "cmt_msg": "netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-3347": { + "cmt_msg": "futex: Ensure the correct return value from futex_lock_pi()" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-19070": { + "cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe" + }, + "CVE-2019-18805": { + "cmt_msg": "ipv4: set the tcp_min_rtt_wlen range from 0 to one day" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20322": { + "cmt_msg": "ipv6: make exception cache less predictible" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2021-0342": { + "cmt_msg": "tun: correct header offsets in napi frags mode" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36311": { + "cmt_msg": "KVM: SVM: Periodically schedule when unregistering regions on destroy" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2020-24504": { + "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-35039": { + "cmt_msg": "module: limit enabling module.sig_enforce" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2021-33624": { + "cmt_msg": "bpf: Inherit expanded/patched seen count from old aux data" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-12817": { + "cmt_msg": "powerpc/mm/64s/hash: Reallocate context ids on fork" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2019-3887": { + "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2019-25045": { + "cmt_msg": "xfrm: clean up xfrm protocol checks" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2019-8956": { + "cmt_msg": "sctp: walk the list of asoc safely" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2020-16119": { + "cmt_msg": "dccp: don't duplicate ccid when cloning dccp sock" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2018-16880": { + "cmt_msg": "vhost: fix OOB in get_rx_bufs()" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2019-15504": { + "cmt_msg": "rsi: fix a double free bug in rsi_91x_deinit()" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2021-3600": { + "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + } + } + }, + "4.16": { + "4.16": { + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation", + "cmt_id": "f67b15037a7a50c57f72e69a6d59941ad90a0f0f" + } + }, + "4.16-rc1": { + "CVE-2019-19083": { + "cmt_msg": "drm/amd/display: memory leak", + "cmt_id": "9ea29a1f8b9da52d8eca8b0996f1d84eac548d3b" + } + }, + "4.16.1": { + "CVE-2017-17975": { + "cmt_msg": "media: usbtv: prevent double free in error case", + "cmt_id": "8b862cf0bfd4357408500d3254dd1e0119d57059" + } + }, + "4.16.3": { + "CVE-2020-35513": { + "cmt_msg": "nfsd: fix incorrect umasks", + "cmt_id": "35ed0996e1f726c4638b3609898313f5f4013ef8" + } + }, + "4.16.4": { + "CVE-2019-14763": { + "cmt_msg": "usb: dwc3: gadget: never call ->complete() from ->ep_queue()", + "cmt_id": "c3d0f44576923b0106197adf269e6ac377c20df3" + }, + "CVE-2018-1094": { + "cmt_msg": "ext4: always initialize the crc32c checksum driver", + "cmt_id": "114c42aaa63152d31d3c18d5b750de9560f38a63" + }, + "CVE-2018-1095": { + "cmt_msg": "ext4: limit xattr size to INT_MAX", + "cmt_id": "d97c42e8f9bc9054101d04d715ff322379bfa1c9" + }, + "CVE-2018-1108": { + "cmt_msg": "random: fix crng_ready() test", + "cmt_id": "cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated", + "cmt_id": "510c85c3f0bcfa6111e866b8f3c1a5a58d42da58" + }, + "CVE-2018-20961": { + "cmt_msg": "USB: gadget: f_midi: fixing a possible double-free in f_midi", + "cmt_id": "786513e10cac3cd45b82668fe50d2e9f033c667b" + } + }, + "4.16.6": { + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()", + "cmt_id": "9ee2c2beb5ba8f96ca8af41b7da2e3d756026842" + } + }, + "4.16.7": { + "CVE-2018-9415": { + "cmt_msg": "ARM: amba: Fix race condition with driver_override", + "cmt_id": "9c1c4f09f70d7f543f7495e1f047b23a561f00de" + }, + "CVE-2018-9385": { + "cmt_msg": "ARM: amba: Don't read past the end of sysfs \"driver_override\" buffer", + "cmt_id": "064edf1191f5e0255ba3f030400b07abf2a6fe99" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers", + "cmt_id": "169c851575ece8ae4be7a36ee30caa01a43a1b0f" + } + }, + "4.16.9": { + "CVE-2018-1000200": { + "cmt_msg": "mm, oom: fix concurrent munlock and oom reaper unmap, v3", + "cmt_id": "092d4bd6bdf55899d238737d6870adef6f225211" + }, + "CVE-2018-11508": { + "cmt_msg": "compat: fix 4-byte infoleak via uninitialized struct field", + "cmt_id": "1c2117b6ee880d70dbed1845e187225303317928" + } + }, + "4.16.10": { + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas", + "cmt_id": "b7458b534b56b9b4d9297ba7a6708aa8071ac8ba" + } + }, + "4.16.11": { + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors", + "cmt_id": "8fa17d2b620c615a5a1723184e968275dc26a896" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()", + "cmt_id": "2cd883a4cc87871db17dbc52398a58321af209b1" + } + }, + "4.16.12": { + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()", + "cmt_id": "39169410574503c6e901de1aa6eac5108475e017" + } + }, + "4.16.13": { + "CVE-2018-11506": { + "cmt_msg": "sr: pass down correctly sized SCSI sense buffer", + "cmt_id": "98d02fd4618c48d75589820e8fc39e60c3d3728e" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c", + "cmt_id": "1313bbe2d4a7dfd1fc503a2a9b7af4c88e2f68ec" + } + }, + "4.16.15": { + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits", + "cmt_id": "0c19efdfe9533b4fca0a733088abab912cc8e391" + } + }, + "4.16.16": { + "CVE-2018-10853": { + "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access", + "cmt_id": "3e4717b5bfaebac92f892e50270f001f66f9cb4f" + }, + "CVE-2018-12904": { + "cmt_msg": "kvm: nVMX: Enforce cpl=0 for VMX instructions", + "cmt_id": "b775e0be2c1006a540cdf4982dc588d641e09b2e" + } + }, + "4.16.18": { + "CVE-2018-10840": { + "cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs", + "cmt_id": "e236c837fbaeb666d66966ba150015016fad901e" + }, + "CVE-2018-1118": { + "cmt_msg": "vhost: fix info leak due to uninitialized memory", + "cmt_id": "5e479dbd7083adaa1032e44957438583f2d91e44" + }, + "CVE-2018-11412": { + "cmt_msg": "ext4: do not allow external inodes for inline data", + "cmt_id": "ebff7cb0666c47a7ee37dfc815fc85fcaf19be3e" + }, + "CVE-2018-12232": { + "cmt_msg": "socket: close race condition between sock_close() and sockfs_setattr()", + "cmt_id": "abaa1bb5e3652593a22a51e289bf9dfd4d4a8542" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2020-12465": { + "cmt_msg": "mt76: fix array overflow on receiving too many fragments for a packet" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2021-3444": { + "cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2021-3743": { + "cmt_msg": "net: qrtr: fix OOB Read in qrtr_endpoint_post" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14615": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-15594": { + "cmt_msg": "x86/paravirt: Fix spectre-v2 mitigations for paravirt guests" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak" + }, + "CVE-2019-19077": { + "cmt_msg": "RDMA: Fix goto target to release the allocated memory" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2019-19082": { + "cmt_msg": "drm/amd/display: prevent memory leak" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-9162": { + "cmt_msg": "netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs" + }, + "CVE-2019-16229": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2021-3600": { + "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set" + }, + "CVE-2021-3635": { + "cmt_msg": "netfilter: nf_tables: fix flowtable list del corruption" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-11884": { + "cmt_msg": "s390/mm: fix page table upgrade vs 2ndary address mode accesses" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case" + }, + "CVE-2019-19046": { + "cmt_msg": "ipmi: Fix memory leak in __ipmi_bmc_register" + }, + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19048": { + "cmt_msg": "virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2019-15031": { + "cmt_msg": "powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2021-35039": { + "cmt_msg": "module: limit enabling module.sig_enforce" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-18445": { + "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" + }, + "CVE-2019-13233": { + "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14385": { + "cmt_msg": "xfs: fix boundary test in xfs_attr_shortform_verify" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2020-8834": { + "cmt_msg": "KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-18955": { + "cmt_msg": "userns: also map extents in the reverse map to kernel IDs" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12768": { + "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2018-12633": { + "cmt_msg": "virt: vbox: Only copy_from_user the request-header once" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5390": { + "cmt_msg": "tcp: free batches of packets in tcp_prune_ofo_queue()" + }, + "CVE-2021-4135": { + "cmt_msg": "netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-3347": { + "cmt_msg": "futex: Ensure the correct return value from futex_lock_pi()" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-18805": { + "cmt_msg": "ipv4: set the tcp_min_rtt_wlen range from 0 to one day" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2021-20322": { + "cmt_msg": "ipv6: make exception cache less predictible" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2021-0342": { + "cmt_msg": "tun: correct header offsets in napi frags mode" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36311": { + "cmt_msg": "KVM: SVM: Periodically schedule when unregistering regions on destroy" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2019-12984": { + "cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2018-14678": { + "cmt_msg": "x86/entry/64: Remove %ebx handling from error_entry/exit" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2021-33624": { + "cmt_msg": "bpf: Inherit expanded/patched seen count from old aux data" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2020-0430": { + "cmt_msg": "bpf: reject passing modified ctx to helper functions" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2019-3887": { + "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2019-25045": { + "cmt_msg": "xfrm: clean up xfrm protocol checks" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2018-16880": { + "cmt_msg": "vhost: fix OOB in get_rx_bufs()" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "4.19": { + "4.19": { + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page", + "cmt_id": "eb66ae030829605d61fbef1909ce310e29f78821" + } + }, + "4.19-rc1": { + "CVE-2019-19083": { + "cmt_msg": "drm/amd/display: memory leak", + "cmt_id": "9ea29a1f8b9da52d8eca8b0996f1d84eac548d3b" + } + }, + "4.19.2": { + "CVE-2018-18955": { + "cmt_msg": "userns: also map extents in the reverse map to kernel IDs", + "cmt_id": "9a7a80fb02cc7515b273dbb4249374d6e6a35b70" + } + }, + "4.19.3": { + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace", + "cmt_id": "a0f044f025e9a023e1e2b33c0731291059e2748d" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set", + "cmt_id": "20965de7f47207394ffe03d70a4806f5e1cfcd7f" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak.", + "cmt_id": "c8099dbf492b565a4f75ae7b8c08b76ca18c4c3f" + } + }, + "4.19.7": { + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization", + "cmt_id": "61c42d657c859ccc95e53afdac64f73a0053b8ea" + }, + "CVE-2018-19406": { + "cmt_msg": "KVM: LAPIC: Fix pv ipis use-before-initialization", + "cmt_id": "ffb01e73737b4d3e66734c901ee666ae8a23a857" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer", + "cmt_id": "553927d6aab993e1297d0c69274cd0c2df5440ca" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation", + "cmt_id": "16a2d602244ff5327cecd210fdd50ad5ad443c9c" + } + }, + "4.19.8": { + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails", + "cmt_id": "10f98c134b02d11923d45ce6688c2479435e8ec9" + } + }, + "4.19.9": { + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size", + "cmt_id": "1b2e742bf7230ce04cda5b7348f922174bef2d7a" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers", + "cmt_id": "f9cd25b1e5e575a5f18547bdc04ea40a23ad511a" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c", + "cmt_id": "a7e719ace75e4451b7958cb73cbc12c627760007" + } + }, + "4.19.13": { + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing", + "cmt_id": "1972ca04708330b0edd52956e644e3974065a613" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data", + "cmt_id": "8f980122236c1fc8e11ffb57ec73315d01dc88e0" + } + }, + "4.19.14": { + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size", + "cmt_id": "5036fcd9b14516f62efae6ed0c42dfbb9798b643" + } + }, + "4.19.15": { + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()", + "cmt_id": "8ee6f180d56fe760b275ab7f060c7b12fc05d7b7" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c", + "cmt_id": "dc8408ea0b22ab181ee541f3786b4fd6161e0ce3" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late", + "cmt_id": "bc999b5099d70030a9cb1aff2c48b073f65e0f8f" + } + }, + "4.19.16": { + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()", + "cmt_id": "44e7bab39f877c9c095bfaaee943b0807574a7f7" + } + }, + "4.19.17": { + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification", + "cmt_id": "8db82a6f2b76d42ec2615f8def6e797e064e7822" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len", + "cmt_id": "44c67402c3f738b7048de4464c02461bc8d0fd37" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check", + "cmt_id": "ac8b9e8e7ddd69f3efa91e8a99312de5729382c0" + } + }, + "4.19.18": { + "CVE-2019-9003": { + "cmt_msg": "ipmi: fix use-after-free of user->release_barrier.rda", + "cmt_id": "1c393ca118cfaf36c95270b9bed295bba109fafa" + } + }, + "4.19.19": { + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths", + "cmt_id": "eed84f94ff8d97abcbc5706f6f9427520fd60a10" + } + }, + "4.19.20": { + "CVE-2018-16880": { + "cmt_msg": "vhost: fix OOB in get_rx_bufs()", + "cmt_id": "aafe74b726891386cd139d3432ec619ed5189b29" + } + }, + "4.19.21": { + "CVE-2019-3819": { + "cmt_msg": "HID: debug: fix the ring buffer implementation", + "cmt_id": "c70374ce418e7ae9276d3dc26aed0301e4da5e35" + }, + "CVE-2019-8956": { + "cmt_msg": "sctp: walk the list of asoc safely", + "cmt_id": "7c2361308e1727c3135ebb3b5c6906fb781bb261" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)", + "cmt_id": "5a45d3720b5437515f8c094f1c3d61f6afe211c1" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)", + "cmt_id": "24b027d2b1386da03aafb2aaac69d4fa67ee7d9c" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)", + "cmt_id": "236fd677125f974aaf39f09074d226a884b4fe0e" + } + }, + "4.19.25": { + "CVE-2019-9162": { + "cmt_msg": "netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs", + "cmt_id": "6a3f7237871c4d5c090ab9a6fce3ba6a1baf1f82" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release.", + "cmt_id": "eb5e6869125f69dd28513f92992d97ec62bb9773" + } + }, + "4.19.27": { + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()", + "cmt_id": "de04d2973a62e4efb3de45e93bd46acd6d510e0a" + } + }, + "4.19.28": { + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()", + "cmt_id": "d0bedaac932f4c02c080a50d4a30b2a1fec5d682" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails", + "cmt_id": "f132b3f5f1ad1cbe818474ab8d0b555ff39369d5" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file", + "cmt_id": "b60d90b2d3d14c426693a0a34041db11be66d29e" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject", + "cmt_id": "7ce2a517fd8b7742e381d3b3551b9b03e667ad79" + } + }, + "4.19.29": { + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow", + "cmt_id": "ac8befb6dd601fd35c1d64167750c6698bc27c80" + } + }, + "4.19.30": { + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()", + "cmt_id": "996ee1aca7def6125e9d96f58151799d44082cfc" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails", + "cmt_id": "96a3b14450afa83f4f3ffdeafaca19db8e05c2fd" + } + }, + "4.19.31": { + "CVE-2019-11811": { + "cmt_msg": "ipmi_si: fix use-after-free of resource->name", + "cmt_id": "a441fdaf8c3034436fb6045ee285e515628fc555" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()", + "cmt_id": "234c0cc982211bb5539db632f31490bf0ad54827" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()", + "cmt_id": "573d423a9bd76b396954ddf847ff24d97658453d" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit", + "cmt_id": "e08ba890dc29250fafdfa7c9dba62ccfeec8ef7f" + } + }, + "4.19.32": { + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()", + "cmt_id": "e365b94086f9dec02ddfcc193dcad72858c6d973" + } + }, + "4.19.33": { + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success", + "cmt_id": "d9d215be3a3aa8b3638f2705826f52a7fb84cf24" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links", + "cmt_id": "07d0d2bd957ad922cf571e7cabb6c34067142b93" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt", + "cmt_id": "2318c0e4b87e590c9d8e88db185477cfac18abe2" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path", + "cmt_id": "9b8ef421b481d6e648438131d867986c649c297c" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer", + "cmt_id": "15d6538a0d6e0f6de5116081a948cba7cc3e1d3d" + } + }, + "4.19.34": { + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed", + "cmt_id": "8032fc9120c211cd40beef4c91c8206f4167e523" + } + }, + "4.19.35": { + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN", + "cmt_id": "894dc8495898cf6075eadf99fd496374decd3986" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().", + "cmt_id": "78b4bf26a8a76569fd6d0b47d98fb553c333b06f" + }, + "CVE-2019-3887": { + "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)", + "cmt_id": "119031be7b0a2ce4ff4cd5525bec6d42817ff53d" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()", + "cmt_id": "a1c2f3229734a4bb8d5ac008c0a67e025aa11547" + } + }, + "4.19.36": { + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit", + "cmt_id": "6c42507f426b40c63e8eb98ce6dd4afbc7efcdb5" + }, + "CVE-2019-9857": { + "cmt_msg": "inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()", + "cmt_id": "ca306c17d2edcc8aa3bf1724a5cb1ecefc31ef3b" + } + }, + "4.19.37": { + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "6ff17bc5936e5fab33de8064dc0690f6c8c789ca" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "6ff17bc5936e5fab33de8064dc0690f6c8c789ca" + }, + "CVE-2019-15920": { + "cmt_msg": "cifs: Fix use-after-free in SMB2_read", + "cmt_id": "c69330a855ab4342d304f67f8c1e7d1fa2686bec" + }, + "CVE-2019-15919": { + "cmt_msg": "cifs: Fix use-after-free in SMB2_write", + "cmt_id": "8fb89b43b65fcd35f15d982712904b96fc64c68a" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect", + "cmt_id": "b50e435df2d8b9a1d3e956e1c767dfc7e30a441b" + } + }, + "4.19.38": { + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container", + "cmt_id": "f7b467ad1be0478f0341afa8a9ac112732def088" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference", + "cmt_id": "9b9b0df4e7882638e53c55e8f556aa78915418b9" + }, + "CVE-2019-10125": { + "cmt_msg": "aio: simplify - and fix - fget/fput for io_submit()", + "cmt_id": "d6b2615f7d31d8e58b685d42dbafcc7dc1204bbd" + }, + "CVE-2019-18805": { + "cmt_msg": "ipv4: set the tcp_min_rtt_wlen range from 0 to one day", + "cmt_id": "250e51f856e1534e3e769add508f121966030462" + } + }, + "4.19.39": { + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get", + "cmt_id": "0311ff82b70fa12e80d188635bff24029ec06ae1" + } + }, + "4.19.41": { + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal", + "cmt_id": "9f632afe4f3989d77fdbf8ac6a015d6beb03ccb9" + } + }, + "4.19.42": { + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout", + "cmt_id": "0f18e433b97bf74bb62e0caa95c61e8631967fb9" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow", + "cmt_id": "c6d1f9b4b2cb768e29f5d44af143f25ad89062b1" + } + }, + "4.19.43": { + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "59a14fb5832c370c63ab483f4f3718a0f729c7f5" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "59a14fb5832c370c63ab483f4f3718a0f729c7f5" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "59a14fb5832c370c63ab483f4f3718a0f729c7f5" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option", + "cmt_id": "59a14fb5832c370c63ab483f4f3718a0f729c7f5" + } + }, + "4.19.44": { + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl", + "cmt_id": "e9ec5073c90d6de2ca5338bd67f7935b19d7c0c7" + } + }, + "4.19.45": { + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block", + "cmt_id": "25d010f4e0ece1ddf0d8d57942c0b0f1568fe498" + } + }, + "4.19.46": { + "CVE-2019-25045": { + "cmt_msg": "xfrm: clean up xfrm protocol checks", + "cmt_id": "d410ef75886a4efb3c49b8bacd8e3c295235e744" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink", + "cmt_id": "c9516503fe53c8960f180c1cc1cdf2341bed843d" + } + }, + "4.19.47": { + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd", + "cmt_id": "a27ce4840f89acd1e23efe2b4dfc0d512aa5b38a" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module", + "cmt_id": "aec118ecf579a6c70e505b39fc6eb6a2d878c89e" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "8783c4128c371668e401eee2f2ba3918c6211b81" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited", + "cmt_id": "cc240e057c1d48665dde8036144114854bae058c" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "8783c4128c371668e401eee2f2ba3918c6211b81" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit", + "cmt_id": "bdf3da72ae79f0cfb88c720dedabe16b0d67334b" + } + }, + "4.19.48": { + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()", + "cmt_id": "39fd0dc4a5565a1df7d84b1c92d2050233b15b5a" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash", + "cmt_id": "07480da0c8a1979e0973d6dd783b6aed966dccf6" + } + }, + "4.19.49": { + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time", + "cmt_id": "d2d93077bac37c6895d8c58f564699a3a897c5db" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe", + "cmt_id": "d27ea5e9eb4ac45e0e4cf8250a45aa06b0944787" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb", + "cmt_id": "35b1044566528b26d48b31a52069f45851d49885" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim", + "cmt_id": "9d57cfd4e9d81400c1fe2b7cd4503f54830b46c2" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection", + "cmt_id": "eb2eeec920fb1b9b6faf8ea340f6295a2d03602b" + } + }, + "4.19.50": { + "CVE-2019-13233": { + "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry", + "cmt_id": "b598ddc7b9fc87b09bdadb63abf92b4ba46cd385" + } + }, + "4.19.52": { + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl", + "cmt_id": "7f9f8a37e563c67b24ccd57da1d541a95538e8d9" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits", + "cmt_id": "ec83921899a571ad70d582934ee9e3e07f478848" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs", + "cmt_id": "c09be31461ed140976c60a87364415454a2c3d42" + } + }, + "4.19.53": { + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary", + "cmt_id": "ae3787d433f7b87ebf6b916e524c6e280e4e5804" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead", + "cmt_id": "f3a7a1137ffc69e1f460eb9e1b5f4fd09d3c4ea9" + } + }, + "4.19.54": { + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed", + "cmt_id": "114e8135ae0031556ead1bcb67249ecb84b804de" + }, + "CVE-2019-12984": { + "cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler", + "cmt_id": "4bb4ba362cc1ed3acb181a6d0b68c6de22be78e2" + } + }, + "4.19.56": { + "CVE-2019-12817": { + "cmt_msg": "powerpc/mm/64s/hash: Reallocate context ids on fork", + "cmt_id": "cd3e49394cb0f45c8dbf3c17c0818cd3d30b1332" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()", + "cmt_id": "7b460a9bb13db3f442f153c2ab8a9ff8520c368c" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA", + "cmt_id": "0e879ef1cb5baddebe1f12a9a3940a87d8e61558" + } + }, + "4.19.58": { + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME", + "cmt_id": "54435b7fff7bfb9515cc457b71c3734c1c3fff76" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer", + "cmt_id": "7f52af5e9baa9c478edcecdd4058eeef2835b1c3" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check", + "cmt_id": "5dd6139a0aa22112e46a6df5fd283046095822e0" + } + }, + "4.19.59": { + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()", + "cmt_id": "c7e427e28a3a2d1b89b8f9fa7c3f559774d91a7b" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor", + "cmt_id": "d4c0f752c1d2c6383cc7582c19b2ed7159d45937" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading", + "cmt_id": "449a8d08a4bc45101fa26e6d233b98258d33620a" + } + }, + "4.19.61": { + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free", + "cmt_id": "e73db096691e5f2720049502a3794a2a0c6d1b1f" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level", + "cmt_id": "d657077eda7b5572d86f2f618391bb016b5d9a64" + }, + "CVE-2019-15213": { + "cmt_msg": "media: dvb: usb: fix use after free in dvb_usb_device_exit", + "cmt_id": "94f2b518a7882f562537796b77e3ce6a6461236d" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module", + "cmt_id": "26d86b29e806769adba91bd6fc1f077b94e9b64b" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking", + "cmt_id": "83c911f4bd6846397017aa38c32dd18dc532f754" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params", + "cmt_id": "6e34fd07484a0622a17b40e0ca89ed451260ef45" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer", + "cmt_id": "ff54c44f103825a426e46d08b5d3d76e44791a87" + } + }, + "4.19.63": { + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()", + "cmt_id": "2a18d76592e0d86c7fddcc6a7aa52509a2900f9d" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM", + "cmt_id": "b993a66d8ddc1c26da0d9aa3471789cc170b28ee" + } + }, + "4.19.64": { + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers", + "cmt_id": "48046e092ad557a01d7daf53205624944793b19d" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc", + "cmt_id": "b3836af8560e27cd0d27940ff9c5a08b90b8d256" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop", + "cmt_id": "3af3b843aee41ed22343b011a4cf3812a80d2f38" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations", + "cmt_id": "56966212e23f82ced10831f7cca02f7339147428" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect", + "cmt_id": "8b44cc225e6024174508164931cab9f01c79dca2" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer", + "cmt_id": "22068d49d09d2b3890e19d7b2048a33340f992da" + } + }, + "4.19.65": { + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations", + "cmt_id": "befb822c062b4c3d93380a58d5fd479395e8b267" + } + }, + "4.19.67": { + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices", + "cmt_id": "cab569a44a524709d95bbd88700860ac45e5d5cf" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices", + "cmt_id": "9ce1b3eb5489416338b2fb2b40f30f0d425700b4" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete", + "cmt_id": "33f2240acfa8b4017ee5dd64601c8a5ec7f53b4e" + } + }, + "4.19.68": { + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term", + "cmt_id": "46f9a1bc60a4c15a14a6504168cee1c2e0bf3ab4" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion", + "cmt_id": "7f52d6d2a82df15d7ea01d69d0943d2abc201b43" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device", + "cmt_id": "b545dc9debe69ca513b93f4a244451e9be14b0c5" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough", + "cmt_id": "c02c0249ce5523a7a264136ed36f857b85555bac" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit", + "cmt_id": "58b9f19ee438990f6406e61943d0bc7c875a0921" + } + }, + "4.19.69": { + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT", + "cmt_id": "11f85d4d77afb8f1cb1989f1565b26df21280118" + } + }, + "4.19.70": { + "CVE-2019-15902": { + "cmt_msg": "unknown", + "cmt_id": "b307f99dca5ab33edc1e04b9b479bcb0852ff85f" + } + }, + "4.19.73": { + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error", + "cmt_id": "4061e662c8e9f5fb796b05fd2ab58fed8cd16d59" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity", + "cmt_id": "2fd4629de51974002f4e9cf1a35a1926dd6c9d99" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num", + "cmt_id": "ba03ee62aed0b0ee2eadfeb4a2fecc7d7eb47871" + }, + "CVE-2019-15031": { + "cmt_msg": "powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts", + "cmt_id": "569775bd536416ed9049aa580d9f89a0b4307d60" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction", + "cmt_id": "47a0f70d7d9ac3d6b1a96b312d07bc67af3834e9" + } + }, + "4.19.74": { + "CVE-2019-15504": { + "cmt_msg": "rsi: fix a double free bug in rsi_91x_deinit()", + "cmt_id": "3622d621e9beca76d53cd3007eb7b1d6e724716b" + } + }, + "4.19.75": { + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "941431c491a68e0428bdfb46bbe4cbc52f7bfabb" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "941431c491a68e0428bdfb46bbe4cbc52f7bfabb" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "941431c491a68e0428bdfb46bbe4cbc52f7bfabb" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer", + "cmt_id": "b841a9f58d9c778d8c2c5f636dc06a53b9a47fa1" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking", + "cmt_id": "232a6462f43fceeac82bd99ef092b38e3a7ee296" + } + }, + "4.19.77": { + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()", + "cmt_id": "8630a4d13683095fbf14091d59a20e1ac71fdd6b" + }, + "CVE-2019-19080": { + "cmt_msg": "nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs", + "cmt_id": "5b6c791f494d5e770dfd015390386f321b9a94da" + }, + "CVE-2019-19081": { + "cmt_msg": "nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs", + "cmt_id": "587df35cbf654a063372fb1b523a0b56a5f789ab" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "dd651ab7a11436f787aed0a987c85864b261ff19" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "6f0f18e532693ecc1e0c7938e0d63531ea62bc3e" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "33fe1f517e29566d842535038be227c71a4bd54d" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "50dddec689cb2105f6bccf4a2c6fe43dcc3295d7" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "6fbf866276089853727dd9b31f1d251e61dde367" + } + }, + "4.19.78": { + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers", + "cmt_id": "9d0995cc268b4a431dbfb29db5cac36546732bc0" + } + }, + "4.19.79": { + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect", + "cmt_id": "3f41e88f4bd44284c575ad3fb579581a16b39069" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head", + "cmt_id": "1bd17a737c9e7e91483d9a603528b0e6d4c772f8" + } + }, + "4.19.80": { + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect", + "cmt_id": "2fdcf7e19bdefc683da824264c0898af39bf8d50" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect", + "cmt_id": "316f51d7759735a5295301ab22a7c6231b49c24f" + } + }, + "4.19.81": { + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak", + "cmt_id": "960019214539ce75398eaf38d31c77b86aadd739" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack", + "cmt_id": "27414f90ff6e1d7f6657e4a820b04a7b2d760272" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs", + "cmt_id": "73c066a9552a6d33ed7de002855337d1c966e8ce" + } + }, + "4.19.82": { + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure", + "cmt_id": "4a4206a83fc69782d4ef36d8f5eb28836d8b6814" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init", + "cmt_id": "962cff4f3f89acf54b6fb418e7ff386b720b0fd6" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code", + "cmt_id": "64efcbc7a5a3c7a14e42ccf7b8a7e7667d672a33" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()", + "cmt_id": "696da02259463ea634821e117088f82afe7bf851" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()", + "cmt_id": "696da02259463ea634821e117088f82afe7bf851" + }, + "CVE-2019-19048": { + "cmt_msg": "virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr", + "cmt_id": "c2ea451f22f180e9e46225f54b5ec50c50bb639f" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()", + "cmt_id": "ced8cb0230d070274cd26bec818dd7c67514d586" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks", + "cmt_id": "24aaf7f4528f0df0f29667d3921f4a63aa7b806c" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs", + "cmt_id": "8a01c4b908cf0a5367d3309c1c0d4e9be655ce00" + } + }, + "4.19.83": { + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash", + "cmt_id": "558d2bdad5f6a0dd65ed7ed4f74419e826a97759" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference", + "cmt_id": "3ee6a8bdae81a09c1dc9c27d3a50e6b1b6a24676" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add", + "cmt_id": "fcc3f7c810c3bc595ce179ea4d9e18f506fd0d03" + } + }, + "4.19.84": { + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq", + "cmt_id": "42de3a902443b64c6e3cf9c61d9cd6f30b2c0d67" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak", + "cmt_id": "9289226f69822de0b716c0fbfc31db0283f14e2b" + }, + "CVE-2019-18813": { + "cmt_msg": "usb: dwc3: pci: prevent memory leak in dwc3_pci_probe", + "cmt_id": "10eb9abd21bad2a9726f50557b38924cb8d81ccd" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables", + "cmt_id": "b4b1abdc6b181cb78a072b95557ae392d423c3eb" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs", + "cmt_id": "011b7173cbdbd1a5f1826656693ea51516f15dc1" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices", + "cmt_id": "502bd151448c2c76a927b26783e5538875c534ff" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect", + "cmt_id": "ce9b94da0e043b7b0ec1bd3d0e451d956acff9c1" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry", + "cmt_id": "a991063ce57684a2259688886643cf1c430f8188" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR", + "cmt_id": "4002d16a2ae1e3bdc0aa36ce5089bd62b4b9eab6" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure", + "cmt_id": "f09b99c883e82fd5d28a529e11e66c2e887da636" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak", + "cmt_id": "a7be2debb769092c7c07b9a866b055d8bee5afaf" + } + }, + "4.19.85": { + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()", + "cmt_id": "c02230815282a436366d3d0d6de6d2636dd71b74" + } + }, + "4.19.87": { + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch", + "cmt_id": "0a60d4bddc0ba6a7e06d10efa59f7861837860b0" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking", + "cmt_id": "8b42c263ec1a348bf098e6255407486c1bf17ece" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop", + "cmt_id": "467052f6ea5a51524992e43f02b543550495c391" + } + }, + "4.19.88": { + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()", + "cmt_id": "32a24a397aee35ca2bb0f835b8f3daabd88890fa" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling", + "cmt_id": "e91cce02f3025da559468729ea0ad9dea242d3eb" + } + }, + "4.19.89": { + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report", + "cmt_id": "351a567ebf2482de4dd5e5bbd539f2175540b717" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client", + "cmt_id": "0977763a13fd87a7aebe376dc96385758de3aa9e" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails", + "cmt_id": "5da96cc31633a9076404621ebb89bbe78f2c8676" + }, + "CVE-2019-19079": { + "cmt_msg": "net: qrtr: fix memort leak in qrtr_tun_write_iter", + "cmt_id": "754e3c0c31c96cf3a4a54ed2a8c63cca28109136" + }, + "CVE-2019-19252": { + "cmt_msg": "vcs: prevent write access to vcsu devices", + "cmt_id": "627f3b9e4dd812dac9d93e578af80de751e704a4" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)", + "cmt_id": "5119ffd480b644d8bc9af741cc8ef435a7ec5ff7" + } + }, + "4.19.90": { + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely", + "cmt_id": "8e7a865366105b978eef4108f49a12100eea4299" + } + }, + "4.19.92": { + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure", + "cmt_id": "debdd16cbd99ffc767227685e2738e5b495b7c54" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring", + "cmt_id": "1b3e52db38471d5ac896eb9be111565e3734d5b5" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe", + "cmt_id": "3717a450f83945c481059a6921440e5e6fe3c856" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string", + "cmt_id": "f88ac1330779c5bfdd79f7d7f7d4d3343c782f92" + }, + "CVE-2019-19947": { + "cmt_msg": "can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices", + "cmt_id": "9ed59600c3524f12144b30cfc1d86734cfb3927b" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo", + "cmt_id": "e99af2cb552e3fe1ec6157fc15856a89a6388886" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)", + "cmt_id": "55248674330101fb3ccf7cec8b729e8e067e5f71" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference", + "cmt_id": "60bb6967b543be59f66f60526ca816e1b33ec480" + }, + "CVE-2019-16229": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)", + "cmt_id": "55248674330101fb3ccf7cec8b729e8e067e5f71" + } + }, + "4.19.93": { + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev", + "cmt_id": "0393b8720128d5b39db8523e5bfbfc689f18c37c" + } + }, + "4.19.94": { + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state", + "cmt_id": "d933de8115f3263fd50cf3b1f1dac2faff02fd89" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected", + "cmt_id": "8b9bf467061bc89ccf4a43be637e08d8a70fd76d" + } + }, + "4.19.95": { + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()", + "cmt_id": "21f08020dd8519baf209348c345131a8967e3cef" + } + }, + "4.19.96": { + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()", + "cmt_id": "0aa8632c57930243bea6fa4ebcbff8fac089e664" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'", + "cmt_id": "ec576895d61356a2cab096e1ca23bf7cc765e5b2" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error", + "cmt_id": "486f51201528126bec2c647fa9d4216fc4fda91b" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()", + "cmt_id": "f5b9bfbe94a042a2e3806efa4c6e1b6ddb4292c4" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb", + "cmt_id": "0e27512c5d0bc2c3d33c1e7f73a8983015c82b83" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages", + "cmt_id": "64c8b76e69acdecab62b035e72b12775d6d35a3b" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch", + "cmt_id": "dd4f3b3508f65fe37975db223365216316da3998" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf", + "cmt_id": "f2bde0e9989e243345316e3c96b352ab94037340" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak", + "cmt_id": "aed1b68eadf22513ac1fbd389f591f91c8bdaaf5" + } + }, + "4.19.97": { + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value", + "cmt_id": "4124927e36b7753efb6faf1a508e2bc6783343cf" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp", + "cmt_id": "e58c590c772eb5dc5a3603c5aef4148f47ab2e20" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap", + "cmt_id": "0648766cb7d336e5932278c316aef6aac35d60ab" + }, + "CVE-2019-19059": { + "cmt_msg": "iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init", + "cmt_id": "6e41dd9731e13b0bdf2f57f84b9d25d009bd9f87" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable", + "cmt_id": "09044a4a142404799e519def0bbfcc98fa68c677" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages", + "cmt_id": "8c2cdfb2c81bb533b9e6a3874ee5399102c4c580" + }, + "CVE-2019-19077": { + "cmt_msg": "RDMA: Fix goto target to release the allocated memory", + "cmt_id": "d203ff6a3059b7fc3a9b48048eaf5641ed7fda2c" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization", + "cmt_id": "8f483142b0bb278f67eabccbe3d6a0e8c45284ad" + } + }, + "4.19.98": { + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl", + "cmt_id": "3dae5041c65545ac65d610375b4ac30b00f174a3" + }, + "CVE-2021-3635": { + "cmt_msg": "netfilter: nf_tables: fix flowtable list del corruption", + "cmt_id": "8260ce5aeee4d7c4a6305e469edeae1066de2800" + } + }, + "4.19.99": { + "CVE-2019-19046": { + "cmt_msg": "ipmi: Fix memory leak in __ipmi_bmc_register", + "cmt_id": "211eabc55d07fc3709e967b08b6f5bb77198dbd0" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame", + "cmt_id": "30fd5b16c9081afebe74d4d614fe582ff84ef6b2" + } + }, + "4.19.100": { + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "cbd56515be5a8ea97134ef762b7a2923b94cb9c4" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "cbd56515be5a8ea97134ef762b7a2923b94cb9c4" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU", + "cmt_id": "bd1448458c6a67782d4e82c181b5540b5727546b" + }, + "CVE-2020-8428": { + "cmt_msg": "do_last(): fetch directory ->i_mode and ->i_uid before it's too late", + "cmt_id": "752f72edea55f9b7c6fd019e71365def13a0f2b6" + } + }, + "4.19.101": { + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow", + "cmt_id": "9dab6bbc9462c43001a88ee933a491a1502fa6f5" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls", + "cmt_id": "6fb12237c51e73e65899f9b1df69cd3999b4d90a" + } + }, + "4.19.103": { + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors", + "cmt_id": "3ceb3fcd6d1a6a65e7bf3873a63009d01ba4b05f" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit", + "cmt_id": "25a7898937f4a9f32ca2d1e9b7f5f07176af8037" + } + }, + "4.19.104": { + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()", + "cmt_id": "48247f7e14911a4d18e9c774ba3a1d368f5d8a6f" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()", + "cmt_id": "fab5ca79960b7fbda4e9a79a4754c749fdea2bd0" + } + }, + "4.19.107": { + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it", + "cmt_id": "c8fd87c53a1509162b910cec91c0c46753c58f9a" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode", + "cmt_id": "ed9e97c35b454ceb1da4f65c318015a7ab298dae" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped", + "cmt_id": "a4307700608e43dcf9b8abf1ee74f68227e9c61a" + } + }, + "4.19.108": { + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE", + "cmt_id": "0fb31bd53a5e27394916758173eb748c5e0dbd47" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()", + "cmt_id": "c24d457a824f641ca328a20dd28872cfd97a005a" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation", + "cmt_id": "1d8780188c8d7f009a05d40fbb8a111eab89746d" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname", + "cmt_id": "ad598a48fe61c6c2407f08a807cb7a2ea83386b3" + } + }, + "4.19.109": { + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "7abe1e0a874418b07524c9e07225df1cbb421ce9" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "7abe1e0a874418b07524c9e07225df1cbb421ce9" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race", + "cmt_id": "31559b59040fc0e6ad363642112d4eb03ad4ebb7" + } + }, + "4.19.111": { + "CVE-2020-12465": { + "cmt_msg": "mt76: fix array overflow on receiving too many fragments for a packet", + "cmt_id": "319478cbd2be90995b011ca6adbd834121eb7acf" + } + }, + "4.19.112": { + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()", + "cmt_id": "30f6cae722654caef2ab4bacb2e910bfd766866b" + } + }, + "4.19.113": { + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue", + "cmt_id": "e6d506cd2243aa8f6e19fdb4dc61d85275c2c918" + } + }, + "4.19.114": { + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable", + "cmt_id": "ea3d6652c240978736a91b9e85fde9fee9359be4" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks", + "cmt_id": "747a7431661ab3c22ad1e721558bdf9e3d53d4a6" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks", + "cmt_id": "70764334b2bcb15c67dfbd912d9a9f7076f6d0df" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks", + "cmt_id": "5d064d7f0327d9425c5f63fa96efc70a74032d8b" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer", + "cmt_id": "7ad217a824f7fab1e8534a6dfa82899ae1900bcb" + } + }, + "4.19.115": { + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding", + "cmt_id": "b774578329afb238ccd504477731129aa15e9ec2" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED", + "cmt_id": "fa138035f104ae14651ee3217d81fc16cd3aba4d" + } + }, + "4.19.116": { + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits", + "cmt_id": "a2a1be2de7e4d9a3a2c6cf8512d38eb24bbeb059" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body", + "cmt_id": "d999063be0cf91bff8e0d6daaea21e1a4f70d336" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle", + "cmt_id": "1855c5436fa50e8dc930b0a24c52157dceef9a54" + } + }, + "4.19.118": { + "CVE-2020-12659": { + "cmt_msg": "xsk: Add missing check on user supplied headroom size", + "cmt_id": "ad8fb61c184fe0f8d1e0b5b954d010fb9f94a6ee" + } + }, + "4.19.119": { + "CVE-2020-11884": { + "cmt_msg": "s390/mm: fix page table upgrade vs 2ndary address mode accesses", + "cmt_id": "215d1f3928713d6eaec67244bcda72105b898000" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup", + "cmt_id": "5dd6835278454a7c7a045462253625de7c16b13e" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary", + "cmt_id": "45ea77b75a604da875186519fea94997175c38e3" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr", + "cmt_id": "ed523cbd4a6594edf123dc03ec9d70ea4f793671" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU", + "cmt_id": "473d7f5ed75b8c3750f0c6b442c8e23090d6da8f" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount", + "cmt_id": "f511dc75d22e0c000fc70b54f670c2c17f5fba9a" + } + }, + "4.19.121": { + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "23075857ad192731fd9edcce3b5cd5db93602c26" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "23075857ad192731fd9edcce3b5cd5db93602c26" + } + }, + "4.19.124": { + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC", + "cmt_id": "a105bb549252e3e8bd9db0bdd81cdd6a853e4238" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap", + "cmt_id": "caf6c20c6421ca687751d27b96c8021c655e56e6" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write", + "cmt_id": "34fcb4291e234468f9bf9d4b851c9f522f3bbb13" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses", + "cmt_id": "a507658fdb2ad8ca282b0eb42f2a40b805deb1e6" + } + }, + "4.19.125": { + "CVE-2020-12768": { + "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()", + "cmt_id": "008708152ebb229c29e065135599984fa9c4a51c" + }, + "CVE-2019-18814": { + "cmt_msg": "apparmor: Fix use-after-free in aa_audit_rule_init", + "cmt_id": "f1738ae012a106c6c8fa7d33ed47fb478d9d3c75" + } + }, + "4.19.126": { + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()", + "cmt_id": "d16b0abe2687f7f0a2f6343a09797e8aac045c86" + } + }, + "4.19.127": { + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap", + "cmt_id": "78385480fd6572a83e7541e37658d9a7de6dc9b1" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open", + "cmt_id": "8b5dfa53eeb6c8bba5a035d38f6f8b981aebb622" + } + }, + "4.19.128": { + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii", + "cmt_id": "18059925dbb6a7b6be1c0166ecca29d6b7977c9a" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()", + "cmt_id": "6682fe2fca22e45153e69f5b7ce7282bcba3565f" + } + }, + "4.19.129": { + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free", + "cmt_id": "95b58c96a28e6174661dcd5bc543618973fc43d3" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'", + "cmt_id": "216284c4a126b28469eb0bf4994c669e251f47ba" + }, + "CVE-2021-0342": { + "cmt_msg": "tun: correct header offsets in napi frags mode", + "cmt_id": "75e36c19ff10836e5d03f87cf17793cf83b59430" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()", + "cmt_id": "453d8a481b127edfa7fb76af1bc7586b7a63bdd2" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown", + "cmt_id": "5aaf72a0dcb82d5c98f3b7df149baf4c7cf63e19" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.", + "cmt_id": "5d9d55cf4733c5ced8e1d19ea242a128ab9612d2" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device", + "cmt_id": "8cb9b069fa631b613bbbd6f63887190e55cafa3c" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations", + "cmt_id": "227af79e6cb0ee3faeb8c70be4bc0aec0b09ea25" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.", + "cmt_id": "52c419ba4c96880abd61b38e6e08e4ecd17350f3" + } + }, + "4.19.130": { + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce", + "cmt_id": "2ee8f6e72269eb06649ebab3da6bbf59aed3eabe" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()", + "cmt_id": "49289b1fa5a67011c4010e4e9c801b9d565ce395" + } + }, + "4.19.131": { + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify", + "cmt_id": "135eccd83909e75389a5754577b0336bbd0939ef" + } + }, + "4.19.132": { + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support", + "cmt_id": "2b3faab744b04de198aee4ed8dd74fca7a2a8306" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect", + "cmt_id": "7b0f1f89a0dd6e257367eddc840179e85195ca18" + } + }, + "4.19.134": { + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()", + "cmt_id": "0505cc4c908f46a4d22c4994dbbe7bc489d0c52d" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"", + "cmt_id": "81a91bf266dd7f2dd56fc3472b7bb54348ac62c7" + } + }, + "4.19.135": { + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()", + "cmt_id": "c358255ff1dfa51ddbcbc8dfcc4eaa5719008daa" + } + }, + "4.19.137": { + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak", + "cmt_id": "c57c213538156bff971aa352d9d7749196dfbfd8" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init", + "cmt_id": "e15f8a9b0046418295d09db24c1ec306c80d013b" + }, + "CVE-2020-24490": { + "cmt_msg": "Bluetooth: fix kernel oops in store_pending_adv_report", + "cmt_id": "5df9e5613d1c51e16b1501a4c75e139fbbe0fb6c" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference", + "cmt_id": "4e986ab36ed11ecf21de9b5aab0e46ac3342df93" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path", + "cmt_id": "9a84bb13816fe3b361a75e10ee9821ab68aa36f5" + }, + "CVE-2019-19082": { + "cmt_msg": "drm/amd/display: prevent memory leak", + "cmt_id": "60e1b411bf0fd9fda2d2de7f45dc3b1d9960b85e" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid", + "cmt_id": "167edeeb034f65f57790ff70b1af84a501274d15" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference", + "cmt_id": "4e986ab36ed11ecf21de9b5aab0e46ac3342df93" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe", + "cmt_id": "17271f33fd8811b364ae3c54671566434d46d3eb" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out", + "cmt_id": "e0cf3ebfcf93dbce123b8bef00f549712efe1135" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out", + "cmt_id": "5b8464dc9a6e81a16481549c77d0d341041e425e" + }, + "CVE-2019-19072": { + "cmt_msg": "tracing: Have error path in predicate_parse() free its allocated memory", + "cmt_id": "7deb2dcb8963812742ed08420cfa4e23bbeda074" + } + }, + "4.19.138": { + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity", + "cmt_id": "29204c846894d73108f87e78aea4757a8ec52c74" + } + }, + "4.19.139": { + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()", + "cmt_id": "8c4a649c20fec015ebb326f36b47d4e39d9ff5b7" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8", + "cmt_id": "48a9be93ff2c5a09e308ef93560ea1f4ecbd22f6" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler", + "cmt_id": "43a7e1cf606e96ee43f8897129972f0b79390367" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling", + "cmt_id": "61219546f3036d2b4a1898be7a38da22e97a3b62" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler", + "cmt_id": "43a7e1cf606e96ee43f8897129972f0b79390367" + } + }, + "4.19.140": { + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check.", + "cmt_id": "b200620cada4eaa63108be32e040ed557a1965fd" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure.", + "cmt_id": "10c8a526b2db1fcdf9e2d59d4885377b91939c55" + } + }, + "4.19.141": { + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space", + "cmt_id": "627fa9d8071daad6aa84316c1fcb114a62db914f" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow", + "cmt_id": "a906b868953a9c9bba44649a8fe760e818dd7224" + } + }, + "4.19.142": { + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()", + "cmt_id": "b3ddf6ba5e28a57729fff1605ae08e21be5c92e3" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()", + "cmt_id": "9660983738399465fd0e3b1977a61bbd29b2e5be" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit", + "cmt_id": "dcb6e6efb3298e59d90ee05c6ed33de810314892" + } + }, + "4.19.144": { + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input", + "cmt_id": "a47b8511d90528c77346597e2012100dfc28cd8c" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec", + "cmt_id": "b48bcb664b657ae94b19c0728978c88e012f7a37" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"", + "cmt_id": "37d933e8b41b83bb8278815e366aec5a542b7e31" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers", + "cmt_id": "221ea9a3da9169dc3c9a364a5f938e215db6419e" + }, + "CVE-2020-14385": { + "cmt_msg": "xfs: fix boundary test in xfs_attr_shortform_verify", + "cmt_id": "017265f1421529a473c25dc46a0cee98facbb1a3" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory", + "cmt_id": "da7aea6eb5608695f590dcd72523536b709d0399" + } + }, + "4.19.146": { + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping", + "cmt_id": "0070f9906d7190d4c69e338403db4abfec81fe7f" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code", + "cmt_id": "770adb5d2b8ebe94a92e4c9510f4f2517f4204eb" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support", + "cmt_id": "f5fa64c8daf7b97280865c73903edc0a3eea819e" + } + }, + "4.19.148": { + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve", + "cmt_id": "c797110d97c48054d1491251fd713900ff51615c" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation", + "cmt_id": "b59a23d596807a5aa88d8dd5655a66c6843729b3" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()", + "cmt_id": "45676c0bc28eff8f46455b28e2db80a77676488b" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()", + "cmt_id": "19184bd06f488af62924ff1747614a8cb284ad63" + } + }, + "4.19.150": { + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv", + "cmt_id": "1c3886dc302329f199cc04f8a56ba44d17a0df16" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum", + "cmt_id": "289fe546ea16c2dcb57c5198c5a7b7387604530e" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum", + "cmt_id": "289fe546ea16c2dcb57c5198c5a7b7387604530e" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done", + "cmt_id": "3e3bbc4d23eeb90bf282e98c7dfeca7702df3169" + } + }, + "4.19.151": { + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()", + "cmt_id": "43198a5b1c42e3d8aadc6524a73bb3aa3666cd43" + } + }, + "4.19.152": { + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm", + "cmt_id": "0c75831bc108ec23c663d969181a4dd7e4b651bb" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members", + "cmt_id": "128278f444ab3a0d38759c4935092d256edc77d0" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel", + "cmt_id": "360f80e34292dbe91c23e893f90cd357aff8b68a" + } + }, + "4.19.153": { + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list", + "cmt_id": "35cc2facc2a5ff52b9aa03f2dc81dcb000d97da3" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter", + "cmt_id": "d6c552505c0d1719dda42b4af2def0618bd7bf54" + } + }, + "4.19.155": { + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace", + "cmt_id": "94e8f0bbc475228c93d28b2e0f7e37303db80ffe" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking", + "cmt_id": "25f6b08895d579b461487291d6e48b3953a8bf65" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed", + "cmt_id": "619e366268e0430687d07b24b48f7382fc088c9f" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers", + "cmt_id": "7e3ba72e5b9376e12839ea347c49fc4108244b0c" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it", + "cmt_id": "61d359d51a1cce8a5913843c8c3601dc878cc519" + } + }, + "4.19.156": { + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY", + "cmt_id": "6612b754ac0c85ca8b1181b5d3ea4461a8c1bbcb" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent", + "cmt_id": "b177d2d915cea2d0a590f0034a20299dd1ee3ef2" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()", + "cmt_id": "29a975bcc107d68e379a55048813ddf3e7b120b8" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors", + "cmt_id": "1527c0e0229d2dd1c8ae1e73b1579bd8d5866b5b" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free", + "cmt_id": "8a78b4c0d6292d32d76b4268b5a33ae089a5d791" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors", + "cmt_id": "1527c0e0229d2dd1c8ae1e73b1579bd8d5866b5b" + } + }, + "4.19.157": { + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access", + "cmt_id": "900281e167f45e0c0e5df6e59fa00334b5e38133" + } + }, + "4.19.158": { + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function", + "cmt_id": "1cbfb60332f4e62224440f6d38a6b3114b2355f0" + } + }, + "4.19.159": { + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry", + "cmt_id": "f69bb4e51f41973fb7594be1479fa689831efe1a" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths", + "cmt_id": "8bf2e8fe8a8e2e05246215697bb55f8901faef44" + } + }, + "4.19.160": { + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times", + "cmt_id": "3560603ef82f11277143a433170bca05bd9288a8" + } + }, + "4.19.162": { + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows", + "cmt_id": "304c080fc33258e3b177b6f0736b97d54e6fea3b" + } + }, + "4.19.163": { + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()", + "cmt_id": "13f10a78097df2f14d4e1fd390dbaa3e28502ca7" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking", + "cmt_id": "361e822b7d8a9d06d88f7cea0fdb0fb6e41c4d45" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup", + "cmt_id": "de867367f35237729e285ff6efa3fd4e4b0b9008" + } + }, + "4.19.164": { + "CVE-2021-0938": { + "cmt_msg": "compiler.h: fix barrier_data() on clang", + "cmt_id": "b207caff4176e3a6ba273243da2db2e595e4aad2" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree", + "cmt_id": "c7e31b2fecfe0ebd5bd6a8274b2fbfb9c9401738" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing", + "cmt_id": "9039eb22f99545fa80a5897496452cf9962e3289" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()", + "cmt_id": "014ee1c7d184acb8986152014a570ba7c69d3616" + } + }, + "4.19.166": { + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start", + "cmt_id": "b35029a1f24fe511af750537e6565dcf68e5c862" + } + }, + "4.19.167": { + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup", + "cmt_id": "fff1180d24e68d697f98642d71444316036a81ff" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name", + "cmt_id": "83b74059fdf1c4fa6ed261725e6f301552ad23f7" + } + }, + "4.19.170": { + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export", + "cmt_id": "a08c2e586ad047fcea3f75664cca0915c77934fe" + } + }, + "4.19.171": { + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback", + "cmt_id": "b397fcae2207963747c6f947ef4d06575553eaef" + } + }, + "4.19.172": { + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call", + "cmt_id": "acfa7ad7b7f6489e2bed20880ce090fdabdbb841" + }, + "CVE-2021-3347": { + "cmt_msg": "futex: Ensure the correct return value from futex_lock_pi()", + "cmt_id": "72f38fffa4758b878f819f8a47761b3f03443f36" + } + }, + "4.19.173": { + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections", + "cmt_id": "424838c0f727f1d11ce2ccaabba96f4346c03906" + } + }, + "4.19.177": { + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()", + "cmt_id": "a01b49a9bf91a723f541139c063c1ff681ac536a" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()", + "cmt_id": "98f16e171e2849dba76e2e0346e914452c030dc5" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents", + "cmt_id": "80ef523d2cb719c3de66787e922a96b5099d2fbb" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()", + "cmt_id": "dfed59ee4b41b0937163dfed36752d29e72d0712" + } + }, + "4.19.178": { + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same", + "cmt_id": "ffca531f71d078c6caf752d64bc2a592f420f7c6" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl", + "cmt_id": "88438fdeeffe11dcb05c2dd0ddd22cb6e3f024b4" + } + }, + "4.19.179": { + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy", + "cmt_id": "ff2111a6fab31923685b6ca8ea466ea0576b8a0e" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE", + "cmt_id": "b2957d7baff77b399c7408dc12bacc7f63765897" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities", + "cmt_id": "ae84b246a76c4ace5997e5ca7e9fde3e1a526bc3" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities", + "cmt_id": "ae84b246a76c4ace5997e5ca7e9fde3e1a526bc3" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis", + "cmt_id": "1a999d25ef536a14f6a7c25778836857adfba3f8" + } + }, + "4.19.181": { + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts", + "cmt_id": "a44af1c69737f9e64d5134c34eb9d5c4c2e04da1" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf", + "cmt_id": "c6b0ca71d3cd561decd39c1c4132c2d10a496e1a" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()", + "cmt_id": "eda4378094de16090d74eacea3d8c10f7719ed25" + } + }, + "4.19.183": { + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root", + "cmt_id": "12dc6889bcff1bc2921a1587afca55ca4091b73e" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions", + "cmt_id": "f27a00f0d5b0646a52633e98f5fc3ef719004dcd" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status", + "cmt_id": "b35214c541365c7dd7c9d5f44a02b0633a1cc83f" + } + }, + "4.19.184": { + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()", + "cmt_id": "16356ddb587867c2a5ab85407eeb75f2b8818207" + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices", + "cmt_id": "76aa61c55279fdaa8d428236ba8834edf313b372" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash", + "cmt_id": "9943741c2792a7f1d091aad38f496ed6eb7681c4" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()", + "cmt_id": "5f09be2a1a35cb8bd6c178d5f205b7265bd68646" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers.", + "cmt_id": "81bc258370c6eeb1f41d350325e8a2c8e20fafad" + } + }, + "4.19.185": { + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len", + "cmt_id": "8c1a77ae15ce70a72f26f4bb83c50f769011220c" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()", + "cmt_id": "89a2c28a3b67c7d918218f57e4bb7b591f7e5d0f" + } + }, + "4.19.186": { + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64", + "cmt_id": "5f26f1f838aa960045c712e13dbab8ff451fed74" + } + }, + "4.19.187": { + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault", + "cmt_id": "c166c0f5311dc9de687b8985574a5ee5166d367e" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()", + "cmt_id": "301a4264d6ab56d2b9230066b060d7ceaa000d68" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()", + "cmt_id": "eab391e0766ed88262160b14bb7131f331f6af1a" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()", + "cmt_id": "adbb1d218c5f56dbae052765da83c0f57fce2a31" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()", + "cmt_id": "c14b50185cd0d5ba6d7a5eb8acf9fbcc3663416d" + } + }, + "4.19.188": { + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write", + "cmt_id": "12ec80252edefff00809d473a47e5f89c7485499" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write", + "cmt_id": "12ec80252edefff00809d473a47e5f89c7485499" + } + }, + "4.19.189": { + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue", + "cmt_id": "5e24029791e809d641e9ea46a1f99806484e53fc" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock", + "cmt_id": "301084de76eb5bfedddda41ec33e2913e90c99e7" + } + }, + "4.19.191": { + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()", + "cmt_id": "f27638a92f77d8107efbaf48a0d3bfa24da8cdad" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy", + "cmt_id": "75e26178e26f910f7f26c79c2824b726eecf0dfb" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller", + "cmt_id": "35113c4c9fa7c970ff456982e381dc9e9594154a" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access", + "cmt_id": "bfa08a47cea2a9fab077c7135b9cfdf04e69c67a" + } + }, + "4.19.192": { + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical", + "cmt_id": "30126d4ba73119565f1748b116b9869ac6bbda6b" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical", + "cmt_id": "30126d4ba73119565f1748b116b9869ac6bbda6b" + } + }, + "4.19.193": { + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF", + "cmt_id": "938ffd6d2dd78fb83b9346c9b689e2a3a6fe7174" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks", + "cmt_id": "76ffc27967211afba6f0045ac840e7027fbeefcf" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks", + "cmt_id": "76ffc27967211afba6f0045ac840e7027fbeefcf" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails", + "cmt_id": "f8be26b9950710fe50fb45358df5bd01ad18efb7" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks", + "cmt_id": "8ea9e997642360ea097710cfa7b1cd750a73fe64" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames", + "cmt_id": "24347f561816634ab780bf7e03deeb049898b3bc" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted", + "cmt_id": "3c919823e4cad7bdc2c92b0dd3b4dc463c9315bd" + } + }, + "4.19.194": { + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order", + "cmt_id": "64700748e8a7af4883538c72ada57999d9a78e92" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect", + "cmt_id": "93e4ac2a9979a9a4ecc158409ed9c3044dc0ae1f" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object", + "cmt_id": "2b9e9c2ed0f1910b5201c5d37b355b60201df415" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect", + "cmt_id": "93e4ac2a9979a9a4ecc158409ed9c3044dc0ae1f" + } + }, + "4.19.196": { + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head", + "cmt_id": "8899857d7e450805e6410de5004126491f197146" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation", + "cmt_id": "7f7e23df8509e072593200400a4b094cc44376d2" + }, + "CVE-2021-35039": { + "cmt_msg": "module: limit enabling module.sig_enforce", + "cmt_id": "ff660863628fb144badcb3395cde7821c82c13a6" + }, + "CVE-2021-3743": { + "cmt_msg": "net: qrtr: fix OOB Read in qrtr_endpoint_post", + "cmt_id": "f8111c0d7ed42ede41a3d0d393b104de0730a8a6" + } + }, + "4.19.197": { + "CVE-2020-36311": { + "cmt_msg": "KVM: SVM: Periodically schedule when unregistering regions on destroy", + "cmt_id": "cadf5bbcefbd9717e51c61d6128b520583ffdf4f" + } + }, + "4.19.198": { + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation", + "cmt_id": "f0be58ec9931907e980cf21737e51d369808eb95" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return", + "cmt_id": "c7a03ebace4f9cd40d9cd9dd5fb2af558025583c" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()", + "cmt_id": "743f6b973c8ba8a0a5ed15ab11e1d07fa00d5368" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()", + "cmt_id": "eabe65197876e4a0906eab784f5766c4c76098c7" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header", + "cmt_id": "9ed3a3d3a8d2cbe99d9e4386a98856491f0eade0" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations", + "cmt_id": "6de9f0bf7cacc772a618699f9ed5c9f6fca58a1d" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited", + "cmt_id": "b5fba782ccd3d12a14f884cd20f255fc9c0eec0c" + } + }, + "4.19.199": { + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory", + "cmt_id": "51fc12f4d37622fa0c481604833f98f11b1cac4f" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.", + "cmt_id": "6a99bfee7f5625d2577a5c3b09a2bd2a845feb8a" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow", + "cmt_id": "0493b10c06021796ba80cbe53c961defd5aca6e5" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages", + "cmt_id": "117777467bc015f0dc5fc079eeba0fa80c965149" + } + }, + "4.19.200": { + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK", + "cmt_id": "1dabafa9f61118b1377fde424d9a94bf8dbf2813" + } + }, + "4.19.204": { + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page", + "cmt_id": "4c07e70141eebd3db64297515a427deea4822957" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer", + "cmt_id": "9322401477a6d1f9de8f18e5d6eb43a68e0b113a" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed", + "cmt_id": "963d85d630dabe75a3cfde44a006fec3304d07b8" + }, + "CVE-2021-33624": { + "cmt_msg": "bpf: Inherit expanded/patched seen count from old aux data", + "cmt_id": "0abc8c9754c953f5cd0ac7488c668ca8d53ffc90" + } + }, + "4.19.205": { + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data", + "cmt_id": "4e370cc081a78ee23528311ca58fd98a06768ec7" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)", + "cmt_id": "42f4312c0e8a225b5f1e3ed029509ef514f2157a" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)", + "cmt_id": "119d547cbf7c055ba8100309ad71910478092f24" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries", + "cmt_id": "dd5815f023b89c9a28325d8a2a5f0779b57b7190" + } + }, + "4.19.206": { + "CVE-2021-3444": { + "cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero", + "cmt_id": "39f74b7c81cca139c05757d9c8f9d1e35fbbf56b" + }, + "CVE-2021-3600": { + "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod", + "cmt_id": "8313432df224d926590731ec3ace3e1bd7bc4a1a" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking", + "cmt_id": "0776c1a20babb4ad0b7ce7f2f4e0806a97663187" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start", + "cmt_id": "c33471daf2763c5aee2b7926202c74b75c365119" + } + }, + "4.19.207": { + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap", + "cmt_id": "9c8891b638319ddba9cfa330247922cd960c95b0" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4", + "cmt_id": "91cdb5b36234e6af69d6280f1510e4453707a2b8" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4", + "cmt_id": "91cdb5b36234e6af69d6280f1510e4453707a2b8" + }, + "CVE-2020-16119": { + "cmt_msg": "dccp: don't duplicate ccid when cloning dccp sock", + "cmt_id": "dfec82f3e5b8bd93ab65b7417a64886ec8c42f14" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing", + "cmt_id": "c481607ba522e31e6ed01efefc19cc1d0e0a46fa" + } + }, + "4.19.208": { + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions", + "cmt_id": "ddf58efd05b5d16d86ea4638675e8bd397320930" + } + }, + "4.19.209": { + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()", + "cmt_id": "710be7c42d2f724869e5b18b21998ceddaffc4a9" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses", + "cmt_id": "0512a9aede6e4417c4fa6e0042a7ca8bc7e06b86" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()", + "cmt_id": "710be7c42d2f724869e5b18b21998ceddaffc4a9" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device", + "cmt_id": "f6cf22a1ef49f8e131f99c3f5fd80ab6b23a2d21" + } + }, + "4.19.210": { + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer", + "cmt_id": "b9a1ac8e7c03fd09992352c7fb1a61cbbb9ad52b" + } + }, + "4.19.211": { + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()", + "cmt_id": "9d4969d8b5073d02059bae3f1b8d9a20cf023c55" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()", + "cmt_id": "078cdd572408176a3900a6eb5a403db0da22f8e0" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets", + "cmt_id": "79f3a086dfc34887f9bbb0801768608b9470e942" + } + }, + "4.19.213": { + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk", + "cmt_id": "c57fdeff69b152185fafabd37e6bfecfce51efda" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk", + "cmt_id": "c57fdeff69b152185fafabd37e6bfecfce51efda" + } + }, + "4.19.214": { + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound", + "cmt_id": "7d91adc0ccb060ce564103315189466eb822cc6a" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()", + "cmt_id": "c1ba20965b59c2eeb54a845ca5cab4fc7bcf9735" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object", + "cmt_id": "1ac0d736c8ae9b59ab44e4e80ad73c8fba5c6132" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound", + "cmt_id": "7d91adc0ccb060ce564103315189466eb822cc6a" + } + }, + "4.19.215": { + "CVE-2021-20322": { + "cmt_msg": "ipv6: make exception cache less predictible", + "cmt_id": "c6d0d68d6da68159948cad3d808d61bb291a0283" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk", + "cmt_id": "1f52dfacca7bb315d89f5ece5660b0337809798e" + } + }, + "4.19.216": { + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()", + "cmt_id": "53ec9dab4eb0a8140fc85760fb50effb526fe219" + } + }, + "4.19.218": { + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request", + "cmt_id": "62be2b1e7914b7340281f09412a7bbb62e6c8b67" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()", + "cmt_id": "72bb30165337b7bce77578ad151fbfab6c8e693c" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file", + "cmt_id": "e5222c87dc441dcc8a66e93cb3fd34dfff03d3ec" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task", + "cmt_id": "5d40061285b81a7e213dc9b37acc4a0545eedf32" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()", + "cmt_id": "c1c913f797f3d2441310182ad75b7bd855a327ff" + } + }, + "4.19.219": { + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare", + "cmt_id": "b0313bc7f5fbb6beee327af39d818ffdc921821a" + } + }, + "4.19.220": { + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait", + "cmt_id": "0275fcd9b54f0364f66f2f3f6a0f3748648f3d35" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it", + "cmt_id": "8bf31f9d9395b71af3ed33166a057cd3ec0c59da" + } + }, + "4.19.221": { + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock", + "cmt_id": "ae214e04b95ff64a4b0e9aab6742520bfde6ff0c" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()", + "cmt_id": "8dd7c46a59756bdc29cb9783338b899cd3fb4b83" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests", + "cmt_id": "13e45e7a262dd96e8161823314679543048709b9" + } + }, + "4.19.222": { + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages", + "cmt_id": "c9f17e92917fd5786be872626a3928979ecc4c39" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection", + "cmt_id": "1de7644eac41981817fb66b74e0f82ca4477dc9d" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms", + "cmt_id": "57e46acb3b48ea4e8efb1e1bea2e89e0c6cc43e2" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms", + "cmt_id": "3559ca594f15fcd23ed10c0056d40d71e5dab8e5" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms", + "cmt_id": "269d7124bcfad2558d2329d0fe603ca20b20d3f4" + }, + "CVE-2021-4135": { + "cmt_msg": "netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc", + "cmt_id": "d861443c4dc88650eed113310d933bd593d37b23" + } + }, + "4.19.223": { + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()", + "cmt_id": "f9dfa44be0fb5e8426183a70f69a246cf5827f49" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD", + "cmt_id": "b68f41c6320b2b7fbb54a95f07a69f3dc7e56c59" + } + }, + "4.19.224": { + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0", + "cmt_id": "b4a661b4212b8fac8853ec3b68e4a909dccc88a1" + } + }, + "4.19.225": { + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep", + "cmt_id": "4dece2760af408ad91d6e43afc485d20386c2885" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate", + "cmt_id": "1c3564fca0e7b8c9e96245a2cb35e198b036ee9a" + } + }, + "4.19.226": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode", + "cmt_id": "1e1bb4933f1faafc68db8e0ecd5838a65dd1aae9" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()", + "cmt_id": "2f4b037bf6e8c663a593b8149263c5b6940c7afd" + } + }, + "4.19.227": { + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store", + "cmt_id": "b188780649081782e341e52223db47c49f172712" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy", + "cmt_id": "0008a0c78fc33a84e2212a7c04e6b21a36ca6f4d" + } + }, + "4.19.228": { + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails", + "cmt_id": "b00b4c6faad0f21e443fb1584f7a8ea222beb0de" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format", + "cmt_id": "a23a59717f9f01a49394488f515550f9382fbada" + }, + "CVE-2022-24959": { + "cmt_msg": "yam: fix a memory leak in yam_siocdevprivate()", + "cmt_id": "4bd197ce18329e3725fe3af5bd27daa4256d3ac7" + } + }, + "4.19.229": { + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent", + "cmt_id": "939f8b491887c27585933ea7dc5ad4123de58ff3" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records", + "cmt_id": "f1af11edd08dd8376f7a84487cbb0ea8203e3a1d" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path", + "cmt_id": "9c25d5ff1856b91bd4365e813f566cb59aaa9552" + } + }, + "4.19.230": { + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command", + "cmt_id": "db9aaa3026298d652e98f777bc0f5756e2455dda" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests", + "cmt_id": "e5eb8d19aee115d8fb354d1eff1b8df700467164" + } + }, + "4.19.231": { + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic", + "cmt_id": "c91b06297563e84ac072464fe6cc141cc15435f0" + } + }, + "4.19.232": { + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc", + "cmt_id": "ebc465e894890a534ce05e035eae4829a2a47ba1" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length", + "cmt_id": "dde5ddf02a47487dd6efcc7077307f1d4e1ba337" + } + }, + "4.19.233": { + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf", + "cmt_id": "70196d12856306a17ddc3eae0f022b9c1d748e52" + } + }, + "4.19.234": { + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()", + "cmt_id": "17659846fe336366b1663194f5669d10f5947f53" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()", + "cmt_id": "fbc57368ea527dcfa909908fc47a851a56e4e5ce" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs", + "cmt_id": "dc64af755099d1e51fd64e99fe3a59b75595814a" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()", + "cmt_id": "2466bed361f3274e3e0ca9d8e539532481c06fea" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()", + "cmt_id": "17659846fe336366b1663194f5669d10f5947f53" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status", + "cmt_id": "927e4eb8ddf4968b6a33be992b28063f84552c72" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE", + "cmt_id": "25440a8c77dd2fde6a8e9cfc0c616916febf408e" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE", + "cmt_id": "25440a8c77dd2fde6a8e9cfc0c616916febf408e" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD", + "cmt_id": "d3cb3a6927222268a10b2f12dfb8c9444f7cc39e" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case", + "cmt_id": "8d521d960aef22781ff499e16899c30af899de8d" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()", + "cmt_id": "c307029d811e03546d18d0e512fe295b3103b8e5" + } + }, + "4.19.235": { + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device", + "cmt_id": "5ab8de9377edde3eaf1de9872e2f01d43157cd6c" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error", + "cmt_id": "73d55fa1b9310573f623195a4f7ab3170bbaf248" + } + }, + "4.19.237": { + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION", + "cmt_id": "0043b74987acb44f1ade537aad901695511cfebe" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()", + "cmt_id": "d14193111c436fc5de33206c67c7afd45c730099" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()", + "cmt_id": "88791b79a1eb2ba94e95d039243e28433583a67b" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation", + "cmt_id": "ce89087966651ad41e103770efc5ce2742046284" + } + }, + "4.19.238": { + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path", + "cmt_id": "dec3ed0c76483748268bf36ec278af660b0f80ba" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register", + "cmt_id": "693fe8af9a2625139de07bd1ae212a7d89c37795" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE", + "cmt_id": "b1f438f872dcda10a79e6aeaf06fd52dfb15a6ab" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()", + "cmt_id": "79e2f40c210a47f283bca352745068207798fbb9" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks", + "cmt_id": "0bd407959f7d6671ba0617e2dbda3e89d8a0419f" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path", + "cmt_id": "a8bba9fd73775e66b4021b18f2193f769ce48a59" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect", + "cmt_id": "4c240c5a105557e4546d0836e694868f22fd09b0" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io", + "cmt_id": "99db28212be68030c1db3a525f6bbdce39b039e9" + } + }, + "4.19.240": { + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()", + "cmt_id": "de55a1338e6a48ff1e41ea8db1432496fbe2a62b" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers", + "cmt_id": "512f09df261b51b088f17d86dbdf300a3492523d" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path", + "cmt_id": "8eb78da898079c0d7250c32ebf0c35fb81737abe" + } + }, + "4.19.241": { + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default", + "cmt_id": "0e535976774504af36fab1dfb54f3d4d6cc577a9" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()", + "cmt_id": "75b0cc7904da7b40c6e8f2cf3ec4223b292b1184" + } + }, + "4.19.242": { + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create", + "cmt_id": "df2c1f38939aabb8c6beca108f08b90f050b9ebc" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs", + "cmt_id": "b266f492b2af82269aaaab871ac3949420ae678c" + } + }, + "4.19.243": { + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls", + "cmt_id": "9cb6c40a6ebe4a0cfc9d6a181958211682cffea9" + } + }, + "4.19.245": { + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self", + "cmt_id": "6cdd53a49aa7413e53c14ece27d826f0b628b18a" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"", + "cmt_id": "06cb238b0f7ac1669cb06390704c61794724c191" + } + }, + "outstanding": { + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2019-15794": { + "cmt_msg": "ovl: fix reference counting in ovl_mmap error path" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-24504": { + "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2021-26934": { + "cmt_msg": "" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-20177": { + "cmt_msg": "netfilter: add and use nf_hook_slow_list()" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2019-19070": { + "cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2019-0149": { + "cmt_msg": "i40e: Add bounds check for ch[] array" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + } + } + }, + "4.18": { + "4.18-rc1": { + "CVE-2019-19083": { + "cmt_msg": "drm/amd/display: memory leak", + "cmt_id": "9ea29a1f8b9da52d8eca8b0996f1d84eac548d3b" + } + }, + "4.18.1": { + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "abf914eefa19098727455f11acd895c57621a822" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled", + "cmt_id": "abf914eefa19098727455f11acd895c57621a822" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB", + "cmt_id": "f8a0aeefc2f6e1bfd6653fcc30453ce7e582fac8" + }, + "CVE-2018-15594": { + "cmt_msg": "x86/paravirt: Fix spectre-v2 mitigations for paravirt guests", + "cmt_id": "b13b271933eea6161e741825487d6e73e800bedf" + } + }, + "4.18.2": { + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report", + "cmt_id": "f47e3431b15ae9cae8acc0fdf20fc083422c9f61" + } + }, + "4.18.5": { + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()", + "cmt_id": "5b6ea348768d5b26adeeef384971820e24710ad0" + } + }, + "4.18.6": { + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status", + "cmt_id": "6575b15002bfe33cc8345c6b6c3845365e154c85" + }, + "CVE-2018-14656": { + "cmt_msg": "x86/dumpstack: Don't dump kernel memory based on usermode RIP", + "cmt_id": "8e6d15678656e3770e7d3720600a41a02d9a841f" + } + }, + "4.18.7": { + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace", + "cmt_id": "103a3a62e0fbe718f2c85f029544163f332d19d3" + }, + "CVE-2018-20856": { + "cmt_msg": "block: blk_init_allocated_queue() set q->fq as NULL in the fail case", + "cmt_id": "cde67159df4d6faab6816f7847219eb2b29f3c8b" + } + }, + "4.18.8": { + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()", + "cmt_id": "d30de7347e2993a99a647fa5887ed227466e17ab" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees", + "cmt_id": "4fb2799b05c2358453eaf25c9a1352d35e13b9cf" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized", + "cmt_id": "13b0dbef7dd51d845f17fd43fef46f356283b797" + } + }, + "4.18.9": { + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone", + "cmt_id": "0342426f2bf7298a91efee659ddc033082f6918b" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature", + "cmt_id": "b6f493453c78311598fdd204f7815e683818512a" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode", + "cmt_id": "235fd393825b8b79d962eb2f9a2d6aa454eb17a5" + }, + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely", + "cmt_id": "175ad0cbd818529ec1d642531c51af6006660b7f" + } + }, + "4.18.11": { + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT", + "cmt_id": "6a9c934f04e6e6351742eb68a6899b964e1d01b5" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation", + "cmt_id": "8e31c95fe08501af201f4e8470af1f68d52d6e7e" + } + }, + "4.18.12": { + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed", + "cmt_id": "c483061d46103aa34daa8e53545a8a3f8cde5c2d" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace", + "cmt_id": "4435064439c68cfa80a7a1ec69733db7b9030884" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl", + "cmt_id": "0051646c2cc2fbb9ff134a80775c0dc23baa7d35" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep", + "cmt_id": "04937aaaf8c795481580c323d91ee40a74cc66af" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling", + "cmt_id": "5f6b9cd5c5f22603363b181adb5671f6d17e7a4e" + } + }, + "4.18.13": { + "CVE-2018-18445": { + "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op", + "cmt_id": "11b165210c7214645c183dc7f74aca8d51381691" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root", + "cmt_id": "2b89f7ad519d8e89e1602901c5a56212080ed455" + } + }, + "4.18.14": { + "CVE-2018-15471": { + "cmt_msg": "xen-netback: fix input validation in xenvif_set_hash_mapping()", + "cmt_id": "7e62c2fbc1fe943ea487f88a26c100d024283ff3" + } + }, + "4.18.16": { + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page", + "cmt_id": "d80183541e6006563334eaec9e8d1dc6e40efeb7" + } + }, + "4.18.19": { + "CVE-2018-18955": { + "cmt_msg": "userns: also map extents in the reverse map to kernel IDs", + "cmt_id": "bbfed258eb08070e051a1c086282623cc562ff24" + } + }, + "4.18.20": { + "CVE-2018-19854": { + "cmt_msg": "crypto: user - fix leaking uninitialized memory to userspace", + "cmt_id": "f4ae32cf258910c6db2b7adb1832f50c6aae3929" + }, + "CVE-2018-16871": { + "cmt_msg": "nfsd: COPY and CLONE operations require the saved filehandle to be set", + "cmt_id": "651c5d16f3a90db286fb6d83a31eda29a2c07cda" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak.", + "cmt_id": "1dffd49a92ddaba101375e3157f90b5510d3cb46" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-10711": { + "cmt_msg": "netlabel: cope with NULL catmap" + }, + "CVE-2019-15090": { + "cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead" + }, + "CVE-2019-15099": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2020-29368": { + "cmt_msg": "mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()" + }, + "CVE-2020-12465": { + "cmt_msg": "mt76: fix array overflow on receiving too many fragments for a packet" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2021-3444": { + "cmt_msg": "bpf: Fix truncation handling for mod32 dst reg wrt zero" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2019-9500": { + "cmt_msg": "brcmfmac: assure SSID length from firmware is limited" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2018-20784": { + "cmt_msg": "sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c" + }, + "CVE-2019-10124": { + "cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()" + }, + "CVE-2019-9245": { + "cmt_msg": "f2fs: sanity check of xattr entry size" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-3744": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2021-3743": { + "cmt_msg": "net: qrtr: fix OOB Read in qrtr_endpoint_post" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown" + }, + "CVE-2019-11085": { + "cmt_msg": "drm/i915/gvt: Fix mmap range check" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2018-14615": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2021-33624": { + "cmt_msg": "bpf: Inherit expanded/patched seen count from old aux data" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2019-19770": { + "cmt_msg": "blktrace: fix debugfs use after free" + }, + "CVE-2019-19079": { + "cmt_msg": "net: qrtr: fix memort leak in qrtr_tun_write_iter" + }, + "CVE-2019-19078": { + "cmt_msg": "ath10k: fix memory leak" + }, + "CVE-2019-19077": { + "cmt_msg": "RDMA: Fix goto target to release the allocated memory" + }, + "CVE-2019-19075": { + "cmt_msg": "ieee802154: ca8210: prevent memory leak" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-18683": { + "cmt_msg": "media: vivid: Fix wrong locking that causes race conditions on streaming stop" + }, + "CVE-2019-19072": { + "cmt_msg": "tracing: Have error path in predicate_parse() free its allocated memory" + }, + "CVE-2019-19071": { + "cmt_msg": "rsi: release skb if rsi_prepare_beacon fails" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15925": { + "cmt_msg": "net: hns3: add some error checking in hclge_tm module" + }, + "CVE-2019-15924": { + "cmt_msg": "fm10k: Fix a potential NULL pointer dereference" + }, + "CVE-2019-15538": { + "cmt_msg": "xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-15921": { + "cmt_msg": "genetlink: Fix a memory leak on error path" + }, + "CVE-2019-15920": { + "cmt_msg": "cifs: Fix use-after-free in SMB2_read" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2020-25641": { + "cmt_msg": "block: allow for_each_bvec to support zero len bvec" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2021-33033": { + "cmt_msg": "cipso,calipso: resolve a number of problems with the DOI refcounts" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2019-19082": { + "cmt_msg": "drm/amd/display: prevent memory leak" + }, + "CVE-2019-19080": { + "cmt_msg": "nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs" + }, + "CVE-2019-19081": { + "cmt_msg": "nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-18397": { + "cmt_msg": "userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2021-4197": { + "cmt_msg": "cgroup: Use open-time credentials for process migraton perm checks" + }, + "CVE-2019-18282": { + "cmt_msg": "net/flow_dissector: switch to siphash" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-9162": { + "cmt_msg": "netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs" + }, + "CVE-2019-16229": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0155": { + "cmt_msg": "drm/i915: Rename gen7 cmdparser tables" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2018-19407": { + "cmt_msg": "KVM: X86: Fix scan ioapic use-before-initialization" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2020-7053": { + "cmt_msg": "drm/i915: Introduce a mutex for file_priv->context_idr" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2021-3635": { + "cmt_msg": "netfilter: nf_tables: fix flowtable list del corruption" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-0444": { + "cmt_msg": "audit: fix error handling in audit_data_to_entry()" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2020-11884": { + "cmt_msg": "s390/mm: fix page table upgrade vs 2ndary address mode accesses" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2020-27835": { + "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2020-27830": { + "cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2022-27666": { + "cmt_msg": "esp: Fix possible buffer overflow in ESP transformation" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2019-19046": { + "cmt_msg": "ipmi: Fix memory leak in __ipmi_bmc_register" + }, + "CVE-2019-19045": { + "cmt_msg": "net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2019-19048": { + "cmt_msg": "virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr" + }, + "CVE-2019-19049": { + "cmt_msg": "of: unittest: fix memory leak in unittest_data_add" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14815": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2019-9455": { + "cmt_msg": "media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19815": { + "cmt_msg": "f2fs: support swap file w/ DIO" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2020-14356": { + "cmt_msg": "cgroup: fix cgroup_sk_alloc() for sk_clone_lock()" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-42252": { + "cmt_msg": "soc: aspeed: lpc-ctrl: Fix boundary check for mmap" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2020-12351": { + "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2019-15031": { + "cmt_msg": "powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts" + }, + "CVE-2019-15030": { + "cmt_msg": "powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2019-19462": { + "cmt_msg": "kernel/relay.c: handle alloc_percpu returning NULL in relay_open" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-28715": { + "cmt_msg": "xen/netback: don't queue unlimited number of packages" + }, + "CVE-2021-28714": { + "cmt_msg": "xen/netback: fix rx queue stall detection" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2021-4157": { + "cmt_msg": "pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2019-12984": { + "cmt_msg": "nfc: Ensure presence of required attributes in the deactivate_target handler" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-15780": { + "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2018-14625": { + "cmt_msg": "vhost/vsock: fix use-after-free in network stack callers" + }, + "CVE-2020-24394": { + "cmt_msg": "nfsd: apply umask on fs without ACL support" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2019-18814": { + "cmt_msg": "apparmor: Fix use-after-free in aa_audit_rule_init" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2019-13233": { + "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-14386": { + "cmt_msg": "net/packet: fix overflow in tpacket_rcv" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14385": { + "cmt_msg": "xfs: fix boundary test in xfs_attr_shortform_verify" + }, + "CVE-2019-19767": { + "cmt_msg": "ext4: add more paranoia checking in ext4_expand_extra_isize handling" + }, + "CVE-2021-3656": { + "cmt_msg": "KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2020-25704": { + "cmt_msg": "perf/core: Fix a memory leak in perf_event_parse_addr_filter()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2019-3819": { + "cmt_msg": "HID: debug: fix the ring buffer implementation" + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2019-15918": { + "cmt_msg": "cifs: Fix lease buffer length error" + }, + "CVE-2019-15919": { + "cmt_msg": "cifs: Fix use-after-free in SMB2_write" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2019-18786": { + "cmt_msg": "media: rcar_drif: fix a memory disclosure" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-9003": { + "cmt_msg": "ipmi: fix use-after-free of user->release_barrier.rda" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12768": { + "cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2022-22942": { + "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" + }, + "CVE-2018-20669": { + "cmt_msg": "make 'user_access_begin()' do 'access_ok()'" + }, + "CVE-2019-19543": { + "cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module" + }, + "CVE-2021-3732": { + "cmt_msg": "ovl: prevent private clone if bind mount is not allowed" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-0149": { + "cmt_msg": "i40e: Add bounds check for ch[] array" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2019-0147": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2019-0145": { + "cmt_msg": "i40e: add num_vectors checker in iwarp handler" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2020-10781": { + "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19535": { + "cmt_msg": "can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2019-20095": { + "cmt_msg": "mwifiex: Fix mem leak in mwifiex_tm_cmd" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-29569": { + "cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-19058": { + "cmt_msg": "iwlwifi: dbg_ini: fix memory leak in alloc_sgtable" + }, + "CVE-2020-0423": { + "cmt_msg": "binder: fix UAF when releasing todo list" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-25705": { + "cmt_msg": "icmp: randomize the global rate limiter" + }, + "CVE-2022-0435": { + "cmt_msg": "tipc: improve size validations for received domain records" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2021-4135": { + "cmt_msg": "netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2021-3348": { + "cmt_msg": "nbd: freeze the queue while we're adding connections" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2021-44733": { + "cmt_msg": "tee: handle lookup of shm with reference count 0" + }, + "CVE-2021-3347": { + "cmt_msg": "futex: Ensure the correct return value from futex_lock_pi()" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2019-16995": { + "cmt_msg": "net: hsr: fix memory leak in hsr_dev_finalize()" + }, + "CVE-2019-16994": { + "cmt_msg": "net: sit: fix memory leak in sit_init_net()" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2022-0322": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2021-3764": { + "cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3760": { + "cmt_msg": "nfc: nci: fix the UAF of rf_conn_info object" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2021-29264": { + "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-18809": { + "cmt_msg": "media: usb: fix memory leak in af9005_identify_state" + }, + "CVE-2019-18808": { + "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12455": { + "cmt_msg": "clk-sunxi: fix a missing-check bug in sunxi_divs_clk_setup()" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-19070": { + "cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe" + }, + "CVE-2019-18805": { + "cmt_msg": "ipv4: set the tcp_min_rtt_wlen range from 0 to one day" + }, + "CVE-2021-29647": { + "cmt_msg": "net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11811": { + "cmt_msg": "ipmi_si: fix use-after-free of resource->name" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2019-11815": { + "cmt_msg": "net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()." + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2021-20322": { + "cmt_msg": "ipv6: make exception cache less predictible" + }, + "CVE-2021-20320": { + "cmt_msg": "s390/bpf: Fix optimizing out zero-extensions" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-26490": { + "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2021-0342": { + "cmt_msg": "tun: correct header offsets in napi frags mode" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2020-12659": { + "cmt_msg": "xsk: Add missing check on user supplied headroom size" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2020-12657": { + "cmt_msg": "block, bfq: fix use-after-free in bfq_idle_slice_timer_body" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36311": { + "cmt_msg": "KVM: SVM: Periodically schedule when unregistering regions on destroy" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2021-28971": { + "cmt_msg": "perf/x86/intel: Fix a crash caused by zero PEBS status" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2019-8912": { + "cmt_msg": "net: crypto set sk to NULL when af_alg_release." + }, + "CVE-2020-29370": { + "cmt_msg": "mm: slub: add missing TID bump in kmem_cache_alloc_bulk()" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2019-19529": { + "cmt_msg": "can: mcba_usb: fix use-after-free on disconnect" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2019-19525": { + "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2019-19526": { + "cmt_msg": "NFC: pn533: fix use-after-free and memleaks" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2020-24504": { + "cmt_msg": "ice: create scheduler aggregator node config and move VSIs" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2021-41864": { + "cmt_msg": "bpf: Fix integer overflow in prealloc_elems_and_freelist()" + }, + "CVE-2020-10757": { + "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2019-8980": { + "cmt_msg": "exec: Fix mem leak in kernel_read_file" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-35039": { + "cmt_msg": "module: limit enabling module.sig_enforce" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2021-26934": { + "cmt_msg": "" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2019-19065": { + "cmt_msg": "RDMA/hfi1: Prevent memory leak in sdma_init" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2019-19067": { + "cmt_msg": "drm/amdgpu: fix multiple memory leaks in acp_hw_init" + }, + "CVE-2019-19068": { + "cmt_msg": "rtl8xxxu: prevent leaking urb" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2021-3759": { + "cmt_msg": "memcg: enable accounting of ipc resources" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2020-25645": { + "cmt_msg": "geneve: add transport ports in route lookup for geneve" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2019-12817": { + "cmt_msg": "powerpc/mm/64s/hash: Reallocate context ids on fork" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3715": { + "cmt_msg": "net_sched: cls_route: remove the right filter from hashtable" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2019-16231": { + "cmt_msg": "fjes: Handle workqueue allocation failure" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2019-16234": { + "cmt_msg": "iwlwifi: pcie: fix rb_allocator workqueue allocation" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2019-3016": { + "cmt_msg": "x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2019-3887": { + "cmt_msg": "KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2019-25045": { + "cmt_msg": "xfrm: clean up xfrm protocol checks" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2019-8956": { + "cmt_msg": "sctp: walk the list of asoc safely" + }, + "CVE-2020-36312": { + "cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2020-16119": { + "cmt_msg": "dccp: don't duplicate ccid when cloning dccp sock" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2018-16882": { + "cmt_msg": "KVM: Fix UAF in nested posted interrupt processing" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2018-16880": { + "cmt_msg": "vhost: fix OOB in get_rx_bufs()" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2019-15504": { + "cmt_msg": "rsi: fix a double free bug in rsi_91x_deinit()" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2021-38199": { + "cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2020-28941": { + "cmt_msg": "speakup: Do not let the line discipline be used several times" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2021-3600": { + "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2021-23133": { + "cmt_msg": "net/sctp: fix race condition in sctp_destroy_sock" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + } + } + }, + "3.12": { + "3.12": { + "CVE-2013-6383": { + "cmt_msg": "aacraid: missing capable() check in compat ioctl", + "cmt_id": "f856567b930dfcdbc3323261bf77240ccdde01f5" + }, + "CVE-2013-4513": { + "cmt_msg": "staging: ozwpan: prevent overflow in oz_cdev_write()", + "cmt_id": "c2c65cd2e14ada6de44cb527e7f1990bede24e15" + }, + "CVE-2013-4512": { + "cmt_msg": "uml: check length in exitcode_proc_write()", + "cmt_id": "201f99f170df14ba52ea4c52847779042b7a623b" + }, + "CVE-2013-4511": { + "cmt_msg": "uml: check length in exitcode_proc_write()", + "cmt_id": "201f99f170df14ba52ea4c52847779042b7a623b" + }, + "CVE-2013-4516": { + "cmt_msg": "Staging: sb105x: info leak in mp_get_count()", + "cmt_id": "a8b33654b1e3b0c74d4a1fed041c9aae50b3c427" + }, + "CVE-2013-4515": { + "cmt_msg": "Staging: bcm: info leak in ioctl", + "cmt_id": "8d1e72250c847fa96498ec029891de4dc638a5ba" + }, + "CVE-2013-4514": { + "cmt_msg": "staging: wlags49_h2: buffer overflow setting station name", + "cmt_id": "b5e2f339865fb443107e5b10603e53bbc92dc054" + } + }, + "3.12.1": { + "CVE-2013-4348": { + "cmt_msg": "net: flow_dissector: fail on evil iph->ihl", + "cmt_id": "cec64fecff2eff7dd701b883ed3f5f6faf1aab92" + } + }, + "3.12.2": { + "CVE-2013-4345": { + "cmt_msg": "crypto: ansi_cprng - Fix off by one error in non-block size request", + "cmt_id": "8ea7fffd97835f4e3ffd5f757df152a79835f65f" + }, + "CVE-2013-7026": { + "cmt_msg": "ipc,shm: fix shm_file deletion races", + "cmt_id": "dd272212175ad47ee84cf38e9d5f99502df2d930" + }, + "CVE-2013-6378": { + "cmt_msg": "libertas: potential oops in debugfs", + "cmt_id": "0f6ff65ed8d3630118c3149a4fbc493dd3b8fdc4" + }, + "CVE-2013-6380": { + "cmt_msg": "aacraid: prevent invalid pointer dereference", + "cmt_id": "12cc2209deeda65c963c84a5e6aaf0c39aca8e6d" + }, + "CVE-2013-2930": { + "cmt_msg": "perf/ftrace: Fix paranoid level for enabling function tracer", + "cmt_id": "539ddb09c46389cc22d35543e40ccde2c2e20244" + }, + "CVE-2013-2929": { + "cmt_msg": "exec/ptrace: fix get_dumpable() incorrect tests", + "cmt_id": "9d4dd888b4b5799ecadfb0d8c9adda7a76779806" + } + }, + "3.12.3": { + "CVE-2013-6381": { + "cmt_msg": "qeth: avoid buffer overflow in snmp ioctl", + "cmt_id": "8abbf7ceaece5ea0dd23f2b6d2b135186da7a96b" + } + }, + "3.12.4": { + "CVE-2013-7281": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "7a9b8e64a5706d62d5a5ab54fe3d0320845b1d4a" + }, + "CVE-2013-7348": { + "cmt_msg": "aio: prevent double free in ioctx_alloc", + "cmt_id": "f50db974cb75e31d98b176c3c9ea92e57aa97a1b" + }, + "CVE-2013-4563": { + "cmt_msg": "ipv6: fix headroom calculation in udp6_ufo_fragment", + "cmt_id": "d68268e60d0ec51e6c269f8dc34bb9fcfee970a7" + }, + "CVE-2013-7264": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "7a9b8e64a5706d62d5a5ab54fe3d0320845b1d4a" + }, + "CVE-2013-7265": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "7a9b8e64a5706d62d5a5ab54fe3d0320845b1d4a" + }, + "CVE-2013-7266": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + }, + "CVE-2013-7267": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + }, + "CVE-2013-7263": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "7a9b8e64a5706d62d5a5ab54fe3d0320845b1d4a" + }, + "CVE-2013-7271": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + }, + "CVE-2013-7270": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + }, + "CVE-2013-6432": { + "cmt_msg": "ping: prevent NULL pointer dereference on write to msg_name", + "cmt_id": "086663e065ba2383382d6bb7d8a3d9bc9cba7cdf" + }, + "CVE-2013-7269": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + }, + "CVE-2013-7268": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "0cefe287488ca07c0d7962a7b4d3fbb829d09917" + } + }, + "3.12.6": { + "CVE-2013-6368": { + "cmt_msg": "KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368)", + "cmt_id": "c0149f684726ef4a5e91b8ba1d408a64dfb40385" + }, + "CVE-2013-4587": { + "cmt_msg": "KVM: Improve create VCPU parameter (CVE-2013-4587)", + "cmt_id": "41fe7fa8fdeaa5a2a9f3ecaa9a47e2d2afa1b2b1" + }, + "CVE-2013-6367": { + "cmt_msg": "KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)", + "cmt_id": "10958718b005e046244d2b4a1f1bb9a3ab6e3d29" + }, + "CVE-2013-6382": { + "cmt_msg": "xfs: underflow bug in xfs_attrlist_by_handle()", + "cmt_id": "f5e6d588f847fba87394926284cc4a7a3b79c6bf" + }, + "CVE-2013-6376": { + "cmt_msg": "KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376)", + "cmt_id": "48849efc2e3c58d170e32d081f83f6c070dfd0a3" + } + }, + "3.12.7": { + "CVE-2013-4579": { + "cmt_msg": "ath9k_htc: properly set MAC address and BSSID mask", + "cmt_id": "d10d0a2337097fa907f22af6ad0ae0dc0ff39fbf" + }, + "CVE-2015-4170": { + "cmt_msg": "tty: Fix hang at ldsem_down_read()", + "cmt_id": "ab69be3e59d79c56bfe16930f0c761daf4837e48" + } + }, + "3.12.8": { + "CVE-2012-2372": { + "cmt_msg": "rds: prevent BUG_ON triggered on congestion update to loopback", + "cmt_id": "0a743164c25fc0c5c4ba0f581ab9d4e5dd9772f8" + }, + "CVE-2014-1446": { + "cmt_msg": "hamradio/yam: fix info leak in ioctl", + "cmt_id": "e7834c71c2cacc621ddc64bd71f83ef2054f6539" + }, + "CVE-2014-1690": { + "cmt_msg": "netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper", + "cmt_id": "6aeebffeb297e84f5b73bb87deacd9571a84da16" + }, + "CVE-2014-1438": { + "cmt_msg": "x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround", + "cmt_id": "807a0c12941850ddaff2ed62ba26a748e542c599" + }, + "CVE-2013-7339": { + "cmt_msg": "rds: prevent dereference of a NULL device", + "cmt_id": "aca33677723eb132dd91a30c4f8ac15f01be27c8" + } + }, + "3.12.10": { + "CVE-2014-0038": { + "cmt_msg": "x86, x32: Correct invalid use of user timespec in the kernel", + "cmt_id": "c1769bfb6aa93250f83d6d9d3ac85d15f990849f" + }, + "CVE-2013-6885": { + "cmt_msg": "x86, cpu, amd: Add workaround for family 16h, erratum 793", + "cmt_id": "c5e16510e3454393fa8e40591bff28c190be2faa" + } + }, + "3.12.11": { + "CVE-2014-2038": { + "cmt_msg": "nfs: always make sure page is up-to-date before extending a write to cover the entire page", + "cmt_id": "4a3cbb28c3bbb4cb24ea59a91c2607d806818b73" + } + }, + "3.12.13": { + "CVE-2014-8709": { + "cmt_msg": "mac80211: fix fragmentation code, particularly for encryption", + "cmt_id": "5258fec859e55f79a80a00b3ca05181a488de766" + }, + "CVE-2014-2039": { + "cmt_msg": "s390: fix kernel crash due to linkage stack instructions", + "cmt_id": "9ee59d9a5b03f45d9b421b020947846d13f27d08" + } + }, + "3.12.14": { + "CVE-2014-0049": { + "cmt_msg": "kvm: x86: fix emulator buffer overflow (CVE-2014-0049)", + "cmt_id": "ee593d3a91514d37f19251daa9d57edfb27e45e7" + }, + "CVE-2014-0069": { + "cmt_msg": "cifs: ensure that uncached writes handle unmapped areas correctly", + "cmt_id": "90d369693d48ec7ffa4ca039e6fd14e861486251" + } + }, + "3.12.15": { + "CVE-2014-0101": { + "cmt_msg": "net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable", + "cmt_id": "00c53b02cb01976b35d37670a4b5c5d7a6ad3c62" + }, + "CVE-2014-7207": { + "cmt_msg": "ipv6: reuse ip6_frag_id from ip6_ufo_append_data", + "cmt_id": "3bbb02a1ba7a2ad0dbbd979ed715c9229b12e36a" + }, + "CVE-2014-2673": { + "cmt_msg": "powerpc/tm: Fix crash when forking inside a transaction", + "cmt_id": "2725f34b41f8e3f444688a814cc2763a1c2b138b" + }, + "CVE-2014-2672": { + "cmt_msg": "ath9k: protect tid->sched check", + "cmt_id": "46e70384f21825caab1a55f64e9fe6d3d16c28cc" + }, + "CVE-2014-2706": { + "cmt_msg": "mac80211: fix AP powersave TX vs. wakeup race", + "cmt_id": "58d4310586466840dab77e56e53f4508853a5268" + } + }, + "3.12.17": { + "CVE-2014-2523": { + "cmt_msg": "netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages", + "cmt_id": "f9c8e356e5c574cfa6ace53bb9956b4469fe606a" + } + }, + "3.12.18": { + "CVE-2014-2309": { + "cmt_msg": "ipv6: don't set DST_NOCOUNT for remotely added routes", + "cmt_id": "50fb0fafd1546f2dc6bf931f3a44f63704ce78ac" + }, + "CVE-2014-0100": { + "cmt_msg": "net: fix for a race condition in the inet frag code", + "cmt_id": "e8443124a1ba9ceee59fb611c534957278f7d44e" + }, + "CVE-2014-2580": { + "cmt_msg": "xen-netback: disable rogue vif in kthread context", + "cmt_id": "699dfec4e90e73bac6455560187c34f77115bc2f" + }, + "CVE-2014-2678": { + "cmt_msg": "rds: prevent dereference of a NULL device in rds_iw_laddr_check", + "cmt_id": "64005923ffdefe53e87138ec472c88877196d405" + }, + "CVE-2014-0077": { + "cmt_msg": "vhost: fix total length when packets are too short", + "cmt_id": "c66635949a08858e6d588b8a32489bca7972cf87" + }, + "CVE-2014-0055": { + "cmt_msg": "vhost: validate vhost_get_vq_desc return value", + "cmt_id": "a2a366ebac39dbb437b893b8705d4b6ce04e062e" + } + }, + "3.12.19": { + "CVE-2014-7283": { + "cmt_msg": "xfs: fix directory hash ordering bug", + "cmt_id": "fd4037cadecf7b5c0e288c19d958917ac1c62a83" + }, + "CVE-2014-0155": { + "cmt_msg": "KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)", + "cmt_id": "95846d96fc3739c515e6c20b0fcea97ab290f09c" + }, + "CVE-2014-2851": { + "cmt_msg": "net: ipv4: current group_info should be put after using.", + "cmt_id": "95c3a5624ae783081cc9d9b0e3d24ea19b36590e" + } + }, + "3.12.20": { + "CVE-2014-3122": { + "cmt_msg": "mm: try_to_unmap_cluster() should lock_page() before mlocking", + "cmt_id": "400fc13141fe947c38e8485ee9d37066d4533363" + }, + "CVE-2014-1738": { + "cmt_msg": "floppy: don't write kernel-only members to FDRAWCMD ioctl output", + "cmt_id": "3d43edf5868f260dbfd1353bf243a78f030a08b0" + }, + "CVE-2014-0196": { + "cmt_msg": "n_tty: Fix n_tty_write crash when echoing in raw mode", + "cmt_id": "61461fa9182895c6396ee9704d80fe8ff9d1135d" + }, + "CVE-2014-1737": { + "cmt_msg": "floppy: ignore kernel-only members in FDRAWCMD ioctl input", + "cmt_id": "36cdf95db237630373162e20142df4d11efdd543" + } + }, + "3.12.21": { + "CVE-2014-3144": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "dd6e370c0083e0382782893708b5241490ea6832" + }, + "CVE-2014-3145": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "dd6e370c0083e0382782893708b5241490ea6832" + }, + "CVE-2014-9715": { + "cmt_msg": "netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len", + "cmt_id": "62c97a8612f753ffa6c5c7bebe140cc0951e539f" + } + }, + "3.12.22": { + "CVE-2014-1739": { + "cmt_msg": "media-device: fix infoleak in ioctl media_enum_entities()", + "cmt_id": "2f1831612c94ee7b1819c4a6d21b9d5efac5297c" + }, + "CVE-2014-3153": { + "cmt_msg": "futex: Make lookup_pi_state more robust", + "cmt_id": "888f1a0f8c36e6982040ec06447a1dcc15686562" + } + }, + "3.12.23": { + "CVE-2014-4157": { + "cmt_msg": "MIPS: asm: thread_info: Add _TIF_SECCOMP flag", + "cmt_id": "649066ce296368e2733ce1d4005f10dc673a9e8f" + }, + "CVE-2014-0181": { + "cmt_msg": "net: Use netlink_ns_capable to verify the permisions of netlink messages", + "cmt_id": "50b8b6e75fa0c08cef1e1ed30a7ab91f05bcb779" + }, + "CVE-2014-4014": { + "cmt_msg": "fs,userns: Change inode_capable to capable_wrt_inode_uidgid", + "cmt_id": "2246a472bce19c0d373fb5488a0e612e3328ce0a" + }, + "CVE-2014-4667": { + "cmt_msg": "sctp: Fix sk_ack_backlog wrap-around problem", + "cmt_id": "ddb638e68690ca61959775b262a5ef0719c5c066" + }, + "CVE-2014-9914": { + "cmt_msg": "ipv4: fix a race in ip4_datagram_release_cb()", + "cmt_id": "c671113b05eb8cdcc5ed8610e9cc45a653ea7558" + }, + "CVE-2014-3917": { + "cmt_msg": "auditsc: audit_krule mask accesses need bounds checking", + "cmt_id": "6004b0e5ac2e8e9e1bb0f012dc9242e03cca95df" + }, + "CVE-2014-0131": { + "cmt_msg": "skbuff: skb_segment: orphan frags before copying", + "cmt_id": "07d054ef6765b307277f02c11b51f0695d6b3d7c" + } + }, + "3.12.24": { + "CVE-2014-4508": { + "cmt_msg": "x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)", + "cmt_id": "b8f4d2179757e17cf16644feb44879c05b5b61ef" + }, + "CVE-2014-3940": { + "cmt_msg": "mm: add !pte_present() check on existing hugetlb_entry callbacks", + "cmt_id": "7032d5fbbf1b08586e1463684d6c8f456889c293" + }, + "CVE-2014-0206": { + "cmt_msg": "aio: fix kernel memory disclosure in io_getevents() introduced in v3.10", + "cmt_id": "bee3f7b8188d4b2a5dfaeb2eb4a68d99f67daecf" + }, + "CVE-2014-4611": { + "cmt_msg": "lz4: ensure length does not wrap", + "cmt_id": "f1bac1ba17822414d4031f840913b4ea27793ba8" + }, + "CVE-2014-4655": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "d8eaff7517ee11b2e7cbc158abbdf899b8351ed3" + }, + "CVE-2014-4654": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "d8eaff7517ee11b2e7cbc158abbdf899b8351ed3" + }, + "CVE-2014-4656": { + "cmt_msg": "ALSA: control: Handle numid overflow", + "cmt_id": "669982364299f6f22bea4324f0f7ee8f8a361b87" + }, + "CVE-2014-4653": { + "cmt_msg": "ALSA: control: Don't access controls outside of protected regions", + "cmt_id": "0bf595fd311aa4d6e82c43879f2c0d0650e83271" + }, + "CVE-2014-4652": { + "cmt_msg": "ALSA: control: Protect user controls against concurrent access", + "cmt_id": "ed81e6b21790b717cda5f5bab2bdb07d2ce17ab1" + } + }, + "3.12.25": { + "CVE-2014-4699": { + "cmt_msg": "ptrace,x86: force IRET path after a ptrace_stop()", + "cmt_id": "2f1824407bf18b019d2c821881dd0956c6f0a254" + } + }, + "3.12.26": { + "CVE-2014-4171": { + "cmt_msg": "shmem: fix faulting into a hole while it's punched", + "cmt_id": "8685789bd8ec12a02b07ea76df4527b055efbf20" + }, + "CVE-2014-5045": { + "cmt_msg": "fs: umount on symlink leaks mnt count", + "cmt_id": "37b0ade4c681de6e0d7762c948c400496bc1b27b" + } + }, + "3.12.27": { + "CVE-2014-3534": { + "cmt_msg": "s390/ptrace: fix PSW mask check", + "cmt_id": "cbcbb4c4826ff594b091e143b0f049f13ab7a64e" + }, + "CVE-2014-5077": { + "cmt_msg": "net: sctp: inherit auth_capable on INIT collisions", + "cmt_id": "4a07c786e3d9fbe989d8b5bf9920a1e34afd8b91" + }, + "CVE-2014-5207": { + "cmt_msg": "mnt: Correct permission checks in do_remount", + "cmt_id": "8b18c0adbc5d0cb1530692e72bcfb88fd7bb77bb" + }, + "CVE-2014-5206": { + "cmt_msg": "mnt: Only change user settable mount flags in remount", + "cmt_id": "25c1def33a2f74079f3062b7afdf98fcf9f34e6d" + } + }, + "3.12.28": { + "CVE-2014-5472": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "e4ca8b780c82c04ec03fcd05d9e3f92fc6de6347" + }, + "CVE-2014-3182": { + "cmt_msg": "HID: logitech: perform bounds checking on device_id early enough", + "cmt_id": "2ae8a66674a4cd7f2cfee757ee29cb63dce755fe" + }, + "CVE-2014-3184": { + "cmt_msg": "HID: fix a couple of off-by-ones", + "cmt_id": "1f78f21b43f2c69f2ea06ed35b77759d000dd2b4" + }, + "CVE-2014-3601": { + "cmt_msg": "kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)", + "cmt_id": "e35b1e9f17e0567f96502f3a2a31dace727ed3da" + }, + "CVE-2014-5471": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "e4ca8b780c82c04ec03fcd05d9e3f92fc6de6347" + } + }, + "3.12.29": { + "CVE-2014-6418": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "0884f8d4139431deb0b98ba0d6fb2d17e2c25c84" + }, + "CVE-2014-3185": { + "cmt_msg": "USB: whiteheat: Added bounds checking for bulk command response", + "cmt_id": "b3d60c320f6597c2be0bcf580cf8093c12c4555f" + }, + "CVE-2014-6417": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "0884f8d4139431deb0b98ba0d6fb2d17e2c25c84" + }, + "CVE-2014-6416": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "0884f8d4139431deb0b98ba0d6fb2d17e2c25c84" + } + }, + "3.12.31": { + "CVE-2014-3181": { + "cmt_msg": "HID: magicmouse: sanity check report size in raw_event() callback", + "cmt_id": "ae81c27a53af5310f1fe47e9252146d79ab3157d" + }, + "CVE-2014-3186": { + "cmt_msg": "HID: picolcd: sanity check report size in raw_event() callback", + "cmt_id": "2dffad6784f0c5f10727a20a333db11eef0b572a" + }, + "CVE-2014-6410": { + "cmt_msg": "udf: Avoid infinite loop when processing indirect ICBs", + "cmt_id": "8ec4e9789b8b4c05ee979daad2a27088e29fac5d" + } + }, + "3.12.32": { + "CVE-2014-4608": { + "cmt_msg": "lzo: check for length overrun in variable length encoding.", + "cmt_id": "4277fc429c1ae9f815aa4e5713514d952032f2fa" + }, + "CVE-2014-7975": { + "cmt_msg": "fs: Add a missing permission check to do_umount", + "cmt_id": "8d9c8c3980a85d79db13c5ce4bb118fef32d4f50" + } + }, + "3.12.33": { + "CVE-2014-3647": { + "cmt_msg": "KVM: x86: Emulator fixes for eip canonical checks on near branches", + "cmt_id": "a20e81cb2b2b8aebdca9d11b6fa2133f1b97251d" + }, + "CVE-2014-3646": { + "cmt_msg": "kvm: vmx: handle invvpid vm exit gracefully", + "cmt_id": "5838e85ea0a3c77a83465dfd87257f96d0ceb6ae" + }, + "CVE-2014-7970": { + "cmt_msg": "mnt: Prevent pivot_root from creating a loop in the mount tree", + "cmt_id": "365446fe1c7bf1b481cedfb9e50cfc8a86fdde89" + }, + "CVE-2014-8884": { + "cmt_msg": "ttusb-dec: buffer overflow in ioctl", + "cmt_id": "482c6cb2dfb40838d67b0ba844b4b3d0af0f3d20" + }, + "CVE-2014-3610": { + "cmt_msg": "KVM: x86: Check non-canonical addresses upon WRMSR", + "cmt_id": "7e60cb9b5f7ad5a47404db9e7a974ab82a054544" + }, + "CVE-2014-3611": { + "cmt_msg": "KVM: x86: Improve thread safety in pit", + "cmt_id": "5671c6a9229edd1b1587b4ea1014d540a7e74797" + }, + "CVE-2014-7826": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "abc07cd01c51fb54088c6bc8ee654d104a5ec7d9" + }, + "CVE-2014-7825": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "abc07cd01c51fb54088c6bc8ee654d104a5ec7d9" + } + }, + "3.12.34": { + "CVE-2014-3687": { + "cmt_msg": "net: sctp: fix panic on duplicate ASCONF chunks", + "cmt_id": "a723db0be941b8aebaa1a98b33d17a91b16603e4" + }, + "CVE-2014-3673": { + "cmt_msg": "net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks", + "cmt_id": "bbd951a21e0fd555cd9ede44c7196af09d04d171" + }, + "CVE-2014-3688": { + "cmt_msg": "net: sctp: fix remote memory pressure from excessive queueing", + "cmt_id": "e476841415c1b7b54e4118d8a219f5db71878675" + }, + "CVE-2014-7841": { + "cmt_msg": "net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet", + "cmt_id": "4008f1dbe6fea8114e7f79ed2d238e369dc9138f" + }, + "CVE-2014-7843": { + "cmt_msg": "arm64: __clear_user: handle exceptions on strb", + "cmt_id": "beb762ba2a940ce1f87a03b1c5820ce2d433db6e" + }, + "CVE-2014-7842": { + "cmt_msg": "KVM: x86: Don't report guest userspace emulation error to userspace", + "cmt_id": "7e1ebf020aff9b3e4c0d52e8ace6e3278e8f8762" + } + }, + "3.12.35": { + "CVE-2014-9090": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "e40598270a40040461c8b8d3a8656d54fb59b9cd" + }, + "CVE-2014-9322": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "e40598270a40040461c8b8d3a8656d54fb59b9cd" + } + }, + "3.12.36": { + "CVE-2014-9420": { + "cmt_msg": "isofs: Fix infinite looping over CE entries", + "cmt_id": "fbce0d7dc8965c9fb8d411862040239d4a768c71" + }, + "CVE-2014-9584": { + "cmt_msg": "isofs: Fix unchecked printing of ER records", + "cmt_id": "2329c797a9dc66982946026cbc1783e072ab8e33" + }, + "CVE-2014-8989": { + "cmt_msg": "userns: Don't allow setgroups until a gid mapping has been setablished", + "cmt_id": "ae254fcf53097d6d83502c1a75366c7e4eface8b" + }, + "CVE-2014-9683": { + "cmt_msg": "eCryptfs: Remove buggy and unnecessary write in file name decode routine", + "cmt_id": "8ffea99d6f2be99790611282f326da95a84a8cab" + }, + "CVE-2014-8133": { + "cmt_msg": "x86/tls: Validate TLS entries to protect espfix", + "cmt_id": "107436a25547580118fd93e5aaf808f6b533b639" + }, + "CVE-2014-8134": { + "cmt_msg": "x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit", + "cmt_id": "a82297838bb23d83795661c55a6b9494c05ac68d" + } + }, + "3.12.37": { + "CVE-2014-9529": { + "cmt_msg": "KEYS: close race between key lookup and freeing", + "cmt_id": "1bb0aca1e0881dfd34a6f39fd44e1e995fc302a1" + }, + "CVE-2014-9585": { + "cmt_msg": "x86_64, vdso: Fix the vdso address randomization algorithm", + "cmt_id": "0c9312164d6e069707dd96a001849f4b853c546d" + }, + "CVE-2014-8559": { + "cmt_msg": "move d_rcu from overlapping d_child to overlapping d_alias", + "cmt_id": "4b2f6663ebde6bed50209a05041b34c203116253" + }, + "CVE-2014-9644": { + "cmt_msg": "crypto: include crypto- module prefix in template", + "cmt_id": "f753253c2c19423b0d6743ca9eae725549299245" + }, + "CVE-2013-7421": { + "cmt_msg": "crypto: prefix module autoloading with \"crypto-\"", + "cmt_id": "7f655881c786824340b0bee70f9738e10d427494" + } + }, + "3.12.38": { + "CVE-2014-3690": { + "cmt_msg": "x86,kvm,vmx: Preserve CR4 across VM entry", + "cmt_id": "2e70fb5dcbaec195febf1eee3b96e8b47e432c35" + }, + "CVE-2014-9728": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "4ff6c40be897225cf818c5202871cfb91ed064f6" + }, + "CVE-2014-9729": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "4ff6c40be897225cf818c5202871cfb91ed064f6" + }, + "CVE-2014-9731": { + "cmt_msg": "udf: Check path length when reading symlink", + "cmt_id": "ebfce5ccba81292a5e34710a602117769118fa9a" + }, + "CVE-2014-9730": { + "cmt_msg": "udf: Check component length before reading it", + "cmt_id": "c94011ac6ae0bbfc8966ec256ad7b1bf30feaeec" + }, + "CVE-2015-1421": { + "cmt_msg": "net: sctp: fix slab corruption from use after free on INIT collisions", + "cmt_id": "43e39c2f63240f67a67b4060882f67dac1a6f339" + } + }, + "3.12.39": { + "CVE-2014-7822": { + "cmt_msg": "->splice_write() via ->write_iter()", + "cmt_id": "d7e3ae47c441894b11dce376ff8d110780872d0d" + }, + "CVE-2015-2830": { + "cmt_msg": "x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization", + "cmt_id": "93ba6108cd76089d6ae16abec65ade5b11546d76" + }, + "CVE-2015-1593": { + "cmt_msg": "x86, mm/ASLR: Fix stack randomization on 64-bit systems", + "cmt_id": "5fb6f0aa14db88c62ca141279ab71f20d6814788" + } + }, + "3.12.40": { + "CVE-2016-0823": { + "cmt_msg": "pagemap: do not leak physical addresses to non-privileged userspace", + "cmt_id": "91e9d77039485b57ddf632638acc0a968a39b856" + }, + "CVE-2015-2666": { + "cmt_msg": "x86/microcode/intel: Guard against stack overflow in the loader", + "cmt_id": "c5988181af3b41381c4d20e08ca6852f99f95417" + }, + "CVE-2015-3331": { + "cmt_msg": "crypto: aesni - fix memory usage in GCM decryption", + "cmt_id": "0585664d17325265ea7cc51aa4f1ff492972b611" + }, + "CVE-2014-2568": { + "cmt_msg": "core, nfqueue, openvswitch: Orphan frags in skb_zerocopy and handle errors", + "cmt_id": "1674b4bf3eea3cac51b70778e89f8025f7cfe695" + }, + "CVE-2015-2150": { + "cmt_msg": "xen-pciback: limit guest control of command register", + "cmt_id": "f82a9cff66e3158a3f86706ff55feba2b22ec8cb" + } + }, + "3.12.41": { + "CVE-2014-8160": { + "cmt_msg": "netfilter: conntrack: disable generic tracking for known protocols", + "cmt_id": "2fb11da9d9016f6c0a4fcb99b8ebd63495c79005" + }, + "CVE-2014-8159": { + "cmt_msg": "IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic", + "cmt_id": "f6094cbab915952132434cc50d738c2976cb4457" + }, + "CVE-2015-2041": { + "cmt_msg": "net: llc: use correct size for sysctl timeout entries", + "cmt_id": "553dd569ff29bc38cebbf9f9dd7c791863ee9113" + }, + "CVE-2015-2042": { + "cmt_msg": "net: rds: use correct size for max unacked packets and bytes", + "cmt_id": "b4482b533bfb54232f31d72c8ab70c1400385040" + }, + "CVE-2015-2922": { + "cmt_msg": "ipv6: Don't reduce hop limit for an interface", + "cmt_id": "ac12ff18b11259e10c2d543aa58c73ff88a68e77" + }, + "CVE-2015-3332": { + "cmt_msg": "tcp: Fix crash in TCP Fast Open", + "cmt_id": "221ff9c56696e9e02d39ecb844528ebb4f8abf0f" + }, + "CVE-2015-0239": { + "cmt_msg": "KVM: x86: SYSENTER emulation is broken", + "cmt_id": "4483ef98b020b9d4cdafef95ee84b18eaccea61a" + } + }, + "3.12.43": { + "CVE-2015-6526": { + "cmt_msg": "powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH", + "cmt_id": "d15e6bc4606b27f53ef70a99d05690fa5a0e6c45" + }, + "CVE-2017-1000253": { + "cmt_msg": "fs/binfmt_elf.c: fix bug in loading of PIE binaries", + "cmt_id": "b255044d68f190693d799263eb4dab66813f2de9" + }, + "CVE-2015-3636": { + "cmt_msg": "ipv4: Missing sk_nulls_node_init() in ping_unhash().", + "cmt_id": "8a9a51ba2eff62e1a899daad7b623becfed8f3f1" + }, + "CVE-2014-8173": { + "cmt_msg": "mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support", + "cmt_id": "5f30307e19b93df1e80b073b15967f53850ad33d" + } + }, + "3.12.44": { + "CVE-2015-4177": { + "cmt_msg": "mnt: Fail collect_mounts when applied to unmounted mounts", + "cmt_id": "6ab282fe6d43027b3b1ef820b3798aae8fdb432b" + }, + "CVE-2015-4700": { + "cmt_msg": "x86: bpf_jit: fix compilation of large bpf programs", + "cmt_id": "0fa9520e7b08f00138cf9a4a95d066492cbcc18d" + }, + "CVE-2015-4036": { + "cmt_msg": "vhost/scsi: potential memory corruption", + "cmt_id": "266ed50f2a81a882d54c4ff7452bca370f396bae" + }, + "CVE-2015-1420": { + "cmt_msg": "vfs: read file_handle only once in handle_to_path", + "cmt_id": "330c542ff8f659055de1992935abaa18b121379e" + }, + "CVE-2015-5364": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "a97b54dd69cb05df4c57f5d5b40c761f7835ce4e" + }, + "CVE-2015-5366": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "a97b54dd69cb05df4c57f5d5b40c761f7835ce4e" + } + }, + "3.12.45": { + "CVE-2015-4167": { + "cmt_msg": "udf: Check length of extended attributes and allocation descriptors", + "cmt_id": "aa826bb1953a0a40b460e053efcf9c5f8cab554b" + }, + "CVE-2014-9710": { + "cmt_msg": "Btrfs: make xattr replace operations atomic", + "cmt_id": "a873146ce4fb025c0b5c1322af5a6bad042f5363" + }, + "CVE-2015-3212": { + "cmt_msg": "sctp: fix ASCONF list handling", + "cmt_id": "bee9ad8fe88affc985755c97511637a8672b0fb2" + }, + "CVE-2015-4003": { + "cmt_msg": "ozwpan: divide-by-zero leading to panic", + "cmt_id": "31c39eb8bdf7226a472d910f36ae7a2f3cbace85" + }, + "CVE-2015-4002": { + "cmt_msg": "ozwpan: Use proper check to prevent heap overflow", + "cmt_id": "b042a31d19ad9780c3eba768eef8db5a8c048653" + }, + "CVE-2014-8172": { + "cmt_msg": "get rid of s_files and files_lock", + "cmt_id": "0da9ac29cddaaf0911fbeaf46e7b4e155cdc792e" + } + }, + "3.12.46": { + "CVE-2015-4692": { + "cmt_msg": "kvm: x86: fix kvm_apic_has_events to check for NULL pointer", + "cmt_id": "cda28549b632e62f662ce15242b7266cce90c128" + }, + "CVE-2015-5707": { + "cmt_msg": "sg_start_req(): make sure that there's not too many elements in iovec", + "cmt_id": "aba300b9c26f063efcaee374e54264c79a611f22" + }, + "CVE-2015-9289": { + "cmt_msg": "cx24116: fix a buffer overflow when checking userspace params", + "cmt_id": "da0f41c912a624883a79ff47321b0e9f76d7f27a" + } + }, + "3.12.47": { + "CVE-2015-3290": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "e0de15fc45a83f94d1ef578f54b427b86a33ab21" + }, + "CVE-2015-5697": { + "cmt_msg": "md: use kzalloc() when bitmap is disabled", + "cmt_id": "6578b22cd80381c9fbab152e1ababd8bfce8b5d0" + }, + "CVE-2015-5157": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "e0de15fc45a83f94d1ef578f54b427b86a33ab21" + }, + "CVE-2015-6252": { + "cmt_msg": "vhost: actually track log eventfd file", + "cmt_id": "a5b3343b05e58b8f8ce7481426f89c048229b50d" + }, + "CVE-2015-3288": { + "cmt_msg": "mm: avoid setting up anonymous pages into file mapping", + "cmt_id": "bf653833fc72668cadcb1f54310f3d0bd6b36393" + }, + "CVE-2015-5706": { + "cmt_msg": "path_openat(): fix double fput()", + "cmt_id": "da59de4cfa5f3562d02fcbc24fe96a08aebea628" + } + }, + "3.12.49": { + "CVE-2015-5283": { + "cmt_msg": "sctp: fix race on protocol/netns initialization", + "cmt_id": "540a0bd97d4e790b9526e266c22f4c12cf732a1f" + }, + "CVE-2015-3291": { + "cmt_msg": "x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection", + "cmt_id": "864c198bbd4e091577602ad42016ccc835af3b93" + }, + "CVE-2015-2925": { + "cmt_msg": "dcache: Handle escaped paths in prepend_path", + "cmt_id": "b32388c040d559d26feef31fa02b4119c76be474" + } + }, + "3.12.50": { + "CVE-2015-7613": { + "cmt_msg": "Initialize msg/shm IPC objects before doing ipc_addid()", + "cmt_id": "89c7ab1494f614bf8323490c79d4a562e90db61b" + }, + "CVE-2015-5257": { + "cmt_msg": "USB: whiteheat: fix potential null-deref at probe", + "cmt_id": "c43eff0a37cc308eab7489701ced35afd4d491d9" + }, + "CVE-2015-8019": { + "cmt_msg": "net: add length argument to skb_copy_and_csum_datagram_iovec", + "cmt_id": "3e1ac3aafbd0cf1f7c81cb7099a8a1d0407e021d" + } + }, + "3.12.51": { + "CVE-2015-8215": { + "cmt_msg": "ipv6: addrconf: validate new MTU before applying it", + "cmt_id": "49f9add06964fe16997aa34099e7bb31c39b0314" + }, + "CVE-2015-7872": { + "cmt_msg": "KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring", + "cmt_id": "bd6e04696299ce030e8650a96151fe383c431dce" + }, + "CVE-2015-8104": { + "cmt_msg": "KVM: svm: unconditionally intercept #DB", + "cmt_id": "4c6a0e0edfe824edd777a496f46817b4fb465cbd" + }, + "CVE-2015-5156": { + "cmt_msg": "virtio-net: drop NETIF_F_FRAGLIST", + "cmt_id": "7c11e86ec40e52468fe65acf89c6da7a6d833a44" + }, + "CVE-2015-5307": { + "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered", + "cmt_id": "0ccaee7be83eb288e8baacf6eebd4d8b8593f462" + }, + "CVE-2015-6937": { + "cmt_msg": "RDS: verify the underlying transport exists before creating a connection", + "cmt_id": "2a3466123f0cb310c2201f0ae4ad3f72905b061b" + } + }, + "3.12.52": { + "CVE-2015-8543": { + "cmt_msg": "net: add validation for the socket syscall protocol argument", + "cmt_id": "0295617f822f630711f5af03316d3cbda6e737d4" + }, + "CVE-2015-8575": { + "cmt_msg": "bluetooth: Validate socket address length in sco_sock_bind().", + "cmt_id": "1d9e57809a93e4083d2b898126ed2165f5200d60" + }, + "CVE-2016-3841": { + "cmt_msg": "ipv6: add complete rcu protection around np->opt", + "cmt_id": "71781d1f85bc02bcdb29b18e9e76f1d49118ddc8" + }, + "CVE-2013-7446": { + "cmt_msg": "unix: avoid use-after-free in ep_remove_wait_queue", + "cmt_id": "9964b4c4ee925b2910723e509abd7241cff1ef84" + }, + "CVE-2015-8569": { + "cmt_msg": "pptp: verify sockaddr_len in pptp_bind() and pptp_connect()", + "cmt_id": "d470ffbe3fe914d176ced4cf330a297c523c5711" + } + }, + "3.12.53": { + "CVE-2016-10229": { + "cmt_msg": "udp: properly support MSG_PEEK with truncated buffers", + "cmt_id": "c3bfbecb1bb575278ce4812746a29c04875a2926" + }, + "CVE-2015-7515": { + "cmt_msg": "Input: aiptek - fix crash on detecting device without endpoints", + "cmt_id": "a7c0ba06670f99c252d5bb74258dddbf50fef837" + }, + "CVE-2016-0728": { + "cmt_msg": "KEYS: Fix keyring ref leak in join_session_keyring()", + "cmt_id": "6849cd97b0511913e17ef8bb53bd5558c4b51fc8" + }, + "CVE-2015-7799": { + "cmt_msg": "isdn_ppp: Add checks for allocation failure in isdn_ppp_open()", + "cmt_id": "a4c5c2262fc842e0323043a23a84be706760d628" + }, + "CVE-2015-7550": { + "cmt_msg": "KEYS: Fix race between read and revoke", + "cmt_id": "2d783600fdeafa5d7e5079c7aa79212116f60e51" + }, + "CVE-2015-7885": { + "cmt_msg": "staging/dgnc: fix info leak in ioctl", + "cmt_id": "39c9944afb08c26ff36ae1967497d44fcf5a87ed" + }, + "CVE-2015-8767": { + "cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event", + "cmt_id": "6b1a4c8425acde6b3725e9ca5dc7af544c656fda" + } + }, + "3.12.54": { + "CVE-2016-8646": { + "cmt_msg": "crypto: algif_hash - Only export and import on sockets with data", + "cmt_id": "231304036a751d3b6bd736fc81d3b8037d87350d" + }, + "CVE-2015-8844": { + "cmt_msg": "powerpc/tm: Block signal return setting invalid MSR state", + "cmt_id": "e9214d1047a5f215b2275ba6374fb076b9c73245" + }, + "CVE-2016-2545": { + "cmt_msg": "ALSA: timer: Fix double unlink of active_list", + "cmt_id": "d8f5adeeed06acd63b93bc757a7e09adc8c33e64" + }, + "CVE-2016-2544": { + "cmt_msg": "ALSA: seq: Fix race at timer setup and close", + "cmt_id": "49386ca9bcb24608ed22e19fb61599e6049f8a44" + }, + "CVE-2016-2547": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "6e74b2deb63c48ddcd318b6c3d69f4f503e65d18" + }, + "CVE-2016-2546": { + "cmt_msg": "ALSA: timer: Fix race among timer ioctls", + "cmt_id": "7210b17187111e20afca4b4e30a31fa13c71a61b" + }, + "CVE-2016-2543": { + "cmt_msg": "ALSA: seq: Fix missing NULL check at remove_events ioctl", + "cmt_id": "2e17cb8c3553b2d61d9d70344bbec8a82c56e7d7" + }, + "CVE-2016-2549": { + "cmt_msg": "ALSA: hrtimer: Fix stall by hrtimer_cancel()", + "cmt_id": "30e269d8d1af5ab11e613eab94af33693e95ade6" + }, + "CVE-2016-2548": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "6e74b2deb63c48ddcd318b6c3d69f4f503e65d18" + } + }, + "3.12.55": { + "CVE-2015-8785": { + "cmt_msg": "fuse: break infinite loop in fuse_fill_write_pages()", + "cmt_id": "affc1b9e84738b96f2e4e24a6fc95e09ef9a7b4b" + }, + "CVE-2015-8970": { + "cmt_msg": "crypto: algif_skcipher - Require setkey before accept(2)", + "cmt_id": "82a0aa2c08de674191cf5e99b649af145c5ade25" + }, + "CVE-2015-7566": { + "cmt_msg": "USB: serial: visor: fix crash on detecting device without write_urbs", + "cmt_id": "c88ff183d8a3b3599394885f458b40eb838c0850" + }, + "CVE-2016-0723": { + "cmt_msg": "tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)", + "cmt_id": "4e6d2e76232ae19658064746fd5e5d800b8b5964" + }, + "CVE-2016-2384": { + "cmt_msg": "ALSA: usb-audio: avoid freeing umidi object twice", + "cmt_id": "563b627dbd698b2ae2f385718f1682ec20a51119" + } + }, + "3.12.56": { + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak", + "cmt_id": "45c4c852c8ab5fb7e879892afa665dc47e55956d" + }, + "CVE-2015-8812": { + "cmt_msg": "iw_cxgb3: Fix incorrectly returning error on success", + "cmt_id": "aec2e8966c788ccb1d7beed3401adfb470676877" + } + }, + "3.12.57": { + "CVE-2015-8551": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "0842f7d8a78ff7f9c3a176abaa620a220fc82e75" + }, + "CVE-2015-8553": { + "cmt_msg": "xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.", + "cmt_id": "bb7aa305af0fd136dde25ad65ec0d3279d809d8b" + }, + "CVE-2013-4312": { + "cmt_msg": "unix: properly account for FDs passed over unix sockets", + "cmt_id": "3d024dcef2548028e9f9b7876a544e6e0af00175" + }, + "CVE-2015-8552": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "0842f7d8a78ff7f9c3a176abaa620a220fc82e75" + } + }, + "3.12.58": { + "CVE-2015-8550": { + "cmt_msg": "xen: Add RING_COPY_REQUEST()", + "cmt_id": "120b649bd2f6699ed56dfa93c4a8b070babe9984" + }, + "CVE-2016-2143": { + "cmt_msg": "s390/mm: four page table levels vs. fork", + "cmt_id": "bf06b31b00b2bc7427e567c67d11c01513044557" + }, + "CVE-2016-3156": { + "cmt_msg": "ipv4: Don't do expensive useless work during inetdev destroy.", + "cmt_id": "5cc4ff312ac06ee4c49801f5b288c1118c3e5785" + }, + "CVE-2016-3137": { + "cmt_msg": "USB: cypress_m8: add endpoint sanity check", + "cmt_id": "4a77ba7a4e8567821f3e77054f23b3daade25999" + }, + "CVE-2016-9685": { + "cmt_msg": "xfs: fix two memory leaks in xfs_attr_list.c error paths", + "cmt_id": "36f5207148d48433625966162d03f804d81e1a23" + }, + "CVE-2016-3140": { + "cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports", + "cmt_id": "cd4d737344639d7225d0232ec99a1b833d7e2324" + }, + "CVE-2016-2782": { + "cmt_msg": "USB: visor: fix null-deref at probe", + "cmt_id": "d53a0262f6738c81193e000b2975a7183be521f3" + }, + "CVE-2016-3157": { + "cmt_msg": "x86/iopl/64: Properly context-switch IOPL on Xen PV", + "cmt_id": "a2a4370a312ac4793b165768f8fc69495b05b23e" + }, + "CVE-2016-2185": { + "cmt_msg": "Input: ati_remote2 - fix crashes on detecting device with invalid descriptor", + "cmt_id": "ca216547bc4a3e7d73043f4d9b42d6461cf3067f" + }, + "CVE-2016-2184": { + "cmt_msg": "ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()", + "cmt_id": "3b8dbf6b7b4e4fd1274fe2e5b04eda5a3394c543" + }, + "CVE-2015-8816": { + "cmt_msg": "USB: fix invalid memory access in hub_activate()", + "cmt_id": "a706ac408da4994438d995d2cf4d2f7943086ca4" + }, + "CVE-2016-2186": { + "cmt_msg": "Input: powermate - fix oops with malicious USB descriptors", + "cmt_id": "4f5d9400a57200b8a9f6a683a7beadd159ac09e1" + }, + "CVE-2016-3689": { + "cmt_msg": "Input: ims-pcu - sanity check against missing interfaces", + "cmt_id": "b18626baf7a8b5bef098204516641b0701419d85" + }, + "CVE-2016-3136": { + "cmt_msg": "USB: mct_u232: add sanity checking in probe", + "cmt_id": "f9dbb3666b3ddb5f9a7e44a433383cb6880a03f5" + }, + "CVE-2016-3138": { + "cmt_msg": "USB: cdc-acm: more sanity checking", + "cmt_id": "f475db149d75bf100084a813ce9e1e9f4fa508e7" + } + }, + "3.12.59": { + "CVE-2015-7513": { + "cmt_msg": "KVM: x86: Reload pit counters for all channels when restoring state", + "cmt_id": "e31a2100a342288b665c31af0a5f01e794866cda" + }, + "CVE-2016-3955": { + "cmt_msg": "USB: usbip: fix potential out-of-bounds write", + "cmt_id": "3b86e790417645fa899ed658a8e17f6832cf3936" + }, + "CVE-2016-2085": { + "cmt_msg": "EVM: Use crypto_memneq() for digest comparisons", + "cmt_id": "afe5a791d374e50a06ada7f4eda4e921e1b77996" + }, + "CVE-2016-7117": { + "cmt_msg": "net: Fix use after free in the recvmmsg exit path", + "cmt_id": "2c7a8d368b3bef1cf97ea000ba0c07b27562af15" + }, + "CVE-2016-3951": { + "cmt_msg": "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind", + "cmt_id": "f0592d355da50713a25c943a08142363237f1a41" + }, + "CVE-2016-4805": { + "cmt_msg": "ppp: take reference on channels netns", + "cmt_id": "736a17fe375978bce54cff359a3f76fb2676f872" + }, + "CVE-2016-3134": { + "cmt_msg": "netfilter: x_tables: fix unconditional helper", + "cmt_id": "9192d640a3917d7daf313795b4b7fc6329b3f6e5" + }, + "CVE-2016-2847": { + "cmt_msg": "pipe: limit the per-user amount of pages allocated in pipes", + "cmt_id": "2a032e307d35402306c6464537b8bc6a0a3ac91d" + } + }, + "3.12.60": { + "CVE-2016-4580": { + "cmt_msg": "net: fix a kernel infoleak in x25 module", + "cmt_id": "aeb14f1738e3c6a703213cb103e0f89f143bd276" + }, + "CVE-2016-4486": { + "cmt_msg": "net: fix infoleak in rtnetlink", + "cmt_id": "3248734d04fe4140b66aca5ce0372d7eae093293" + }, + "CVE-2016-2117": { + "cmt_msg": "atl2: Disable unimplemented scatter/gather feature", + "cmt_id": "59e126bf0fefcc03f309d3893a921637064fc2ee" + }, + "CVE-2016-4485": { + "cmt_msg": "net: fix infoleak in llc", + "cmt_id": "734b9658068b9b2ecb3aff06e125a66e02306386" + }, + "CVE-2016-4913": { + "cmt_msg": "get_rock_ridge_filename(): handle malformed NM entries", + "cmt_id": "7721094c03d1caad50b04eb60b06369b8a2e52d3" + }, + "CVE-2016-2187": { + "cmt_msg": "Input: gtco - fix crash on detecting device without endpoints", + "cmt_id": "8c29c640402a7baf7fa9a31cd5bda288090a19ac" + }, + "CVE-2016-7916": { + "cmt_msg": "proc: prevent accessing /proc/<PID>/environ until it's ready", + "cmt_id": "cdfaba237820a99bad60d947530725151a611ca0" + }, + "CVE-2016-0758": { + "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing", + "cmt_id": "012d81589afb85807b7ebe72f3505d90f34aa265" + }, + "CVE-2016-0821": { + "cmt_msg": "include/linux/poison.h: fix LIST_POISON{1,2} offset", + "cmt_id": "c7ecfa39d66c62ee662ae6906a2eec3d28a96e6a" + } + }, + "3.12.61": { + "CVE-2016-4565": { + "cmt_msg": "IB/security: Restrict use of the write() interface", + "cmt_id": "0ab923b3982c323bd95e63a9b93dc65d1aebb94f" + }, + "CVE-2016-9754": { + "cmt_msg": "ring-buffer: Prevent overflow of size in ring_buffer_resize()", + "cmt_id": "5feada97176f05f92088911fa807d30445c6a0c6" + } + }, + "3.12.62": { + "CVE-2016-4997": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "1812c704ac70a37c06f239d7c06fd4331a25c779" + }, + "CVE-2016-4569": { + "cmt_msg": "ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS", + "cmt_id": "16e5f4c6ea671ffce2ee49e308c1e812144547d2" + }, + "CVE-2016-4578": { + "cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback", + "cmt_id": "640b1f79615c2b7dfba517aba7a8164c489da10c" + }, + "CVE-2016-4470": { + "cmt_msg": "KEYS: potential uninitialized variable", + "cmt_id": "8c903c052ddf107cdbf4e0ccb54ad20be75c899f" + }, + "CVE-2016-4998": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "1812c704ac70a37c06f239d7c06fd4331a25c779" + }, + "CVE-2016-5244": { + "cmt_msg": "rds: fix an infoleak in rds_inc_info_copy", + "cmt_id": "3360c51768c3c589e7db3f2a4308b729ebcc7bae" + }, + "CVE-2016-4482": { + "cmt_msg": "USB: usbfs: fix potential infoleak in devio", + "cmt_id": "fd0d40b9370853c02102c22b91ff7c3cd1077e8b" + }, + "CVE-2016-9806": { + "cmt_msg": "netlink: Fix dump skb leak/double free", + "cmt_id": "461dbb3855305ad7e841799ef573d6fc2abf6ed3" + }, + "CVE-2016-5829": { + "cmt_msg": "HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands", + "cmt_id": "5b9003297640242a33bb325f57ac60359ed0be43" + }, + "CVE-2014-9904": { + "cmt_msg": "ALSA: compress: fix an integer overflow check", + "cmt_id": "9deea4ddcc8f6b9708075aa307042c43b4fde732" + } + }, + "3.12.63": { + "CVE-2016-3070": { + "cmt_msg": "mm: migrate dirty page without clear_page_dirty_for_io etc", + "cmt_id": "2c789028e7390ca050752f659a82c6cdad357b67" + }, + "CVE-2016-2069": { + "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization", + "cmt_id": "aa8f21d06e61b029341c51b17edd68ba15fe0e47" + }, + "CVE-2016-7910": { + "cmt_msg": "block: fix use-after-free in seq file", + "cmt_id": "8b85bc8b9e08482c7450b83e0a85532d8d87da49" + }, + "CVE-2016-5696": { + "cmt_msg": "tcp: make challenge acks less predictable", + "cmt_id": "56d86b8ad437e6c19dcade9ff7c3d9c0522df6f3" + }, + "CVE-2016-3857": { + "cmt_msg": "arm: oabi compat: add missing access checks", + "cmt_id": "3d207c4c414adc515aa666f2b010f6e85c5528a7" + } + }, + "3.12.64": { + "CVE-2016-6130": { + "cmt_msg": "s390/sclp_ctl: fix potential information leak with /dev/sclp", + "cmt_id": "6ec8ba03f408beac5bad1e9ec06c8a90b373f3ac" + }, + "CVE-2016-9178": { + "cmt_msg": "fix minor infoleak in get_user_ex()", + "cmt_id": "d42924ab1ec523c0671f5560d51750996be31d3a" + }, + "CVE-2016-6828": { + "cmt_msg": "tcp: fix use after free in tcp_xmit_retransmit_queue()", + "cmt_id": "1f25ea564d810767b4ce3302530156dd5ddaa0f4" + }, + "CVE-2016-6480": { + "cmt_msg": "aacraid: Check size values after double-fetch from user", + "cmt_id": "bcc85e09fc60d2e99053eae3fd0515c343189375" + } + }, + "3.12.65": { + "CVE-2016-6327": { + "cmt_msg": "IB/srpt: Simplify srpt_handle_tsk_mgmt()", + "cmt_id": "979f1b7344634315d895025b53b002896057c09d" + }, + "CVE-2017-15102": { + "cmt_msg": "usb: misc: legousbtower: Fix NULL pointer deference", + "cmt_id": "55b6c165bdf9b2808137cc5d49066e8a5344622a" + } + }, + "3.12.66": { + "CVE-2016-5195": { + "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()", + "cmt_id": "f949fcd7414197b8e04b07c480d36bc39332ff7b" + }, + "CVE-2016-8658": { + "cmt_msg": "brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()", + "cmt_id": "bfce0a403535f6071a08d6365b8c4b3cfeba2d67" + } + }, + "3.12.67": { + "CVE-2016-7425": { + "cmt_msg": "scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()", + "cmt_id": "e50a611253c70bdb3fad29b7a3411c3b1237cc8e" + } + }, + "3.12.68": { + "CVE-2015-9004": { + "cmt_msg": "perf: Tighten (and fix) the grouping condition", + "cmt_id": "5e08a111b0a076648039fb2a08d6e101a6af9388" + }, + "CVE-2016-3961": { + "cmt_msg": "x86/mm/xen: Suppress hugetlbfs in PV guests", + "cmt_id": "b0363263e57199808d17e597df74cbdb28abbe55" + }, + "CVE-2016-7042": { + "cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function", + "cmt_id": "cd93b7f830c1fa1cb35146c701ce8eecb2b19c44" + }, + "CVE-2016-8645": { + "cmt_msg": "tcp: take care of truncations done by sk_filter()", + "cmt_id": "9edbcfdced9628dfdc6dc54d625e571aef81a8a5" + }, + "CVE-2016-8633": { + "cmt_msg": "firewire: net: guard against rx buffer overflows", + "cmt_id": "488c5d8218f38a4c6aa90a65b81492e868a251fd" + }, + "CVE-2015-8964": { + "cmt_msg": "tty: Prevent ldisc drivers from re-using stale tty fields", + "cmt_id": "e1a77178a3ecee0f5e70568e9ddb99bd7d0c5ee7" + }, + "CVE-2016-9555": { + "cmt_msg": "sctp: validate chunk len before actually using it", + "cmt_id": "fb77271c550e1414597dfac77202d85bd866f0a9" + } + }, + "3.12.69": { + "CVE-2016-9793": { + "cmt_msg": "net: avoid signed overflows for SO_{SND|RCV}BUFFORCE", + "cmt_id": "40c753f1714416931dc093b960aa3fcac4a545c5" + }, + "CVE-2016-8650": { + "cmt_msg": "mpi: Fix NULL ptr dereference in mpi_powm()", + "cmt_id": "18fb7a8fb3d55275fc17f4ff5c7e34dd2b6d74e5" + }, + "CVE-2016-10200": { + "cmt_msg": "l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()", + "cmt_id": "c20932ae0d412f1aabf3514891cdd6ae6a08ae01" + }, + "CVE-2016-9794": { + "cmt_msg": "ALSA: pcm : Call kill_fasync() in stream lock", + "cmt_id": "3af0be0536e71b0ed55620aca65f9144bf2c1088" + }, + "CVE-2016-8655": { + "cmt_msg": "packet: fix race condition in packet_set_ring", + "cmt_id": "c80480c4ad5208431a7fb003472bd576bbe6ebb7" + } + }, + "3.12.70": { + "CVE-2016-9083": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "e4f13c5f27d6bfb2fea565d346273b0c74023ae6" + }, + "CVE-2016-10088": { + "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS", + "cmt_id": "7eb9e6472cbdd8e2df774ae91531c8959e21dbbc" + }, + "CVE-2017-5549": { + "cmt_msg": "USB: serial: kl5kusb105: fix line-state error handling", + "cmt_id": "9ed06d4fa06cce8f37637771000f0eded3a6d572" + }, + "CVE-2017-7273": { + "cmt_msg": "HID: hid-cypress: validate length of report", + "cmt_id": "5bc00ccfce098d09c1aa097806660d9709fbe956" + }, + "CVE-2017-7495": { + "cmt_msg": "ext4: fix data exposure after a crash", + "cmt_id": "10de8b686e90eb57066cf4d04d7ddbc54b4f1833" + }, + "CVE-2016-7097": { + "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions", + "cmt_id": "a88a2be387d1d8a5843826e12009c79e32fb46c8" + }, + "CVE-2016-9588": { + "cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)", + "cmt_id": "aaa9f982f5dc0a64bcc6d83cc78e690c757bcad8" + }, + "CVE-2016-9084": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "e4f13c5f27d6bfb2fea565d346273b0c74023ae6" + }, + "CVE-2016-9191": { + "cmt_msg": "sysctl: Drop reference added by grab_header in proc_sys_readdir", + "cmt_id": "baa7295e1d686a443c0c23156b0bc9058d783aa4" + }, + "CVE-2016-7911": { + "cmt_msg": "block: fix use-after-free in sys_ioprio_get()", + "cmt_id": "075030bd3251283bd380b60eeecc8e4ba8778f22" + }, + "CVE-2016-7913": { + "cmt_msg": "xc2028: avoid use after free", + "cmt_id": "74e3d04ca992bedac5080ed1a817fabf71667210" + }, + "CVE-2017-5551": { + "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs", + "cmt_id": "b0369e53c851f8cd87afd059d360a4f646840c8c" + }, + "CVE-2017-2583": { + "cmt_msg": "KVM: x86: fix emulation of \"MOV SS, null selector\"", + "cmt_id": "f043f20c055e3485fb82e0955a9f94f50cdffe15" + }, + "CVE-2015-8962": { + "cmt_msg": "sg: Fix double-free when drives detach during SG_IO", + "cmt_id": "969541196ff043df0bde0c4beae9d83185ea3d81" + }, + "CVE-2017-2584": { + "cmt_msg": "KVM: x86: Introduce segmented_write_std", + "cmt_id": "544a81ed7dc176f400e2272595ac02f2791385a8" + } + }, + "3.12.71": { + "CVE-2017-6345": { + "cmt_msg": "net/llc: avoid BUG_ON() in skb_orphan()", + "cmt_id": "c112a93ae0bf3906150d3c7badd8ccc2708ad031" + }, + "CVE-2017-2618": { + "cmt_msg": "selinux: fix off-by-one in setprocattr", + "cmt_id": "8f52584d2277df36b41b45d0caa716640d562e09" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO", + "cmt_id": "336d459d464a2d23b5df724ae5fb5cd92bc9074c" + }, + "CVE-2016-10208": { + "cmt_msg": "ext4: validate s_first_meta_bg at mount time", + "cmt_id": "bb878bdeaf6c48268322c2e4bdef0879902867aa" + }, + "CVE-2017-5897": { + "cmt_msg": "ip6_gre: fix ip6gre_err() invalid reads", + "cmt_id": "1ae4b12d7643d9bdde764ef671440a8eaf6cfd55" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete().", + "cmt_id": "7132afee391a91d58daa332e1851f1139889b0e3" + }, + "CVE-2017-5970": { + "cmt_msg": "ipv4: keep skb->dst around in presence of IP options", + "cmt_id": "e5a82d662d35933e5511c0280e8513d38d9d4fa0" + }, + "CVE-2016-8405": { + "cmt_msg": "fbdev: color map copying bounds checking", + "cmt_id": "63f6df889c8eff7d9455659941b615a428d6a7b4" + }, + "CVE-2017-5986": { + "cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf", + "cmt_id": "7a814bf5fc8b6738af64bc05d824a22d269962c6" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()", + "cmt_id": "6d46193d7ccae0758a8e887a6897a3e133eb9610" + }, + "CVE-2017-6214": { + "cmt_msg": "tcp: avoid infinite loop in tcp_splice_read()", + "cmt_id": "917c66630a6ab8a71464c9d57ea6fe14eca9b9fa" + } + }, + "3.12.72": { + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it", + "cmt_id": "8aee8e6c2f0e8a9531a98a227e112fd4835a1881" + }, + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf", + "cmt_id": "63075fbddd5151d2e98fa7cf0608a2113e23607d" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection", + "cmt_id": "afa870b96a40e523f96130beeef6cdc51de4e8d9" + } + }, + "3.12.73": { + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window", + "cmt_id": "be4f4140ab3e8d4142f47c79b0a29f0ec53540b5" + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe", + "cmt_id": "793b927173199800010a37da93c92e603a1136ce" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler", + "cmt_id": "ef598b806384182a74f2aa9bc24a0284faf3940e" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open", + "cmt_id": "5b6983c42e4406e92b51a705c24190e1054cb60d" + } + }, + "3.12.74": { + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", + "cmt_id": "e7fea2a4fa3719517f9a48389e7f3c8b1cc8c299" + }, + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments", + "cmt_id": "7a6875988a7fce567e4ee22481d6e7dd82a33eff" + }, + "CVE-2017-6951": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "716aa8781692706c78bea54b1efd4269d15d4071" + }, + "CVE-2017-8064": { + "cmt_msg": "dvb-usb-v2: avoid use-after-free", + "cmt_id": "03662cd00e03d0fe34f9f91217313a4544b71c60" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()", + "cmt_id": "13a6a971c9165237531c2870da03084a6becc905" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking", + "cmt_id": "10e710684943bfd0653d7f0bcf430cdaf25a0d2f" + }, + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size", + "cmt_id": "0a39eb8a881e83154aadacc36fc8bda8258f1991" + }, + "CVE-2017-2647": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "716aa8781692706c78bea54b1efd4269d15d4071" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads", + "cmt_id": "59546b98395d875f4f85cb1cbac0b5396e3ffe45" + }, + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings", + "cmt_id": "e5b32c157bdd74cb0b402506c647222e59c6c11c" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind.", + "cmt_id": "9840e8fb9edaa9a930eb6f922f61cfbf91073c51" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings", + "cmt_id": "7c46e24ef54c73c7db075d3ff4df0d3b996ac759" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2017-10662": { + "cmt_msg": "f2fs: sanity check segment count" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2016-10044": { + "cmt_msg": "aio: mark AIO pseudo-fs noexec" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2015-4176": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2016-3672": { + "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2015-4178": { + "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." + }, + "CVE-2016-10906": { + "cmt_msg": "net: arc_emac: fix koops caused by sk_buff free" + }, + "CVE-2016-10905": { + "cmt_msg": "GFS2: don't set rgrp gl_object until it's inserted into rgrp tree" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-7518": { + "cmt_msg": "KVM: x86: fix singlestepping over syscall" + }, + "CVE-2021-39714": { + "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl" + }, + "CVE-2017-13215": { + "cmt_msg": "crypto: algif_skcipher - Load TX SG list after waiting" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2014-9717": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2015-8955": { + "cmt_msg": "arm64: perf: reject groups spanning multiple HW PMUs" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2015-9016": { + "cmt_msg": "blk-mq: fix race between timeout and freeing request" + }, + "CVE-2015-8952": { + "cmt_msg": "ext2: convert to mbcache2" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2015-1350": { + "cmt_msg": "fs: Avoid premature clearing of capabilities" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2017-18509": { + "cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2016-6213": { + "cmt_msg": "mnt: Add a per mount namespace limit on the number of mounts" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length" + }, + "CVE-2017-8106": { + "cmt_msg": "KVM: nVMX: Don't advertise single context invalidation for invept" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2014-9922": { + "cmt_msg": "fs: limit filesystem stacking depth" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2018-7480": { + "cmt_msg": "blkcg: fix double free of new_blkg in blkcg_init_queue" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2016-3139": { + "cmt_msg": "Input: wacom - compute the HID report size to get the actual packet size" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2017-8797": { + "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy" + }, + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2014-1874": { + "cmt_msg": "SELinux: Fix kernel BUG on empty security contexts." + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2014-4943": { + "cmt_msg": "net/l2tp: don't fall back on UDP [get|set]sockopt" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2017-18017": { + "cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables" + }, + "CVE-2017-11472": { + "cmt_msg": "ACPICA: Namespace: fix operand cache leak" + }, + "CVE-2016-9120": { + "cmt_msg": "staging/android/ion : fix a race condition in the ion driver" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held" + }, + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly" + }, + "CVE-2016-5828": { + "cmt_msg": "powerpc/tm: Always reclaim in start_thread() for exec() class syscalls" + }, + "CVE-2018-9422": { + "cmt_msg": "futex: Remove requirement for lock_page() in get_futex_key()" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present" + }, + "CVE-2017-15868": { + "cmt_msg": "Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2014-3180": { + "cmt_msg": "compat: nanosleep: Clarify error handling" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2017-15116": { + "cmt_msg": "crypto: rng - Remove old low-level rng interface" + }, + "CVE-2016-8632": { + "cmt_msg": "tipc: check minimum bearer MTU" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls" + }, + "CVE-2016-7915": { + "cmt_msg": "HID: core: prevent out-of-bound readings" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2016-7917": { + "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2017-10810": { + "cmt_msg": "drm/virtio: don't leak bo on drm_gem_object_init failure" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2017-13167": { + "cmt_msg": "ALSA: timer: Fix race at concurrent reads" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2014-7145": { + "cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key" + }, + "CVE-2017-0750": { + "cmt_msg": "f2fs: do more integrity verification for superblock" + }, + "CVE-2019-11190": { + "cmt_msg": "binfmt_elf: switch to new creds when switching to new mm" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2017-13305": { + "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" + }, + "CVE-2017-13220": { + "cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2017-18255": { + "cmt_msg": "perf/core: Fix the perf_cpu_time_max_percent check" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference" + }, + "CVE-2014-9419": { + "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2017-18221": { + "cmt_msg": "mlock: fix mlock count can not decrease in race condition" + }, + "CVE-2020-0066": { + "cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2017-18552": { + "cmt_msg": "RDS: validate the requested traces user input against max supported" + }, + "CVE-2015-8839": { + "cmt_msg": "ext4: fix races between page faults and hole punching" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2015-8830": { + "cmt_msg": "aio: lift iov_iter_init() into aio_setup_..._rw()" + }, + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2016-10741": { + "cmt_msg": "xfs: don't BUG() on mixed direct and mapped I/O" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1066": { + "cmt_msg": "CIFS: Enable encryption during session setup phase" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation" + }, + "CVE-2015-8967": { + "cmt_msg": "arm64: make sys_call_table const" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2021-20261": { + "cmt_msg": "floppy: fix lock_fdc() signal handling" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2016-6136": { + "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" + }, + "CVE-2015-8374": { + "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2015-8950": { + "cmt_msg": "arm64: dma-mapping: always clear allocated buffers" + }, + "CVE-2015-1805": { + "cmt_msg": "new helper: copy_page_from_iter()" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination" + }, + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2017-5967": { + "cmt_msg": "time: Remove CONFIG_TIMER_STATS" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2019-2054": { + "cmt_msg": "arm/ptrace: run seccomp after ptrace" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2016-10147": { + "cmt_msg": "crypto: mcryptd - Check mcryptd algorithm compatibility" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2014-9888": { + "cmt_msg": "ARM: dma-mapping: don't allow DMA mappings to be marked executable" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2016-1583": { + "cmt_msg": "proc: prevent stacking filesystems on top" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2015-3339": { + "cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2016-6787": { + "cmt_msg": "perf: Fix event->ctx locking" + }, + "CVE-2016-6786": { + "cmt_msg": "perf: Fix event->ctx locking" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2014-9940": { + "cmt_msg": "regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2017-8831": { + "cmt_msg": "[media] saa7164: fix double fetch PCIe access condition" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()" + }, + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2017-18249": { + "cmt_msg": "f2fs: fix race condition in between free nid allocator/initializer" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2016-5243": { + "cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2017-9725": { + "cmt_msg": "mm: cma: fix incorrect type conversion for size during dma allocation" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2014-4027": { + "cmt_msg": "target/rd: Refactor rd_build_device_space + rd_release_device_space" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-14305": { + "cmt_msg": "netfilter: helpers: remove data_len usage for inkernel helpers" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2017-8065": { + "cmt_msg": "crypto: ccm - move cbcmac input off the stack" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2015-0274": { + "cmt_msg": "xfs: remote attribute overwrite causes transaction overrun" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2020-10742": { + "cmt_msg": "new helper: iov_iter_get_pages_alloc()" + }, + "CVE-2017-12168": { + "cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2016-6198": { + "cmt_msg": "vfs: add vfs_select_inode() helper" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2016-6197": { + "cmt_msg": "ovl: verify upper dentry before unlink and rename" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2015-8709": { + "cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks" + }, + "CVE-2017-6001": { + "cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow" + }, + "CVE-2016-9644": { + "cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2015-8845": { + "cmt_msg": "powerpc/tm: Check for already reclaimed tasks" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2015-8966": { + "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2015-8963": { + "cmt_msg": "perf: Fix race in swevent hash" + }, + "CVE-2019-3837": { + "cmt_msg": "net_dma: simple removal" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2014-9803": { + "cmt_msg": "Revert \"arm64: Introduce execute-only page access permissions\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2017-5972": { + "cmt_msg": "tcp: do not lock listener to process SYN packets" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2015-4004": { + "cmt_msg": "staging: ozwpan: Remove from tree" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2015-4001": { + "cmt_msg": "ozwpan: Use unsigned ints to prevent heap overflow" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2019-3901": { + "cmt_msg": "perf/core: Fix perf_event_open() vs. execve() race" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "3.14": { + "3.14": { + "CVE-2014-0077": { + "cmt_msg": "vhost: fix total length when packets are too short", + "cmt_id": "d8316f3991d207fe32881a9ac20241be8fa2bad0" + }, + "CVE-2014-2568": { + "cmt_msg": "core, nfqueue, openvswitch: Orphan frags in skb_zerocopy and handle errors", + "cmt_id": "36d5fe6a000790f56039afe26834265db0a3ad4c" + }, + "CVE-2014-0055": { + "cmt_msg": "vhost: validate vhost_get_vq_desc return value", + "cmt_id": "a39ee449f96a2cd44ce056d8a0a112211a9b1a1f" + } + }, + "3.14.1": { + "CVE-2014-2678": { + "cmt_msg": "rds: prevent dereference of a NULL device in rds_iw_laddr_check", + "cmt_id": "eb3d1ebaa77c257872264015644f182c7888c021" + }, + "CVE-2014-2580": { + "cmt_msg": "xen-netback: disable rogue vif in kthread context", + "cmt_id": "7caaadd87daa11474872b63ff4edf745c6cb8550" + } + }, + "3.14.2": { + "CVE-2014-7283": { + "cmt_msg": "xfs: fix directory hash ordering bug", + "cmt_id": "7de24f7b0ddb815d7a8375354a9612264092edcb" + } + }, + "3.14.3": { + "CVE-2014-3122": { + "cmt_msg": "mm: try_to_unmap_cluster() should lock_page() before mlocking", + "cmt_id": "9eef7172d412d1886b51f8c75b7e9b71c50203e3" + }, + "CVE-2014-2739": { + "cmt_msg": "IB/core: Don't resolve passive side RoCE L2 address in CMA REQ handler", + "cmt_id": "5daac1bcbb85cbf03e7e7d3cafeeb31977d82113" + } + }, + "3.14.4": { + "CVE-2014-1738": { + "cmt_msg": "floppy: don't write kernel-only members to FDRAWCMD ioctl output", + "cmt_id": "b487c62505afbd87654773562fbf2e89bcd52147" + }, + "CVE-2014-0155": { + "cmt_msg": "KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)", + "cmt_id": "f8944acc97ceebf902e5b26b900aefef987ab4be" + }, + "CVE-2014-0196": { + "cmt_msg": "n_tty: Fix n_tty_write crash when echoing in raw mode", + "cmt_id": "6d194d6e0d832e622d87b8dab4e2122c555a82e9" + }, + "CVE-2014-1737": { + "cmt_msg": "floppy: ignore kernel-only members in FDRAWCMD ioctl input", + "cmt_id": "fb9a2011887416ffdc576d10711dc196343aab69" + } + }, + "3.14.5": { + "CVE-2014-3144": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "72beb5639e05f940135ed00bc2fa0200d62074a6" + }, + "CVE-2014-3145": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "72beb5639e05f940135ed00bc2fa0200d62074a6" + }, + "CVE-2014-9715": { + "cmt_msg": "netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len", + "cmt_id": "7a6f558b35e2b196eca1d40b48d37e8bcdc73d19" + }, + "CVE-2014-7284": { + "cmt_msg": "net: avoid dependency of net_get_random_once on nop patching", + "cmt_id": "adeb3fe4ef6621793d7f1d6f0b9c9cc88827c5b7" + }, + "CVE-2014-2851": { + "cmt_msg": "net: ipv4: current group_info should be put after using.", + "cmt_id": "2089f7346ae535fa444853426adfafef25107247" + } + }, + "3.14.6": { + "CVE-2014-1739": { + "cmt_msg": "media-device: fix infoleak in ioctl media_enum_entities()", + "cmt_id": "429f444ee6aea8146c115dded7b8b0214cea5e2d" + }, + "CVE-2014-3153": { + "cmt_msg": "futex: Make lookup_pi_state more robust", + "cmt_id": "b1f9d594668d008cacd5679cfde675dcdb9f5f8f" + } + }, + "3.14.7": { + "CVE-2014-3940": { + "cmt_msg": "mm: add !pte_present() check on existing hugetlb_entry callbacks", + "cmt_id": "395982ce12b3aba14a197ead3e5828e77e11aec1" + } + }, + "3.14.8": { + "CVE-2014-3917": { + "cmt_msg": "auditsc: audit_krule mask accesses need bounds checking", + "cmt_id": "732eafc78bba8e18a51c169f3dc7f33cddcdc401" + }, + "CVE-2014-4157": { + "cmt_msg": "MIPS: asm: thread_info: Add _TIF_SECCOMP flag", + "cmt_id": "2cbbc2f411bebb054f258c648272f38e2a23e052" + }, + "CVE-2014-4014": { + "cmt_msg": "fs,userns: Change inode_capable to capable_wrt_inode_uidgid", + "cmt_id": "5bacea89dc8dfd3f7d7dfbed798f3b41d4f53c78" + } + }, + "3.14.9": { + "CVE-2014-0181": { + "cmt_msg": "net: Use netlink_ns_capable to verify the permisions of netlink messages", + "cmt_id": "be0ef855baab7248d0fc71cdf78a47fcfd3708f1" + }, + "CVE-2014-4611": { + "cmt_msg": "lz4: ensure length does not wrap", + "cmt_id": "5f32449c2863adf190b83402e9a4069cee054f9d" + }, + "CVE-2014-4667": { + "cmt_msg": "sctp: Fix sk_ack_backlog wrap-around problem", + "cmt_id": "4c6c201fa9aa76b57b98c993826c4bd9ecb0f264" + }, + "CVE-2014-9914": { + "cmt_msg": "ipv4: fix a race in ip4_datagram_release_cb()", + "cmt_id": "3480c0154964f155afef8abceb1118debaf3d5b3" + }, + "CVE-2014-4655": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "99e6d92ad48b8df440f9466c82c839b74ce95dcd" + }, + "CVE-2014-4654": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "99e6d92ad48b8df440f9466c82c839b74ce95dcd" + }, + "CVE-2014-4656": { + "cmt_msg": "ALSA: control: Handle numid overflow", + "cmt_id": "8e1853b436edc41ee4e0214cf5a2fc04201915f8" + }, + "CVE-2014-4653": { + "cmt_msg": "ALSA: control: Don't access controls outside of protected regions", + "cmt_id": "1637a83bb15491efb3e7c8cd746471ef3710e79d" + }, + "CVE-2014-4652": { + "cmt_msg": "ALSA: control: Protect user controls against concurrent access", + "cmt_id": "d8e2983ef545510f39b3b67d639d807672ee0893" + } + }, + "3.14.10": { + "CVE-2014-4508": { + "cmt_msg": "x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)", + "cmt_id": "b83627d417975fa8681344384ac55a1c4751f55f" + }, + "CVE-2014-0206": { + "cmt_msg": "aio: fix kernel memory disclosure in io_getevents() introduced in v3.10", + "cmt_id": "aa011e29c725b391e614ee7babe6f890a00e3fc5" + } + }, + "3.14.11": { + "CVE-2014-4699": { + "cmt_msg": "ptrace,x86: force IRET path after a ptrace_stop()", + "cmt_id": "b897eba830537e68a1a0a4b741c975ff705a4662" + } + }, + "3.14.14": { + "CVE-2014-4171": { + "cmt_msg": "shmem: fix faulting into a hole while it's punched", + "cmt_id": "dd78e88404ef8091f5f0132a53fdc084b3a6080b" + } + }, + "3.14.15": { + "CVE-2014-3534": { + "cmt_msg": "s390/ptrace: fix PSW mask check", + "cmt_id": "1967b156fd85702f52c5cffaaf7f8f03332ef49e" + }, + "CVE-2014-5045": { + "cmt_msg": "fs: umount on symlink leaks mnt count", + "cmt_id": "9b32e18d7ba2838991794893f10bf48805ef01ce" + } + }, + "3.14.17": { + "CVE-2014-5077": { + "cmt_msg": "net: sctp: inherit auth_capable on INIT collisions", + "cmt_id": "672fcd4d4631dc45c650cad3576f880c0907e2e3" + } + }, + "3.14.18": { + "CVE-2014-5472": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "3ca762283e2af911674dea8c54631d2d45b04dbf" + }, + "CVE-2014-5471": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "3ca762283e2af911674dea8c54631d2d45b04dbf" + }, + "CVE-2014-3182": { + "cmt_msg": "HID: logitech: perform bounds checking on device_id early enough", + "cmt_id": "b165b85cb5359d7d223b6d4fa645302891c44013" + }, + "CVE-2014-3184": { + "cmt_msg": "HID: fix a couple of off-by-ones", + "cmt_id": "1de1376b8e805c553d28354c9ae5d5fddb8bbff8" + }, + "CVE-2014-3185": { + "cmt_msg": "USB: whiteheat: Added bounds checking for bulk command response", + "cmt_id": "ebc8083c7fe92a2a4ab8eed0572882c3dfd3746a" + }, + "CVE-2014-3601": { + "cmt_msg": "kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)", + "cmt_id": "42a1927a7a1d9e9992a7d1cd43a797e461019e01" + } + }, + "3.14.19": { + "CVE-2014-3631": { + "cmt_msg": "KEYS: Fix termination condition in assoc array garbage collection", + "cmt_id": "1143261f66aec99fdfbc98903b55d51bb55572a1" + }, + "CVE-2014-6418": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "9956752afa398ea6e0c9c69b258be6afd73da4b1" + }, + "CVE-2014-5207": { + "cmt_msg": "mnt: Correct permission checks in do_remount", + "cmt_id": "92ecaf8784ebb728f2b147f5bfd9af5aa8a35f4e" + }, + "CVE-2014-5206": { + "cmt_msg": "mnt: Only change user settable mount flags in remount", + "cmt_id": "98e68ce8f4a6d3ad72243eecd1022ba120b515d2" + }, + "CVE-2014-6417": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "9956752afa398ea6e0c9c69b258be6afd73da4b1" + }, + "CVE-2014-6416": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "9956752afa398ea6e0c9c69b258be6afd73da4b1" + } + }, + "3.14.20": { + "CVE-2014-3181": { + "cmt_msg": "HID: magicmouse: sanity check report size in raw_event() callback", + "cmt_id": "6e4106ec619b16593d66ad6384f6f983d423ee0b" + }, + "CVE-2014-3186": { + "cmt_msg": "HID: picolcd: sanity check report size in raw_event() callback", + "cmt_id": "2c40d59997ed0b885ac31862e21cb5b84a3e7dca" + } + }, + "3.14.21": { + "CVE-2014-6410": { + "cmt_msg": "udf: Avoid infinite loop when processing indirect ICBs", + "cmt_id": "82335226733fdf82ee3f231c08269a17fd62a3fc" + } + }, + "3.14.23": { + "CVE-2014-4608": { + "cmt_msg": "lzo: check for length overrun in variable length encoding.", + "cmt_id": "7f5f71a9265d9829577393d9005b165f28b1cd77" + }, + "CVE-2014-7975": { + "cmt_msg": "fs: Add a missing permission check to do_umount", + "cmt_id": "dc3980ea4ad9d8d0b63b3cde732c9b95750208ce" + } + }, + "3.14.24": { + "CVE-2014-3647": { + "cmt_msg": "KVM: x86: Emulator fixes for eip canonical checks on near branches", + "cmt_id": "6dae4910cabb03b3a677facd8d1768fc47eef6ae" + }, + "CVE-2014-3646": { + "cmt_msg": "kvm: vmx: handle invvpid vm exit gracefully", + "cmt_id": "8b74c6f87d4baf5e48e44af2f90cda91ed7b848e" + }, + "CVE-2014-7970": { + "cmt_msg": "mnt: Prevent pivot_root from creating a loop in the mount tree", + "cmt_id": "f78da43d95e7331e4b6bb983eb393e404d51f372" + }, + "CVE-2014-3610": { + "cmt_msg": "KVM: x86: Check non-canonical addresses upon WRMSR", + "cmt_id": "44d1efb927e6dadb74b6620d1eed232708d75bac" + }, + "CVE-2014-3611": { + "cmt_msg": "KVM: x86: Improve thread safety in pit", + "cmt_id": "449a72277a5dc2a12cd114af3be81a56ad10cbd1" + }, + "CVE-2014-7826": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "14f83fe6c5d7cc0fcbaad7cbecb862fa48d92086" + }, + "CVE-2014-7825": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "14f83fe6c5d7cc0fcbaad7cbecb862fa48d92086" + } + }, + "3.14.25": { + "CVE-2014-3687": { + "cmt_msg": "net: sctp: fix panic on duplicate ASCONF chunks", + "cmt_id": "59ea8663e3a7fc3a0c2841e310b83f7aaec1c017" + }, + "CVE-2014-3673": { + "cmt_msg": "net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks", + "cmt_id": "e36b6ac9e011205eb7ad3af329dbd27a21bacd50" + }, + "CVE-2014-3688": { + "cmt_msg": "net: sctp: fix remote memory pressure from excessive queueing", + "cmt_id": "75680aa393f12465fc10642d2d55be49a333d828" + }, + "CVE-2014-7841": { + "cmt_msg": "net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet", + "cmt_id": "358905266ed83d4a9e693ae7ff86c1595220ec60" + }, + "CVE-2014-7843": { + "cmt_msg": "arm64: __clear_user: handle exceptions on strb", + "cmt_id": "c6f8075d3934e493980fe83f8a746d74b98f5e51" + }, + "CVE-2014-7842": { + "cmt_msg": "KVM: x86: Don't report guest userspace emulation error to userspace", + "cmt_id": "d8af79d3cb4a181d3265b1419e63828d2487b3df" + }, + "CVE-2014-8884": { + "cmt_msg": "ttusb-dec: buffer overflow in ioctl", + "cmt_id": "c8e0fd4818f29aaafafb01f0bacf376b86e82830" + } + }, + "3.14.26": { + "CVE-2014-9090": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "c6328855c41c28b2a53c7c6821af60dd3b41ddba" + }, + "CVE-2014-9322": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "c6328855c41c28b2a53c7c6821af60dd3b41ddba" + } + }, + "3.14.28": { + "CVE-2014-9419": { + "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES", + "cmt_id": "b7e804ab2e46308e54c0ec2b9e242271a455ddb8" + }, + "CVE-2014-9584": { + "cmt_msg": "isofs: Fix unchecked printing of ER records", + "cmt_id": "a3d4f59634f38d5236b182b403df74bbceeac7c9" + }, + "CVE-2014-9420": { + "cmt_msg": "isofs: Fix infinite looping over CE entries", + "cmt_id": "8190393a88f2b0321263a54f2a9eb5a2aa43be7e" + }, + "CVE-2014-8989": { + "cmt_msg": "userns: Don't allow setgroups until a gid mapping has been setablished", + "cmt_id": "f077e88fc9f0befcf0441be2fed9516881ab02ef" + }, + "CVE-2014-9683": { + "cmt_msg": "eCryptfs: Remove buggy and unnecessary write in file name decode routine", + "cmt_id": "a306ae6aaca17d46f63143c0c8a5f1c9cfe75b4b" + }, + "CVE-2014-8133": { + "cmt_msg": "x86/tls: Validate TLS entries to protect espfix", + "cmt_id": "aeb83c03a8f584ce0b9386761c22f145caced232" + }, + "CVE-2014-8134": { + "cmt_msg": "x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit", + "cmt_id": "c06c656494797804aa7f603df37208b61792d0d1" + } + }, + "3.14.29": { + "CVE-2014-9585": { + "cmt_msg": "x86_64, vdso: Fix the vdso address randomization algorithm", + "cmt_id": "67ff8e53620c9aa941a7e4abbbfd921b0c4f97f0" + } + }, + "3.14.30": { + "CVE-2014-9428": { + "cmt_msg": "batman-adv: Calculate extra tail size based on queued fragments", + "cmt_id": "73ef2a1c62d46a3260b0bceab99ca7b642f670dc" + } + }, + "3.14.31": { + "CVE-2014-9529": { + "cmt_msg": "KEYS: close race between key lookup and freeing", + "cmt_id": "cf69173f59163182c12e0ecbda52721397468763" + }, + "CVE-2014-9644": { + "cmt_msg": "crypto: include crypto- module prefix in template", + "cmt_id": "f6e8b55035cb1cc1b6ac054fbfed633177524362" + }, + "CVE-2013-7421": { + "cmt_msg": "crypto: prefix module autoloading with \"crypto-\"", + "cmt_id": "31c8446aacd8595a9de61610b2625bcf84e1b7aa" + } + }, + "3.14.33": { + "CVE-2014-3690": { + "cmt_msg": "x86,kvm,vmx: Preserve CR4 across VM entry", + "cmt_id": "5fb88e88031daf17e29ba5c679fe5ec4b8047e1a" + } + }, + "3.14.34": { + "CVE-2015-1421": { + "cmt_msg": "net: sctp: fix slab corruption from use after free on INIT collisions", + "cmt_id": "faf1368dedf9cc98ef35c9ec6d2677ff5e98b090" + } + }, + "3.14.35": { + "CVE-2015-1593": { + "cmt_msg": "x86, mm/ASLR: Fix stack randomization on 64-bit systems", + "cmt_id": "14a3e0c960668a161880301cb90f48f331117073" + } + }, + "3.14.36": { + "CVE-2015-2830": { + "cmt_msg": "x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization", + "cmt_id": "213c9f19d733b067b278901acf49d67e805a38b0" + } + }, + "3.14.37": { + "CVE-2016-0823": { + "cmt_msg": "pagemap: do not leak physical addresses to non-privileged userspace", + "cmt_id": "26f7f4d46a2cbfa6fbb633d228ec34cf969589d5" + }, + "CVE-2015-3331": { + "cmt_msg": "crypto: aesni - fix memory usage in GCM decryption", + "cmt_id": "e9b15363c10104a0823e5e2d360eab188f2b122f" + }, + "CVE-2015-2150": { + "cmt_msg": "xen-pciback: limit guest control of command register", + "cmt_id": "9cb8c24e612f1724fa85872205a1dfae7603d874" + } + }, + "3.14.39": { + "CVE-2015-2041": { + "cmt_msg": "net: llc: use correct size for sysctl timeout entries", + "cmt_id": "ecca64226ce2960280921e09ae33e90f82b5c408" + }, + "CVE-2015-2042": { + "cmt_msg": "net: rds: use correct size for max unacked packets and bytes", + "cmt_id": "2a9eb844a4c126b7e975a086f99f35699e88c011" + }, + "CVE-2015-3332": { + "cmt_msg": "tcp: Fix crash in TCP Fast Open", + "cmt_id": "79ea2bfc7d9cac1949bec2cb09b622becb7d54b6" + }, + "CVE-2014-8159": { + "cmt_msg": "IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic", + "cmt_id": "f40fc98d0b046ba153442b3bfd7887437f2ebd30" + } + }, + "3.14.40": { + "CVE-2014-8559": { + "cmt_msg": "move d_rcu from overlapping d_child to overlapping d_alias", + "cmt_id": "5c48ea64a86415fde0859267a194442d26d2e70c" + }, + "CVE-2014-8160": { + "cmt_msg": "netfilter: conntrack: disable generic tracking for known protocols", + "cmt_id": "efbf300ed821a533c3af71b1b122227febc28142" + }, + "CVE-2015-2922": { + "cmt_msg": "ipv6: Don't reduce hop limit for an interface", + "cmt_id": "01f69adac109867f892f12057660d891b34182f6" + }, + "CVE-2015-0239": { + "cmt_msg": "KVM: x86: SYSENTER emulation is broken", + "cmt_id": "ce5996929f2df50b1e37037a5a78d1269fbb5309" + } + }, + "3.14.41": { + "CVE-2015-6526": { + "cmt_msg": "powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH", + "cmt_id": "83dffc246d8b217cd9f577a8859c97b6054806cb" + }, + "CVE-2017-1000253": { + "cmt_msg": "fs/binfmt_elf.c: fix bug in loading of PIE binaries", + "cmt_id": "3d262151b457c3af845e460bd32a746691898a53" + } + }, + "3.14.42": { + "CVE-2015-3636": { + "cmt_msg": "ipv4: Missing sk_nulls_node_init() in ping_unhash().", + "cmt_id": "f493b53864236c924b61ef3ccbb759ac46419a32" + } + }, + "3.14.44": { + "CVE-2015-1420": { + "cmt_msg": "vfs: read file_handle only once in handle_to_path", + "cmt_id": "be647ca464ebd9e54bd142da8150b31492aa1878" + } + }, + "3.14.45": { + "CVE-2015-4700": { + "cmt_msg": "x86: bpf_jit: fix compilation of large bpf programs", + "cmt_id": "4ca11e9fe811defdf228d7f579e77b5350c96d02" + }, + "CVE-2015-5366": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "542744f265e23eca08f14a8748a3cbf5feb56cdf" + }, + "CVE-2015-4003": { + "cmt_msg": "ozwpan: divide-by-zero leading to panic", + "cmt_id": "c352bbe0f4b610a9f9f1327a63fd558a840afc85" + }, + "CVE-2015-4002": { + "cmt_msg": "ozwpan: Use proper check to prevent heap overflow", + "cmt_id": "b440eec2f2729ef6b224030894ea8880f2937371" + }, + "CVE-2015-5364": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "542744f265e23eca08f14a8748a3cbf5feb56cdf" + } + }, + "3.14.47": { + "CVE-2014-7822": { + "cmt_msg": "->splice_write() via ->write_iter()", + "cmt_id": "b292fc7723b66d9796ae550b284223d95019ac44" + }, + "CVE-2015-2666": { + "cmt_msg": "x86/microcode/intel: Guard against stack overflow in the loader", + "cmt_id": "77544e78c388cc755c056f451b322dedba991c0a" + }, + "CVE-2015-8950": { + "cmt_msg": "arm64: dma-mapping: always clear allocated buffers", + "cmt_id": "22ff38e850b7fc87bdcccbebe92c3e7764ffe389" + }, + "CVE-2014-9710": { + "cmt_msg": "Btrfs: make xattr replace operations atomic", + "cmt_id": "02590fd855d1690568b2fa439c942e933221b57a" + } + }, + "3.14.48": { + "CVE-2015-3212": { + "cmt_msg": "sctp: fix ASCONF list handling", + "cmt_id": "21eceec537c215824aa5939c0a4aab4a5a8978a4" + } + }, + "3.14.49": { + "CVE-2015-1333": { + "cmt_msg": "KEYS: ensure we free the assoc array edit if edit is valid", + "cmt_id": "c9cd9b18dac801040ada16562dc579d5ac366d75" + }, + "CVE-2015-9289": { + "cmt_msg": "cx24116: fix a buffer overflow when checking userspace params", + "cmt_id": "5cceed3976af74c7565636f0dfbcd1fc6817dc5d" + } + }, + "3.14.50": { + "CVE-2015-6252": { + "cmt_msg": "vhost: actually track log eventfd file", + "cmt_id": "a0a45c374d8478fb4ec2e3b4949e394d75ceb11a" + }, + "CVE-2015-3288": { + "cmt_msg": "mm: avoid setting up anonymous pages into file mapping", + "cmt_id": "9f7fa1bc5fb4414a75ea451859154a9930e47daf" + } + }, + "3.14.51": { + "CVE-2015-4692": { + "cmt_msg": "kvm: x86: fix kvm_apic_has_events to check for NULL pointer", + "cmt_id": "c76b576d5e9c2966847b08fa634ed395ac8f97b8" + }, + "CVE-2015-5706": { + "cmt_msg": "path_openat(): fix double fput()", + "cmt_id": "88b4f377466cb673777d27693acf70108a908106" + }, + "CVE-2015-5697": { + "cmt_msg": "md: use kzalloc() when bitmap is disabled", + "cmt_id": "adbbaa36dd55ff0bde07391d898779760b5206df" + }, + "CVE-2015-5707": { + "cmt_msg": "sg_start_req(): make sure that there's not too many elements in iovec", + "cmt_id": "08ac1787579cb8bd9e7333836269e76801905597" + } + }, + "3.14.54": { + "CVE-2015-3291": { + "cmt_msg": "x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection", + "cmt_id": "5f521316a9d5c70842744b8f3f872ab1a932711b" + }, + "CVE-2015-3290": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "66af900f21c6b0b1b59ac156245ca8d2b5d7b696" + }, + "CVE-2015-4167": { + "cmt_msg": "udf: Check length of extended attributes and allocation descriptors", + "cmt_id": "34820fc89c5e635b7381e4060931ca30a63d110a" + }, + "CVE-2015-5157": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "66af900f21c6b0b1b59ac156245ca8d2b5d7b696" + }, + "CVE-2015-8746": { + "cmt_msg": "NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client", + "cmt_id": "05c5d5c75b6e30af9b00ecd07eb9f2733741e8df" + }, + "CVE-2015-5283": { + "cmt_msg": "sctp: fix race on protocol/netns initialization", + "cmt_id": "62f575aaba7ae93a4e02029d30f9dcf69b84470f" + } + }, + "3.14.55": { + "CVE-2015-7613": { + "cmt_msg": "Initialize msg/shm IPC objects before doing ipc_addid()", + "cmt_id": "58c01a5074bc551a151b6b44f56ed40debd6b99d" + }, + "CVE-2015-5257": { + "cmt_msg": "USB: whiteheat: fix potential null-deref at probe", + "cmt_id": "fe6689e03318d5745d88328395fd326e08238533" + }, + "CVE-2015-2925": { + "cmt_msg": "dcache: Handle escaped paths in prepend_path", + "cmt_id": "cb1320693b9d8d32651a2bb7cd15498408732b8f" + } + }, + "3.14.57": { + "CVE-2015-4036": { + "cmt_msg": "vhost/scsi: potential memory corruption", + "cmt_id": "6c6216a01ac816230882c35de819e36ad1c40b0d" + } + }, + "3.14.58": { + "CVE-2015-5156": { + "cmt_msg": "virtio-net: drop NETIF_F_FRAGLIST", + "cmt_id": "6d419a0b5bcdfe5b2cc8821d11b102dba01b28f6" + }, + "CVE-2015-6937": { + "cmt_msg": "RDS: verify the underlying transport exists before creating a connection", + "cmt_id": "98a01278b20d7554be58dae60c9f25e62bcde9f6" + } + }, + "3.14.59": { + "CVE-2015-8543": { + "cmt_msg": "net: add validation for the socket syscall protocol argument", + "cmt_id": "49c9b76db37ecfbac70b0841438fbe9d446ceb52" + }, + "CVE-2016-0728": { + "cmt_msg": "KEYS: Fix keyring ref leak in join_session_keyring()", + "cmt_id": "2e647bca7a2c885acdcd89da631b8dd5edc9e310" + }, + "CVE-2015-7872": { + "cmt_msg": "KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring", + "cmt_id": "aad1f1b859a047397ffe0f0044d12408b2df94c9" + }, + "CVE-2015-7550": { + "cmt_msg": "KEYS: Fix race between read and revoke", + "cmt_id": "92264cc9c4636340a492d78f8f2ae3b3424e7fdd" + }, + "CVE-2015-8569": { + "cmt_msg": "pptp: verify sockaddr_len in pptp_bind() and pptp_connect()", + "cmt_id": "0b21a04d1ff604297995fe4a21bde8ba7333d42c" + }, + "CVE-2015-8575": { + "cmt_msg": "bluetooth: Validate socket address length in sco_sock_bind().", + "cmt_id": "f32e7aeb2d4e7b6427dc0ab630b851eed38b6d0a" + }, + "CVE-2013-7446": { + "cmt_msg": "unix: avoid use-after-free in ep_remove_wait_queue", + "cmt_id": "9d054f57adc981a5f503d5eb9b259aa450b90dc5" + } + }, + "3.14.60": { + "CVE-2015-7799": { + "cmt_msg": "isdn_ppp: Add checks for allocation failure in isdn_ppp_open()", + "cmt_id": "b22b5281ff0fae948bda39e2ecb7c135410eeee5" + }, + "CVE-2015-8845": { + "cmt_msg": "powerpc/tm: Check for already reclaimed tasks", + "cmt_id": "70812a4226708100041da6715a1d5bb2e3aebc34" + }, + "CVE-2015-8844": { + "cmt_msg": "powerpc/tm: Block signal return setting invalid MSR state", + "cmt_id": "a327f0569b21b62942dc28aacb9dbbda236ef7a2" + }, + "CVE-2016-2545": { + "cmt_msg": "ALSA: timer: Fix double unlink of active_list", + "cmt_id": "d7b84f78c7a0b8ba3fde43a64faf0d69ada4d987" + }, + "CVE-2016-2544": { + "cmt_msg": "ALSA: seq: Fix race at timer setup and close", + "cmt_id": "7038cd337653a65b779aeff9f161b937339b40e3" + }, + "CVE-2016-2547": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "ac5f6f7d25339feacc5f1dc39d3100e5520e7ca2" + }, + "CVE-2016-2546": { + "cmt_msg": "ALSA: timer: Fix race among timer ioctls", + "cmt_id": "7510c77227536d85013016289c96dd1fe212db77" + }, + "CVE-2016-2543": { + "cmt_msg": "ALSA: seq: Fix missing NULL check at remove_events ioctl", + "cmt_id": "9174b70002e1497e93242de7570a842497b3de97" + }, + "CVE-2013-4312": { + "cmt_msg": "unix: properly account for FDs passed over unix sockets", + "cmt_id": "aa51d1c24ec3b6605f7cc7ef500c96cd71d7ef90" + }, + "CVE-2016-2549": { + "cmt_msg": "ALSA: hrtimer: Fix stall by hrtimer_cancel()", + "cmt_id": "73672733af0278e554eec8fc33de13b0d4a860be" + }, + "CVE-2016-2548": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "ac5f6f7d25339feacc5f1dc39d3100e5520e7ca2" + } + }, + "3.14.61": { + "CVE-2016-2782": { + "cmt_msg": "USB: visor: fix null-deref at probe", + "cmt_id": "897d109d4b52532f7ecf24c4294f42d1e62b1289" + }, + "CVE-2016-2384": { + "cmt_msg": "ALSA: usb-audio: avoid freeing umidi object twice", + "cmt_id": "05dd81eafd796a5f1db09cc9fe2bff44cfd56dfe" + }, + "CVE-2016-2085": { + "cmt_msg": "EVM: Use crypto_memneq() for digest comparisons", + "cmt_id": "6121dabef629c5b584abd617bba87f420b7f4011" + }, + "CVE-2016-8646": { + "cmt_msg": "crypto: algif_hash - Only export and import on sockets with data", + "cmt_id": "d5cdc58aa3dca63c94e70c19199b795a362b0583" + }, + "CVE-2016-0723": { + "cmt_msg": "tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)", + "cmt_id": "a08f833c45a2e803183ae82c153694711dccc16f" + }, + "CVE-2015-7566": { + "cmt_msg": "USB: serial: visor: fix crash on detecting device without write_urbs", + "cmt_id": "e3b75da93491acc980573d6f06472225f81c93fe" + } + }, + "3.14.62": { + "CVE-2015-8785": { + "cmt_msg": "fuse: break infinite loop in fuse_fill_write_pages()", + "cmt_id": "7b54d4eea25df0cac10c9ccf353b36a62253547d" + } + }, + "3.14.63": { + "CVE-2015-8812": { + "cmt_msg": "iw_cxgb3: Fix incorrectly returning error on success", + "cmt_id": "8e0cb6c1f8c403c189b45b969540284862b30f85" + }, + "CVE-2015-8215": { + "cmt_msg": "ipv6: addrconf: validate new MTU before applying it", + "cmt_id": "db449d873870aee9161edb9259d72254987ad7c0" + } + }, + "3.14.65": { + "CVE-2016-3044": { + "cmt_msg": "KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit", + "cmt_id": "ef9dd54d0208f2bfb904f80a04bd963d10377b4e" + } + }, + "3.14.66": { + "CVE-2016-3137": { + "cmt_msg": "USB: cypress_m8: add endpoint sanity check", + "cmt_id": "59abff9d0ce434487cbfd8c25e75bb30d8be1a52" + }, + "CVE-2016-3689": { + "cmt_msg": "Input: ims-pcu - sanity check against missing interfaces", + "cmt_id": "665bbcb66051e1176a159d270e53d439f9dc8c80" + }, + "CVE-2016-9685": { + "cmt_msg": "xfs: fix two memory leaks in xfs_attr_list.c error paths", + "cmt_id": "8896de9c26019c13812015ccc5a4fc42c0e8402a" + }, + "CVE-2016-3140": { + "cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports", + "cmt_id": "91c4c149606657236e4a735778c7ca632e92bcd4" + }, + "CVE-2016-3136": { + "cmt_msg": "USB: mct_u232: add sanity checking in probe", + "cmt_id": "26f205bf2fa5aef26fd0762dbdf66198dfde924c" + }, + "CVE-2016-2185": { + "cmt_msg": "Input: ati_remote2 - fix crashes on detecting device with invalid descriptor", + "cmt_id": "52844be6f96c447577de40ea7d2f4019457a7dd9" + }, + "CVE-2016-2184": { + "cmt_msg": "ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()", + "cmt_id": "7963d34edc58f8e40c0891262cac6e443346313f" + }, + "CVE-2016-2186": { + "cmt_msg": "Input: powermate - fix oops with malicious USB descriptors", + "cmt_id": "5c91a520b0d6d2700c96d3b8198d7e3cfddce538" + }, + "CVE-2016-3138": { + "cmt_msg": "USB: cdc-acm: more sanity checking", + "cmt_id": "180aa6e45eb471aec123854df40d787c634943eb" + } + }, + "3.14.67": { + "CVE-2016-7117": { + "cmt_msg": "net: Fix use after free in the recvmmsg exit path", + "cmt_id": "902b916d00ba73095b58a9a8dfe926c6a7f635d5" + }, + "CVE-2016-4805": { + "cmt_msg": "ppp: take reference on channels netns", + "cmt_id": "2d6c3459438d6c0bab867b79c35db7e154648ad1" + } + }, + "3.14.68": { + "CVE-2016-3157": { + "cmt_msg": "x86/iopl/64: Properly context-switch IOPL on Xen PV", + "cmt_id": "c216658f5fda233ae3c27f8fbfe3b2498ebe75ab" + }, + "CVE-2016-3955": { + "cmt_msg": "USB: usbip: fix potential out-of-bounds write", + "cmt_id": "c9104ee05af3ecb2943872287da3d576b145c55f" + }, + "CVE-2016-2187": { + "cmt_msg": "Input: gtco - fix crash on detecting device without endpoints", + "cmt_id": "f090502c9f10046d293508f022ed00796a541b37" + }, + "CVE-2016-0821": { + "cmt_msg": "include/linux/poison.h: fix LIST_POISON{1,2} offset", + "cmt_id": "703d87a503141999a6749263d0a8caf038ce5b75" + }, + "CVE-2016-7914": { + "cmt_msg": "assoc_array: don't call compare_object() on a node", + "cmt_id": "523ef4db4dc8f2bdbe10262a7931d01a0c02d560" + } + }, + "3.14.69": { + "CVE-2016-7916": { + "cmt_msg": "proc: prevent accessing /proc/<PID>/environ until it's ready", + "cmt_id": "e9abb59f46beadb8d80d9e40c9c5e15b5e61b8d1" + } + }, + "3.14.70": { + "CVE-2016-4486": { + "cmt_msg": "net: fix infoleak in rtnetlink", + "cmt_id": "c1e797692b97ec480bc0e940cc022823e3cc40c9" + }, + "CVE-2016-2117": { + "cmt_msg": "atl2: Disable unimplemented scatter/gather feature", + "cmt_id": "d6b8a68ac7b6d2e241f8d34b769c98a1793d9124" + }, + "CVE-2016-4485": { + "cmt_msg": "net: fix infoleak in llc", + "cmt_id": "f3a0b05e04b862ffc549b5635339a5cee00da34d" + }, + "CVE-2016-4913": { + "cmt_msg": "get_rock_ridge_filename(): handle malformed NM entries", + "cmt_id": "dc7e3177f3cefcbecda0e4266cd554866ff2caea" + }, + "CVE-2016-4580": { + "cmt_msg": "net: fix a kernel infoleak in x25 module", + "cmt_id": "a1f85b3a66d74389417e86505013e51a06b789f0" + } + }, + "3.14.71": { + "CVE-2016-9754": { + "cmt_msg": "ring-buffer: Prevent overflow of size in ring_buffer_resize()", + "cmt_id": "50b139ab8606ebe66da507dddbc838baa5cfbf61" + } + }, + "3.14.73": { + "CVE-2016-4998": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "f216289025f02e99628d6783f251f3a9d1966cad" + }, + "CVE-2016-3134": { + "cmt_msg": "netfilter: x_tables: fix unconditional helper", + "cmt_id": "a1a184a2f31575dba677514f2de22ddf1671ad81" + }, + "CVE-2016-4997": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "f216289025f02e99628d6783f251f3a9d1966cad" + }, + "CVE-2016-9806": { + "cmt_msg": "netlink: Fix dump skb leak/double free", + "cmt_id": "33f04a1a2c102c19673b95709c0246509fd24f25" + }, + "CVE-2016-2847": { + "cmt_msg": "pipe: limit the per-user amount of pages allocated in pipes", + "cmt_id": "c098acd272f1323e47ca52ec016f1a62d26b6573" + } + }, + "3.14.74": { + "CVE-2016-5828": { + "cmt_msg": "powerpc/tm: Always reclaim in start_thread() for exec() class syscalls", + "cmt_id": "ff19f63ed47309550b47831ac39176d9910fadfe" + }, + "CVE-2016-1237": { + "cmt_msg": "posix_acl: Add set_posix_acl", + "cmt_id": "8977f46fff476e4a5c5ab270a78c9ab8b548d645" + }, + "CVE-2016-5829": { + "cmt_msg": "HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands", + "cmt_id": "22e658d19a1a64512d49de2632ad2124e6f9e429" + }, + "CVE-2016-4470": { + "cmt_msg": "KEYS: potential uninitialized variable", + "cmt_id": "ff1dcd2a19f8203324cba737a54707a1ee3f98ea" + } + }, + "3.14.75": { + "CVE-2016-4569": { + "cmt_msg": "ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS", + "cmt_id": "a4eabc8c16004cc41f6a71c31cf7e349fa6efe50" + }, + "CVE-2016-4578": { + "cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback", + "cmt_id": "414d03573fe4e942f07b1c3c8750227c6be0b061" + } + }, + "3.14.76": { + "CVE-2016-5696": { + "cmt_msg": "tcp: make challenge acks less predictable", + "cmt_id": "860c53258e634c54f70252c352bae7bac30724a9" + }, + "CVE-2016-4565": { + "cmt_msg": "IB/security: Restrict use of the write() interface", + "cmt_id": "c96c87e19293995d5adde47bb20ae827e8b73607" + }, + "CVE-2016-2069": { + "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization", + "cmt_id": "1b8542cd64724bb7b61dcc0ccfe0ccbefff1bc2d" + }, + "CVE-2016-3951": { + "cmt_msg": "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind", + "cmt_id": "0c17e10854221a4b59bb0266f60cac96f2ad225a" + }, + "CVE-2017-7495": { + "cmt_msg": "ext4: fix data exposure after a crash", + "cmt_id": "6e853b165d44b259960e6c99e030962dda957475" + }, + "CVE-2015-8816": { + "cmt_msg": "USB: fix invalid memory access in hub_activate()", + "cmt_id": "627c25d08197bafc328d9ac841dfc1a143806a71" + }, + "CVE-2016-7910": { + "cmt_msg": "block: fix use-after-free in seq file", + "cmt_id": "8cb3a41575d84a56f9dd7686286aafd84e5313c3" + }, + "CVE-2016-3070": { + "cmt_msg": "mm: migrate dirty page without clear_page_dirty_for_io etc", + "cmt_id": "53a35fd395a1d7fdcab6477621358833ea27897b" + }, + "CVE-2015-8767": { + "cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event", + "cmt_id": "a4377c6e467b0b8420ee2d4384ae582ed506ee86" + }, + "CVE-2016-3857": { + "cmt_msg": "arm: oabi compat: add missing access checks", + "cmt_id": "e380a2712ff17b87a0fee55143862c998098144c" + } + }, + "3.14.77": { + "CVE-2016-10229": { + "cmt_msg": "udp: properly support MSG_PEEK with truncated buffers", + "cmt_id": "3acd7bf39cdb109aaaef2ec4819cca7088218a4b" + }, + "CVE-2016-4482": { + "cmt_msg": "USB: usbfs: fix potential infoleak in devio", + "cmt_id": "fd13a6831e1c770e20619efb48be360c24574717" + } + }, + "3.14.78": { + "CVE-2016-6480": { + "cmt_msg": "aacraid: Check size values after double-fetch from user", + "cmt_id": "67d4aa44188d0da7f661972a88f9ac448e4fd2fe" + } + }, + "3.14.79": { + "CVE-2016-6130": { + "cmt_msg": "s390/sclp_ctl: fix potential information leak with /dev/sclp", + "cmt_id": "78a4260f1fad5cfc6ad7cf6e01a93a2fed0d0e3e" + }, + "CVE-2016-5244": { + "cmt_msg": "rds: fix an infoleak in rds_inc_info_copy", + "cmt_id": "d57906c6850c5bb9a93841da3deb6df53135d133" + } + }, + "outstanding": { + "CVE-2017-5897": { + "cmt_msg": "ip6_gre: fix ip6gre_err() invalid reads" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary" + }, + "CVE-2017-10662": { + "cmt_msg": "f2fs: sanity check segment count" + }, + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected" + }, + "CVE-2016-9793": { + "cmt_msg": "net: avoid signed overflows for SO_{SND|RCV}BUFFORCE" + }, + "CVE-2017-15102": { + "cmt_msg": "usb: misc: legousbtower: Fix NULL pointer deference" + }, + "CVE-2016-9794": { + "cmt_msg": "ALSA: pcm : Call kill_fasync() in stream lock" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp" + }, + "CVE-2016-10044": { + "cmt_msg": "aio: mark AIO pseudo-fs noexec" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2016-6828": { + "cmt_msg": "tcp: fix use after free in tcp_xmit_retransmit_queue()" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level" + }, + "CVE-2017-5551": { + "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks" + }, + "CVE-2015-4177": { + "cmt_msg": "mnt: Fail collect_mounts when applied to unmounted mounts" + }, + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()" + }, + "CVE-2015-8553": { + "cmt_msg": "xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set." + }, + "CVE-2015-8552": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2015-4178": { + "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." + }, + "CVE-2016-10906": { + "cmt_msg": "net: arc_emac: fix koops caused by sk_buff free" + }, + "CVE-2016-10905": { + "cmt_msg": "GFS2: don't set rgrp gl_object until it's inserted into rgrp tree" + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2017-7518": { + "cmt_msg": "KVM: x86: fix singlestepping over syscall" + }, + "CVE-2021-39714": { + "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit" + }, + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl" + }, + "CVE-2017-13215": { + "cmt_msg": "crypto: algif_skcipher - Load TX SG list after waiting" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated" + }, + "CVE-2017-2618": { + "cmt_msg": "selinux: fix off-by-one in setprocattr" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2014-9717": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow" + }, + "CVE-2015-8955": { + "cmt_msg": "arm64: perf: reject groups spanning multiple HW PMUs" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2015-9016": { + "cmt_msg": "blk-mq: fix race between timeout and freeing request" + }, + "CVE-2015-8952": { + "cmt_msg": "ext2: convert to mbcache2" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." + }, + "CVE-2016-8645": { + "cmt_msg": "tcp: take care of truncations done by sk_filter()" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc" + }, + "CVE-2015-1350": { + "cmt_msg": "fs: Avoid premature clearing of capabilities" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2015-8104": { + "cmt_msg": "KVM: svm: unconditionally intercept #DB" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2017-18509": { + "cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt" + }, + "CVE-2017-5986": { + "cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race" + }, + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2017-2583": { + "cmt_msg": "KVM: x86: fix emulation of \"MOV SS, null selector\"" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2017-2584": { + "cmt_msg": "KVM: x86: Introduce segmented_write_std" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()" + }, + "CVE-2016-2143": { + "cmt_msg": "s390/mm: four page table levels vs. fork" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2017-6001": { + "cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2017-5967": { + "cmt_msg": "time: Remove CONFIG_TIMER_STATS" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length" + }, + "CVE-2017-8106": { + "cmt_msg": "KVM: nVMX: Don't advertise single context invalidation for invept" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" + }, + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"" + }, + "CVE-2016-5728": { + "cmt_msg": "misc: mic: Fix for double fetch security bug in VOP driver" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2016-9178": { + "cmt_msg": "fix minor infoleak in get_user_ex()" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()." + }, + "CVE-2014-9922": { + "cmt_msg": "fs: limit filesystem stacking depth" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2017-6345": { + "cmt_msg": "net/llc: avoid BUG_ON() in skb_orphan()" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped" + }, + "CVE-2018-7480": { + "cmt_msg": "blkcg: fix double free of new_blkg in blkcg_init_queue" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2016-6327": { + "cmt_msg": "IB/srpt: Simplify srpt_handle_tsk_mgmt()" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2016-3139": { + "cmt_msg": "Input: wacom - compute the HID report size to get the actual packet size" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow" + }, + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report" + }, + "CVE-2015-7885": { + "cmt_msg": "staging/dgnc: fix info leak in ioctl" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding" + }, + "CVE-2017-8797": { + "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" + }, + "CVE-2015-5307": { + "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy" + }, + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits." + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2016-6213": { + "cmt_msg": "mnt: Add a per mount namespace limit on the number of mounts" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control" + }, + "CVE-2016-10200": { + "cmt_msg": "l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2016-10208": { + "cmt_msg": "ext4: validate s_first_meta_bg at mount time" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash" + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak." + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount" + }, + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM" + }, + "CVE-2016-9555": { + "cmt_msg": "sctp: validate chunk len before actually using it" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2014-4943": { + "cmt_msg": "net/l2tp: don't fall back on UDP [get|set]sockopt" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2015-7513": { + "cmt_msg": "KVM: x86: Reload pit counters for all channels when restoring state" + }, + "CVE-2015-7515": { + "cmt_msg": "Input: aiptek - fix crash on detecting device without endpoints" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" + }, + "CVE-2017-7346": { + "cmt_msg": "drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring" + }, + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity" + }, + "CVE-2017-18017": { + "cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2016-7042": { + "cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2017-18261": { + "cmt_msg": "clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables" + }, + "CVE-2017-11472": { + "cmt_msg": "ACPICA: Namespace: fix operand cache leak" + }, + "CVE-2016-9120": { + "cmt_msg": "staging/android/ion : fix a race condition in the ion driver" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held" + }, + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly" + }, + "CVE-2018-9422": { + "cmt_msg": "futex: Remove requirement for lock_page() in get_futex_key()" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings" + }, + "CVE-2015-8551": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl" + }, + "CVE-2015-8550": { + "cmt_msg": "xen: Add RING_COPY_REQUEST()" + }, + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap" + }, + "CVE-2017-15868": { + "cmt_msg": "Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2016-3672": { + "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32" + }, + "CVE-2015-9004": { + "cmt_msg": "perf: Tighten (and fix) the grouping condition" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue" + }, + "CVE-2014-3180": { + "cmt_msg": "compat: nanosleep: Clarify error handling" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2016-8633": { + "cmt_msg": "firewire: net: guard against rx buffer overflows" + }, + "CVE-2016-8632": { + "cmt_msg": "tipc: check minimum bearer MTU" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper()." + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls" + }, + "CVE-2016-7915": { + "cmt_msg": "HID: core: prevent out-of-bound readings" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2016-7917": { + "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages" + }, + "CVE-2016-7911": { + "cmt_msg": "block: fix use-after-free in sys_ioprio_get()" + }, + "CVE-2016-7913": { + "cmt_msg": "[media] xc2028: avoid use after free" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size" + }, + "CVE-2016-0758": { + "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing" + }, + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2017-10810": { + "cmt_msg": "drm/virtio: don't leak bo on drm_gem_object_init failure" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2016-9588": { + "cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2017-13167": { + "cmt_msg": "ALSA: timer: Fix race at concurrent reads" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()" + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2016-3156": { + "cmt_msg": "ipv4: Don't do expensive useless work during inetdev destroy." + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2014-7145": { + "cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key" + }, + "CVE-2017-0750": { + "cmt_msg": "f2fs: do more integrity verification for superblock" + }, + "CVE-2019-11190": { + "cmt_msg": "binfmt_elf: switch to new creds when switching to new mm" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2016-5195": { + "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2017-13305": { + "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" + }, + "CVE-2017-13220": { + "cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()" + }, + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers" + }, + "CVE-2017-18255": { + "cmt_msg": "perf/core: Fix the perf_cpu_time_max_percent check" + }, + "CVE-2017-7273": { + "cmt_msg": "HID: hid-cypress: validate length of report" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2016-7097": { + "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" + }, + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" + }, + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe" + }, + "CVE-2017-16536": { + "cmt_msg": "[media] cx231xx-cards: fix NULL-deref on missing association descriptor" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2016-9084": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2016-9083": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2017-18221": { + "cmt_msg": "mlock: fix mlock count can not decrease in race condition" + }, + "CVE-2020-0066": { + "cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2017-18552": { + "cmt_msg": "RDS: validate the requested traces user input against max supported" + }, + "CVE-2015-8839": { + "cmt_msg": "ext4: fix races between page faults and hole punching" + }, + "CVE-2014-9731": { + "cmt_msg": "udf: Check path length when reading symlink" + }, + "CVE-2014-9730": { + "cmt_msg": "udf: Check component length before reading it" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2015-8830": { + "cmt_msg": "aio: lift iov_iter_init() into aio_setup_..._rw()" + }, + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf" + }, + "CVE-2016-10741": { + "cmt_msg": "xfs: don't BUG() on mixed direct and mapped I/O" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" + }, + "CVE-2016-8666": { + "cmt_msg": "tunnels: Don't apply GRO to multiple layers of encapsulation." + }, + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free" + }, + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2016-2053": { + "cmt_msg": "ASN.1: Fix non-match detection failure on data overrun" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2018-1066": { + "cmt_msg": "CIFS: Enable encryption during session setup phase" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2016-8405": { + "cmt_msg": "fbdev: color map copying bounds checking" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" + }, + "CVE-2016-10088": { + "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS" + }, + "CVE-2021-20261": { + "cmt_msg": "floppy: fix lock_fdc() signal handling" + }, + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2016-6136": { + "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2015-8019": { + "cmt_msg": "net: add length argument to skb_copy_and_csum_datagram_iovec" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind." + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent" + }, + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring" + }, + "CVE-2015-8374": { + "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents" + }, + "CVE-2017-7533": { + "cmt_msg": "dentry name snapshots" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2014-9904": { + "cmt_msg": "ALSA: compress: fix an integer overflow check" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2015-1805": { + "cmt_msg": "new helper: copy_page_from_iter()" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs" + }, + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination" + }, + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper" + }, + "CVE-2015-8970": { + "cmt_msg": "crypto: algif_skcipher - Require setkey before accept(2)" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2016-7425": { + "cmt_msg": "scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" + }, + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2017-2647": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2019-2054": { + "cmt_msg": "arm/ptrace: run seccomp after ptrace" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure" + }, + "CVE-2016-10147": { + "cmt_msg": "crypto: mcryptd - Check mcryptd algorithm compatibility" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2017-15116": { + "cmt_msg": "crypto: rng - Remove old low-level rng interface" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8" + }, + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()" + }, + "CVE-2016-1583": { + "cmt_msg": "proc: prevent stacking filesystems on top" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas" + }, + "CVE-2015-3339": { + "cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2016-6787": { + "cmt_msg": "perf: Fix event->ctx locking" + }, + "CVE-2016-6786": { + "cmt_msg": "perf: Fix event->ctx locking" + }, + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2014-9940": { + "cmt_msg": "regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing" + }, + "CVE-2017-5549": { + "cmt_msg": "USB: serial: kl5kusb105: fix line-state error handling" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2017-8831": { + "cmt_msg": "[media] saa7164: fix double fetch PCIe access condition" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()" + }, + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios" + }, + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie" + }, + "CVE-2017-18249": { + "cmt_msg": "f2fs: fix race condition in between free nid allocator/initializer" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2016-5243": { + "cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2017-9725": { + "cmt_msg": "mm: cma: fix incorrect type conversion for size during dma allocation" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2014-9728": { + "cmt_msg": "udf: Verify i_size when loading inode" + }, + "CVE-2014-9729": { + "cmt_msg": "udf: Verify i_size when loading inode" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error" + }, + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()" + }, + "CVE-2016-8650": { + "cmt_msg": "mpi: Fix NULL ptr dereference in mpi_powm() " + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2016-8655": { + "cmt_msg": "packet: fix race condition in packet_set_ring" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2016-8658": { + "cmt_msg": "brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key" + }, + "CVE-2016-3841": { + "cmt_msg": "ipv6: add complete rcu protection around np->opt" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2016-3961": { + "cmt_msg": "x86/mm/xen: Suppress hugetlbfs in PV guests" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2020-14305": { + "cmt_msg": "netfilter: helpers: remove data_len usage for inkernel helpers" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2017-8065": { + "cmt_msg": "crypto: ccm - move cbcmac input off the stack" + }, + "CVE-2017-8064": { + "cmt_msg": "[media] dvb-usb-v2: avoid use-after-free" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails" + }, + "CVE-2015-0274": { + "cmt_msg": "xfs: remote attribute overwrite causes transaction overrun" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2015-4176": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2020-10742": { + "cmt_msg": "new helper: iov_iter_get_pages_alloc()" + }, + "CVE-2017-12168": { + "cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2017-6951": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-9605": { + "cmt_msg": "drm/vmwgfx: Make sure backup_handle is always valid" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2017-6214": { + "cmt_msg": "tcp: avoid infinite loop in tcp_splice_read()" + }, + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it" + }, + "CVE-2016-6198": { + "cmt_msg": "vfs: add vfs_select_inode() helper" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2016-6197": { + "cmt_msg": "ovl: verify upper dentry before unlink and rename" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2016-9191": { + "cmt_msg": "sysctl: Drop reference added by grab_header in proc_sys_readdir" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2015-8709": { + "cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks" + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size" + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2016-9644": { + "cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2015-8964": { + "cmt_msg": "tty: Prevent ldisc drivers from re-using stale tty fields" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2015-8966": { + "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()" + }, + "CVE-2015-8967": { + "cmt_msg": "arm64: make sys_call_table const" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2015-8962": { + "cmt_msg": "sg: Fix double-free when drives detach during SG_IO" + }, + "CVE-2015-8963": { + "cmt_msg": "perf: Fix race in swevent hash" + }, + "CVE-2019-3837": { + "cmt_msg": "net_dma: simple removal" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer" + }, + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2014-9803": { + "cmt_msg": "Revert \"arm64: Introduce execute-only page access permissions\"" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2017-5972": { + "cmt_msg": "tcp: do not lock listener to process SYN packets" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2017-5970": { + "cmt_msg": "ipv4: keep skb->dst around in presence of IP options" + }, + "CVE-2015-4004": { + "cmt_msg": "staging: ozwpan: Remove from tree" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2015-4001": { + "cmt_msg": "ozwpan: Use unsigned ints to prevent heap overflow" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer" + }, + "CVE-2019-3901": { + "cmt_msg": "perf/core: Fix perf_event_open() vs. execve() race" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" + } + } + }, + "3.16": { + "3.16": { + "CVE-2014-5077": { + "cmt_msg": "net: sctp: inherit auth_capable on INIT collisions", + "cmt_id": "1be9a950c646c9092fb3618197f7b6bfb50e82aa" + } + }, + "3.16.2": { + "CVE-2014-5472": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "32134a15e8a2a5024806dc8f794df18ae3564f00" + }, + "CVE-2014-5471": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "32134a15e8a2a5024806dc8f794df18ae3564f00" + }, + "CVE-2014-3182": { + "cmt_msg": "HID: logitech: perform bounds checking on device_id early enough", + "cmt_id": "e98c81884fe28d29a48a6dfa6512deccb8482fb7" + }, + "CVE-2014-3183": { + "cmt_msg": "HID: logitech: fix bounds checking on LED report size", + "cmt_id": "b8c0d10f1f43301bab6146874963749003a3d567" + }, + "CVE-2014-3184": { + "cmt_msg": "HID: fix a couple of off-by-ones", + "cmt_id": "fc1d74628298b9c14bd978ada534731e369dc29c" + }, + "CVE-2014-3185": { + "cmt_msg": "USB: whiteheat: Added bounds checking for bulk command response", + "cmt_id": "cf89514aaaf8004b3d180b797e7e6d4bc95a4c74" + }, + "CVE-2014-3601": { + "cmt_msg": "kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)", + "cmt_id": "35df08d69519d3a0e92c18b62e434c926ba63164" + } + }, + "3.16.3": { + "CVE-2014-3631": { + "cmt_msg": "KEYS: Fix termination condition in assoc array garbage collection", + "cmt_id": "a4b9e45fed010808c2b0c38d243a7a2b4adb512b" + }, + "CVE-2014-6418": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "346acdffbb4a12f7f77a3fb0f6453a2bc1454b4f" + }, + "CVE-2014-5207": { + "cmt_msg": "mnt: Correct permission checks in do_remount", + "cmt_id": "3ed889bb32afa24e5ee77a3b40c7c8088b16eedf" + }, + "CVE-2014-5206": { + "cmt_msg": "mnt: Only change user settable mount flags in remount", + "cmt_id": "3995f446f4e51fb781467d6da1673cf4631634ff" + }, + "CVE-2014-6417": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "346acdffbb4a12f7f77a3fb0f6453a2bc1454b4f" + }, + "CVE-2014-6416": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "346acdffbb4a12f7f77a3fb0f6453a2bc1454b4f" + } + }, + "3.16.4": { + "CVE-2014-3181": { + "cmt_msg": "HID: magicmouse: sanity check report size in raw_event() callback", + "cmt_id": "249b61a6ba71975a83031c06b22013a37619a8b7" + }, + "CVE-2014-3186": { + "cmt_msg": "HID: picolcd: sanity check report size in raw_event() callback", + "cmt_id": "0db6de5fa66e02a03089d69bdc5db6d6947ed76b" + } + }, + "3.16.5": { + "CVE-2014-6410": { + "cmt_msg": "udf: Avoid infinite loop when processing indirect ICBs", + "cmt_id": "7478bcf7d5594fba7a98b8fef615e8924caf7977" + } + }, + "3.16.7": { + "CVE-2014-3690": { + "cmt_msg": "x86,kvm,vmx: Preserve CR4 across VM entry", + "cmt_id": "c047faa77f4324ed8f3b3a5c48f6e3ae0f658d8f" + }, + "CVE-2014-4608": { + "cmt_msg": "lzo: check for length overrun in variable length encoding.", + "cmt_id": "7e70a797fb587ed0ce86f8d52cbb3a0f88d3ac3f" + }, + "CVE-2014-7975": { + "cmt_msg": "fs: Add a missing permission check to do_umount", + "cmt_id": "c436c9115dab21fbdcae850e324d7ac3f73f04b7" + } + }, + "3.16.35": { + "CVE-2016-7913": { + "cmt_msg": "xc2028: avoid use after free", + "cmt_id": "e6cb39ac3f31cb5409f4078a0f0f8e7c25e48a98" + }, + "CVE-2016-3140": { + "cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports", + "cmt_id": "68833f4975aa22c57a99a84987d5158912406acb" + }, + "CVE-2016-2782": { + "cmt_msg": "USB: visor: fix null-deref at probe", + "cmt_id": "2e943fbce619e71cd28adc23abe2104f5675bdc3" + }, + "CVE-2015-6526": { + "cmt_msg": "powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH", + "cmt_id": "1564ecf19e3b5e92b48531d580c3da04131596d5" + }, + "CVE-2015-9289": { + "cmt_msg": "cx24116: fix a buffer overflow when checking userspace params", + "cmt_id": "9bd2b656ff48dd870cc89679edf122cdca21399a" + }, + "CVE-2015-5707": { + "cmt_msg": "sg_start_req(): make sure that there's not too many elements in iovec", + "cmt_id": "2558b5b7ab218804ee03f5f13c0d3036e409dabe" + }, + "CVE-2015-0239": { + "cmt_msg": "KVM: x86: SYSENTER emulation is broken", + "cmt_id": "f280f83b5240101dc90d9b702b49c977ed097458" + }, + "CVE-2015-5257": { + "cmt_msg": "USB: whiteheat: fix potential null-deref at probe", + "cmt_id": "73e6391770a65856100661b56bcfa4b37bd0a98e" + }, + "CVE-2015-8970": { + "cmt_msg": "crypto: algif_skcipher - Require setkey before accept(2)", + "cmt_id": "21a017c3cb97b376833e1b70898ef3f95bc9fc2a" + }, + "CVE-2016-3136": { + "cmt_msg": "USB: mct_u232: add sanity checking in probe", + "cmt_id": "f3b7e0bf67ed9e3ecffbf1260f01794668398125" + }, + "CVE-2016-3955": { + "cmt_msg": "USB: usbip: fix potential out-of-bounds write", + "cmt_id": "87cfd54498d490a8bc460fd24f7e55b202c4cacd" + }, + "CVE-2016-3951": { + "cmt_msg": "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind", + "cmt_id": "40180f6f7410d7e6a2472eef65c408c9648c9ef3" + }, + "CVE-2014-9419": { + "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES", + "cmt_id": "82def0d6911ef554d8e3df4223755c2cbb1dd64d" + }, + "CVE-2015-8104": { + "cmt_msg": "KVM: svm: unconditionally intercept #DB", + "cmt_id": "13961a1784d20cc45210b664c6c2d0df6d2983c1" + }, + "CVE-2020-0066": { + "cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC", + "cmt_id": "9a11693d3def10330247d13f2db043d185002b8f" + }, + "CVE-2015-4700": { + "cmt_msg": "x86: bpf_jit: fix compilation of large bpf programs", + "cmt_id": "e0373a44e98aaf3b1c2ca0830b7b9e2e516f9bba" + }, + "CVE-2015-8551": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "cb968d816e128f3c652f5a493d9a5cdd91490570" + }, + "CVE-2015-5156": { + "cmt_msg": "virtio-net: drop NETIF_F_FRAGLIST", + "cmt_id": "319e98c7b06b67d7005911d47949bfbc1be4eaaf" + }, + "CVE-2015-5157": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "67b91ab31375fb40d66673ec4dd3f2d135e986dc" + }, + "CVE-2016-2186": { + "cmt_msg": "Input: powermate - fix oops with malicious USB descriptors", + "cmt_id": "f1782c9cd0966146457368672a25e4509a484ef6" + }, + "CVE-2015-5364": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "95ffa33e3c2706f1da6f2b4a695a416cf7edf759" + }, + "CVE-2015-5366": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "95ffa33e3c2706f1da6f2b4a695a416cf7edf759" + }, + "CVE-2014-9731": { + "cmt_msg": "udf: Check path length when reading symlink", + "cmt_id": "05e7da65962e15223e2783c09158e0a3aa1e1028" + }, + "CVE-2014-9730": { + "cmt_msg": "udf: Check component length before reading it", + "cmt_id": "eee3ed05f6f33ce7f226119713c572db9b71060c" + }, + "CVE-2013-4312": { + "cmt_msg": "unix: properly account for FDs passed over unix sockets", + "cmt_id": "660f0e9358bc1a8e05a2675f4320935ad5c249bf" + }, + "CVE-2016-0821": { + "cmt_msg": "include/linux/poison.h: fix LIST_POISON{1,2} offset", + "cmt_id": "eb99153be3ae70672c8074dc89ac8c01828840fc" + }, + "CVE-2016-0823": { + "cmt_msg": "pagemap: do not leak physical addresses to non-privileged userspace", + "cmt_id": "948e681e8731ab8b49d81d4a5b61b5bf3b3e6152" + }, + "CVE-2015-3291": { + "cmt_msg": "x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection", + "cmt_id": "84b6f86649f5e84d2619c569ea0d3dc88d47d4ad" + }, + "CVE-2015-3290": { + "cmt_msg": "x86/nmi/64: Switch stacks on userspace NMI entry", + "cmt_id": "67b91ab31375fb40d66673ec4dd3f2d135e986dc" + }, + "CVE-2016-2069": { + "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization", + "cmt_id": "bab48cc44e14c26385de1f887f4bf320e8c3a6f0" + }, + "CVE-2016-8666": { + "cmt_msg": "tunnels: Don't apply GRO to multiple layers of encapsulation.", + "cmt_id": "23cca87ff225c1c7327a715db1bcc98a241b0efa" + }, + "CVE-2015-8746": { + "cmt_msg": "NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client", + "cmt_id": "6a64d8c4c07c176abee384803f28fa1507963369" + }, + "CVE-2015-3212": { + "cmt_msg": "sctp: fix ASCONF list handling", + "cmt_id": "0eb5cd451203706dad35fd971a420c3cfaf371c8" + }, + "CVE-2014-3687": { + "cmt_msg": "net: sctp: fix panic on duplicate ASCONF chunks", + "cmt_id": "790395f95e3b8d81bf681a2a535443c70a111f66" + }, + "CVE-2015-8550": { + "cmt_msg": "xen: Add RING_COPY_REQUEST()", + "cmt_id": "f75855ceeff75ea8cebcd3e8df79e76292493735" + }, + "CVE-2015-8553": { + "cmt_msg": "xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.", + "cmt_id": "68f3d7217c7407311a9ca974f3506faaa1a7f4bf" + }, + "CVE-2015-7513": { + "cmt_msg": "KVM: x86: Reload pit counters for all channels when restoring state", + "cmt_id": "a3aa388ced6b0b224d3a6dc3acfb12f525d2ee5c" + }, + "CVE-2016-4805": { + "cmt_msg": "ppp: take reference on channels netns", + "cmt_id": "6ab3a4331a1de5a20c3dc97f5211d00f1b35ce50" + }, + "CVE-2015-7515": { + "cmt_msg": "Input: aiptek - fix crash on detecting device without endpoints", + "cmt_id": "24b12688c53a46545a723cf084e25afde2ba39f3" + }, + "CVE-2014-9420": { + "cmt_msg": "isofs: Fix infinite looping over CE entries", + "cmt_id": "56221fafe328a503579a49b5157543f7eaa2204a" + }, + "CVE-2015-7613": { + "cmt_msg": "Initialize msg/shm IPC objects before doing ipc_addid()", + "cmt_id": "792d3057eb976a74671c406a6b70a73652cd01e2" + }, + "CVE-2014-9728": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "66c88eab4e8c6bb36afa48bf524870d957547f2e" + }, + "CVE-2014-8133": { + "cmt_msg": "x86/tls: Validate TLS entries to protect espfix", + "cmt_id": "339ee067d034ba302e2b43100a2b04be7b7f586c" + }, + "CVE-2014-8134": { + "cmt_msg": "x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit", + "cmt_id": "757328f36af0eeb6c6bb3c16a3ff84c669ead5bb" + }, + "CVE-2015-5706": { + "cmt_msg": "path_openat(): fix double fput()", + "cmt_id": "bedf03d0b88db4de0b66a1ef81df4faec7a0ceb4" + }, + "CVE-2015-1465": { + "cmt_msg": "ipv4: try to cache dst_entries which would cause a redirect", + "cmt_id": "569a4ccdd320abaf7cb7d9a70757dc84b42420d9" + }, + "CVE-2016-2053": { + "cmt_msg": "ASN.1: Fix non-match detection failure on data overrun", + "cmt_id": "15430f775ee686b61569a0c3e74cf0b2ad57c8eb" + }, + "CVE-2015-6937": { + "cmt_msg": "RDS: verify the underlying transport exists before creating a connection", + "cmt_id": "a93002fa8bd6495b88ae9196151008902d7e7774" + }, + "CVE-2014-9644": { + "cmt_msg": "crypto: include crypto- module prefix in template", + "cmt_id": "9f213efca416d0b3af786d2b2284f5e5f1f61d51" + }, + "CVE-2015-8552": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "cb968d816e128f3c652f5a493d9a5cdd91490570" + }, + "CVE-2016-0728": { + "cmt_msg": "KEYS: Fix keyring ref leak in join_session_keyring()", + "cmt_id": "63b2438cd504e776ec056150857d2a541718da88" + }, + "CVE-2017-13215": { + "cmt_msg": "crypto: algif_skcipher - Load TX SG list after waiting", + "cmt_id": "f608afd0ae111abb0edc3e64a2e7e69b44f02702" + }, + "CVE-2017-1000253": { + "cmt_msg": "fs/binfmt_elf.c: fix bug in loading of PIE binaries", + "cmt_id": "ea08dc5191d9a22242893768e4c3be8efb546c62" + }, + "CVE-2014-8884": { + "cmt_msg": "ttusb-dec: buffer overflow in ioctl", + "cmt_id": "36bb34da20d9e641310f5153239f65b34495b7ae" + }, + "CVE-2014-9322": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "09f581ba6439450b04b1062ad257d0bb447189f9" + }, + "CVE-2014-7826": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "9f156016096dd656971d153234fc4b9c0323bb2c" + }, + "CVE-2014-7825": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "9f156016096dd656971d153234fc4b9c0323bb2c" + }, + "CVE-2015-8543": { + "cmt_msg": "net: add validation for the socket syscall protocol argument", + "cmt_id": "c289dc9feaee8faae78973d0b0dc36dbc2476f49" + }, + "CVE-2015-4167": { + "cmt_msg": "udf: Check length of extended attributes and allocation descriptors", + "cmt_id": "24a10af7859205540358f2f58bfbd89b0962027a" + }, + "CVE-2016-0723": { + "cmt_msg": "tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)", + "cmt_id": "3991600fc141223ba7b88026a187e4562c7acd00" + }, + "CVE-2016-7117": { + "cmt_msg": "net: Fix use after free in the recvmmsg exit path", + "cmt_id": "fc49d04ae148b205c3817d901ce0f846869effa8" + }, + "CVE-2015-2830": { + "cmt_msg": "x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization", + "cmt_id": "c1dc5bb3c7e51084423e5fff2537c1922849b829" + }, + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak", + "cmt_id": "1906035dff2763a1c17a3f2a4d8706ef960e7a62" + }, + "CVE-2014-9090": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "09f581ba6439450b04b1062ad257d0bb447189f9" + }, + "CVE-2015-8816": { + "cmt_msg": "USB: fix invalid memory access in hub_activate()", + "cmt_id": "7d7ded5440d763c75023f39ca1a1a85672803ad8" + }, + "CVE-2015-7566": { + "cmt_msg": "USB: serial: visor: fix crash on detecting device without write_urbs", + "cmt_id": "d80e009beb81b05f0ddf69a3bcc7e328272b0117" + }, + "CVE-2015-8812": { + "cmt_msg": "iw_cxgb3: Fix incorrectly returning error on success", + "cmt_id": "f95bf9a80850d49cce96ef0da4a1bd68f8f57dbe" + }, + "CVE-2014-9710": { + "cmt_msg": "Btrfs: make xattr replace operations atomic", + "cmt_id": "1d9c16e6463f33c247cd9b33369aba7d05ebbb49" + }, + "CVE-2014-3610": { + "cmt_msg": "KVM: x86: Check non-canonical addresses upon WRMSR", + "cmt_id": "604acafa52b9651054b816f19c172ee07384a0d3" + }, + "CVE-2014-3611": { + "cmt_msg": "KVM: x86: Improve thread safety in pit", + "cmt_id": "262400a71a3ebbb98c800cdd20094d3ea06a281c" + }, + "CVE-2015-8950": { + "cmt_msg": "arm64: dma-mapping: always clear allocated buffers", + "cmt_id": "a92a43a16c9fc3f257dd28e5b0c82297b80e1ce3" + }, + "CVE-2016-3841": { + "cmt_msg": "ipv6: add complete rcu protection around np->opt", + "cmt_id": "93d2f2509b98181f3f0630ae3a5a45e8ddcd75a3" + }, + "CVE-2016-3689": { + "cmt_msg": "Input: ims-pcu - sanity check against missing interfaces", + "cmt_id": "2b1d2df1ab77cf0d096516bb636e18168ec8d5b8" + }, + "CVE-2015-8019": { + "cmt_msg": "net: add length argument to skb_copy_and_csum_datagram_iovec", + "cmt_id": "fa89ae5548ed282f0ceb4660b3b93e4e2ee875f3" + }, + "CVE-2016-9685": { + "cmt_msg": "xfs: fix two memory leaks in xfs_attr_list.c error paths", + "cmt_id": "f7a39c8e72338d5d0f24ba38debf2d96c893d24b" + }, + "CVE-2016-8646": { + "cmt_msg": "crypto: algif_hash - Only export and import on sockets with data", + "cmt_id": "214fcf7977ef7579530609c24b94164a3b306d13" + }, + "CVE-2016-3044": { + "cmt_msg": "KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit", + "cmt_id": "ea51a643e950c2b51f9afcd6b72c586bcf8ccdf0" + }, + "CVE-2015-7872": { + "cmt_msg": "KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring", + "cmt_id": "4944cea73316e816c30533d02f6c0434a5011751" + }, + "CVE-2013-7446": { + "cmt_msg": "unix: avoid use-after-free in ep_remove_wait_queue", + "cmt_id": "6e238517b4addfb28ba8a94687af174200227b89" + }, + "CVE-2017-13167": { + "cmt_msg": "ALSA: timer: Fix race at concurrent reads", + "cmt_id": "d2fe56f9b3f8bace0b645d6c6634eba854b6b7f0" + }, + "CVE-2015-4177": { + "cmt_msg": "mnt: Fail collect_mounts when applied to unmounted mounts", + "cmt_id": "4bcf842df09d2cbcd32db82a501383bc6b851fa8" + }, + "CVE-2015-8374": { + "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents", + "cmt_id": "c40009c43c849713cad7a850af0e522e3132bc5d" + }, + "CVE-2016-3672": { + "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32", + "cmt_id": "89df0e7a8ac3e51fc02d1a6ceff194da02abdd96" + }, + "CVE-2013-7421": { + "cmt_msg": "crypto: prefix module autoloading with \"crypto-\"", + "cmt_id": "6359ca00be9de08b4495d036ea1f1935dfe65022" + }, + "CVE-2015-9004": { + "cmt_msg": "perf: Tighten (and fix) the grouping condition", + "cmt_id": "08446eea4a583919b979915f4dec2fa94ac6186c" + }, + "CVE-2015-8785": { + "cmt_msg": "fuse: break infinite loop in fuse_fill_write_pages()", + "cmt_id": "e595f1d352d3531f5295b45ce7feab29d483ec69" + }, + "CVE-2015-2925": { + "cmt_msg": "dcache: Handle escaped paths in prepend_path", + "cmt_id": "a75ff8a85153c785ff1ba70ba2a652f6c1f99a5b" + }, + "CVE-2015-2922": { + "cmt_msg": "ipv6: Don't reduce hop limit for an interface", + "cmt_id": "150193b96666abb34d0c0d24c1e8a3068eb34317" + }, + "CVE-2015-0275": { + "cmt_msg": "ext4: allocate entire range in zero range", + "cmt_id": "7e11ae290de5fd20b099fe34d113c6cc39b42f55" + }, + "CVE-2015-2150": { + "cmt_msg": "xen-pciback: limit guest control of command register", + "cmt_id": "e321556ce29b9fd4579f4c2f00f9a8e95edd9d22" + }, + "CVE-2015-4692": { + "cmt_msg": "kvm: x86: fix kvm_apic_has_events to check for NULL pointer", + "cmt_id": "f1fe527bdd0664bc65148278d259762e4e15396d" + }, + "CVE-2014-7841": { + "cmt_msg": "net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet", + "cmt_id": "1cfecc6bca7a8a81ded208b5b2e0a56a6b52ad9a" + }, + "CVE-2015-4003": { + "cmt_msg": "ozwpan: divide-by-zero leading to panic", + "cmt_id": "a422e82cbf16bb16cbe6e3f5d87edd787cb874d8" + }, + "CVE-2014-8159": { + "cmt_msg": "IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic", + "cmt_id": "c8f7da00f74c25e260a763446cc332196a6a1d13" + }, + "CVE-2014-8989": { + "cmt_msg": "userns: Don't allow setgroups until a gid mapping has been setablished", + "cmt_id": "88e91dce8d462daaa4bf71b591e3f095ab3b084a" + }, + "CVE-2014-7843": { + "cmt_msg": "arm64: __clear_user: handle exceptions on strb", + "cmt_id": "73d908ca212dfa4a27e6ba4c272a651c979594d4" + }, + "CVE-2014-7842": { + "cmt_msg": "KVM: x86: Don't report guest userspace emulation error to userspace", + "cmt_id": "7dd767fff08a6603b1b14d1e078a1f4721eb8eb4" + }, + "CVE-2015-1593": { + "cmt_msg": "x86, mm/ASLR: Fix stack randomization on 64-bit systems", + "cmt_id": "b515b1b0f296d699dab273cdab68acb88f4f2add" + }, + "CVE-2014-8559": { + "cmt_msg": "move d_rcu from overlapping d_child to overlapping d_alias", + "cmt_id": "f185f12c4a26bf317e070697d3cf9ec17fc11864" + }, + "CVE-2016-2384": { + "cmt_msg": "ALSA: usb-audio: avoid freeing umidi object twice", + "cmt_id": "6c0fa0936aa173fbecc956d62865a91ef13dad62" + }, + "CVE-2014-9584": { + "cmt_msg": "isofs: Fix unchecked printing of ER records", + "cmt_id": "4948220ac9ba5774512f1f9aef4bb23e202e8a23" + }, + "CVE-2014-9585": { + "cmt_msg": "x86_64, vdso: Fix the vdso address randomization algorithm", + "cmt_id": "869f828db156fcb10893c1197315ac85780925b0" + }, + "CVE-2016-2545": { + "cmt_msg": "ALSA: timer: Fix double unlink of active_list", + "cmt_id": "4a7ff8dcf12fae2b2368ba89dffa3743a9996e39" + }, + "CVE-2016-2544": { + "cmt_msg": "ALSA: seq: Fix race at timer setup and close", + "cmt_id": "712df95de8324fb208c3e8dd147cea69f8554ffb" + }, + "CVE-2016-2547": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "c8ca4c5acf7f9825baa63dc5a956bd8ecec45e1b" + }, + "CVE-2016-2546": { + "cmt_msg": "ALSA: timer: Fix race among timer ioctls", + "cmt_id": "ffa534e36806d454e7d7d4c2019093365846da65" + }, + "CVE-2016-2543": { + "cmt_msg": "ALSA: seq: Fix missing NULL check at remove_events ioctl", + "cmt_id": "f9d7022955974997f1ba707ddfe8caf297e1a909" + }, + "CVE-2014-3688": { + "cmt_msg": "net: sctp: fix remote memory pressure from excessive queueing", + "cmt_id": "565d3c2b451cb7078128ee834ddabb02d02af3e5" + }, + "CVE-2016-2549": { + "cmt_msg": "ALSA: hrtimer: Fix stall by hrtimer_cancel()", + "cmt_id": "4238f492b693a43607f7a02007421d954769531a" + }, + "CVE-2016-2548": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "c8ca4c5acf7f9825baa63dc5a956bd8ecec45e1b" + }, + "CVE-2016-2143": { + "cmt_msg": "s390/mm: four page table levels vs. fork", + "cmt_id": "97520d8491a514f98022802a200c27aa49dfd697" + }, + "CVE-2014-8160": { + "cmt_msg": "netfilter: conntrack: disable generic tracking for known protocols", + "cmt_id": "85c981d1b144ddea85cf8827e7afafda024cf684" + }, + "CVE-2014-9428": { + "cmt_msg": "batman-adv: Calculate extra tail size based on queued fragments", + "cmt_id": "55074679b401d834d999b8b71877065cfeaeef73" + }, + "CVE-2015-5697": { + "cmt_msg": "md: use kzalloc() when bitmap is disabled", + "cmt_id": "0624b99bab2b572b28edc1fab3e2a6d8619ead3a" + }, + "CVE-2014-3673": { + "cmt_msg": "net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks", + "cmt_id": "240432f953757528abd23c5f76abfb092f05fc86" + }, + "CVE-2014-8086": { + "cmt_msg": "ext4: prevent bugon on race between write/fcntl", + "cmt_id": "01eca100c06d5b043e828fc2838189ae0c785285" + }, + "CVE-2016-6327": { + "cmt_msg": "IB/srpt: Simplify srpt_handle_tsk_mgmt()", + "cmt_id": "c8db91d65f8322202d663432f7ac84014a77b2fc" + }, + "CVE-2015-6252": { + "cmt_msg": "vhost: actually track log eventfd file", + "cmt_id": "c433ad7a9131631517880c74d6415473b2103f0d" + }, + "CVE-2014-9729": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "66c88eab4e8c6bb36afa48bf524870d957547f2e" + }, + "CVE-2015-3288": { + "cmt_msg": "mm: avoid setting up anonymous pages into file mapping", + "cmt_id": "9760c0f9a5a7dbfb696b799189609a3471151cb5" + }, + "CVE-2015-8575": { + "cmt_msg": "bluetooth: Validate socket address length in sco_sock_bind().", + "cmt_id": "2296bb5b70594120aaf3900f4c965c5cf10ede99" + }, + "CVE-2015-8215": { + "cmt_msg": "ipv6: addrconf: validate new MTU before applying it", + "cmt_id": "fd0ad1be8dfb877e31f07f11c120badce12ba09f" + }, + "CVE-2015-1333": { + "cmt_msg": "KEYS: ensure we free the assoc array edit if edit is valid", + "cmt_id": "9bc34abfec8f083cb5ea50534d22d114ab12c4e3" + }, + "CVE-2015-8845": { + "cmt_msg": "powerpc/tm: Check for already reclaimed tasks", + "cmt_id": "2682034aabc6fc07cf5fc088cca1e96f36a4e4bc" + }, + "CVE-2015-8844": { + "cmt_msg": "powerpc/tm: Block signal return setting invalid MSR state", + "cmt_id": "368d31a3656ce7df52a229f6375442ac529db201" + }, + "CVE-2015-7550": { + "cmt_msg": "KEYS: Fix race between read and revoke", + "cmt_id": "1558fc1a018aa7e2943c413a4de17ae138e855b8" + }, + "CVE-2015-1420": { + "cmt_msg": "vfs: read file_handle only once in handle_to_path", + "cmt_id": "3b73bcf30f8cf56f6635bb5a8fcfbc9e650f8d9b" + }, + "CVE-2015-1421": { + "cmt_msg": "net: sctp: fix slab corruption from use after free on INIT collisions", + "cmt_id": "72d7e0fe4d22352f69c87bd3c058b05a68101706" + }, + "CVE-2016-10229": { + "cmt_msg": "udp: properly support MSG_PEEK with truncated buffers", + "cmt_id": "f7f4fb819a8dc620ce43a435ef91327274e2a875" + }, + "CVE-2015-4036": { + "cmt_msg": "vhost/scsi: potential memory corruption", + "cmt_id": "3aa1e327028e3b510a5c166df593f8637b25abe4" + }, + "CVE-2015-2666": { + "cmt_msg": "x86/microcode/intel: Guard against stack overflow in the loader", + "cmt_id": "caccf691912359293bc4dfce740b62b202a5dba6" + }, + "CVE-2014-3647": { + "cmt_msg": "KVM: x86: Emulator fixes for eip canonical checks on near branches", + "cmt_id": "8a909b2c6e6a4037a8c0e01cf7fae674c427ccc4" + }, + "CVE-2014-3646": { + "cmt_msg": "kvm: vmx: handle invvpid vm exit gracefully", + "cmt_id": "67fe3bc3d284f82e204ad2925479483eb21692b8" + }, + "CVE-2016-3137": { + "cmt_msg": "USB: cypress_m8: add endpoint sanity check", + "cmt_id": "768c09c4493020b018bc52c75f75cbafa915894f" + }, + "CVE-2015-8569": { + "cmt_msg": "pptp: verify sockaddr_len in pptp_bind() and pptp_connect()", + "cmt_id": "485724cdc8f8898d77eb7a0f3d896facf55f6be1" + }, + "CVE-2014-9683": { + "cmt_msg": "eCryptfs: Remove buggy and unnecessary write in file name decode routine", + "cmt_id": "ea447345243f8e594c45d413364832a01b3d9751" + }, + "CVE-2016-3134": { + "cmt_msg": "netfilter: x_tables: fix unconditional helper", + "cmt_id": "366d36a8136fd4b34f6d30935693cb6b85915a25" + }, + "CVE-2015-5283": { + "cmt_msg": "sctp: fix race on protocol/netns initialization", + "cmt_id": "eb084bd187c25f0b63556a4f6c440e3ac96ecaf5" + }, + "CVE-2016-3138": { + "cmt_msg": "USB: cdc-acm: more sanity checking", + "cmt_id": "173d111b4a26744a2c8f230901a0a418d083efa0" + }, + "CVE-2016-3157": { + "cmt_msg": "x86/iopl/64: Properly context-switch IOPL on Xen PV", + "cmt_id": "a6a2cb781be75d0a135a8e4ddd87854f09377928" + }, + "CVE-2016-3156": { + "cmt_msg": "ipv4: Don't do expensive useless work during inetdev destroy.", + "cmt_id": "8b03d9086461070caa263541bf83508ab30f52cc" + }, + "CVE-2016-2085": { + "cmt_msg": "EVM: Use crypto_memneq() for digest comparisons", + "cmt_id": "50e2fe0e98fffd08cb81b1785174db30902271c6" + }, + "CVE-2016-2847": { + "cmt_msg": "pipe: limit the per-user amount of pages allocated in pipes", + "cmt_id": "74f8c94db4565dc3b89bc9571e999227a98e972f" + }, + "CVE-2015-7885": { + "cmt_msg": "staging/dgnc: fix info leak in ioctl", + "cmt_id": "df3a19b81c9449249f89babdca8a716a2f92d0ac" + }, + "CVE-2014-9529": { + "cmt_msg": "KEYS: close race between key lookup and freeing", + "cmt_id": "43e6badd6f821916946216504c23e56bd8bba2e1" + }, + "CVE-2015-5307": { + "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered", + "cmt_id": "033edc3a7d4c3fd1560aa41e051d6e79b9545ed0" + }, + "CVE-2015-4002": { + "cmt_msg": "ozwpan: Use proper check to prevent heap overflow", + "cmt_id": "239e380248e92150c2e2fe485679fb1b72b3711e" + }, + "CVE-2015-4001": { + "cmt_msg": "ozwpan: Use unsigned ints to prevent heap overflow", + "cmt_id": "cd6bcf08bfc93c0c86c9be7d5de0f2f9e5b47e76" + }, + "CVE-2015-3636": { + "cmt_msg": "ipv4: Missing sk_nulls_node_init() in ping_unhash().", + "cmt_id": "f91222b61038729728090fdac38fd819ec6e26ef" + }, + "CVE-2016-2185": { + "cmt_msg": "Input: ati_remote2 - fix crashes on detecting device with invalid descriptor", + "cmt_id": "7ea6b63a62afde28feaae499cc8094426b0b4241" + }, + "CVE-2016-2184": { + "cmt_msg": "ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()", + "cmt_id": "b92dbabac3053baaf83bcae270bf058cd5839e35" + }, + "CVE-2015-7799": { + "cmt_msg": "isdn_ppp: Add checks for allocation failure in isdn_ppp_open()", + "cmt_id": "bcd596b01fd5cea4591cd1cc8c1183f3da4bed68" + }, + "CVE-2015-2041": { + "cmt_msg": "net: llc: use correct size for sysctl timeout entries", + "cmt_id": "4218278977f7bb99190f239a708e9ee7836fd11c" + }, + "CVE-2014-7970": { + "cmt_msg": "mnt: Prevent pivot_root from creating a loop in the mount tree", + "cmt_id": "31b7cb6b454d1d5279ddc5a3574ae9cf5456615d" + }, + "CVE-2015-2042": { + "cmt_msg": "net: rds: use correct size for max unacked packets and bytes", + "cmt_id": "065f373545d11d7dfe22d6fa1381b214522f187a" + }, + "CVE-2015-3331": { + "cmt_msg": "crypto: aesni - fix memory usage in GCM decryption", + "cmt_id": "da3d3856b47cddbdc6b4d676bfaadd91c7571993" + }, + "CVE-2015-3332": { + "cmt_msg": "tcp: Fix crash in TCP Fast Open", + "cmt_id": "53411a80e3449952336582f8689c458b63f85455" + }, + "CVE-2015-8767": { + "cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event", + "cmt_id": "26e0e9c2b06c3d9cc62ac25c1e410642205234f1" + } + }, + "3.16.36": { + "CVE-2016-3961": { + "cmt_msg": "x86/mm/xen: Suppress hugetlbfs in PV guests", + "cmt_id": "27c03f880236b5e3c48af4d8848916bea8a5d88a" + }, + "CVE-2016-4581": { + "cmt_msg": "propogate_mnt: Handle the first propogated copy being a slave", + "cmt_id": "816d889b22613b946de7ab6458d7c7cc250fcdca" + }, + "CVE-2016-4580": { + "cmt_msg": "net: fix a kernel infoleak in x25 module", + "cmt_id": "66a315418f82f9d97f4233cd71e3b54105ffefd1" + }, + "CVE-2016-4486": { + "cmt_msg": "net: fix infoleak in rtnetlink", + "cmt_id": "935f8a3274efedc93d5e6c8183915ac4fad81924" + }, + "CVE-2016-2117": { + "cmt_msg": "atl2: Disable unimplemented scatter/gather feature", + "cmt_id": "801b07f4e84bcbc59118e582e861e34f404e0c15" + }, + "CVE-2016-4485": { + "cmt_msg": "net: fix infoleak in llc", + "cmt_id": "c922f1c07ac330685d6603c619239bdb645d7bdd" + }, + "CVE-2016-4913": { + "cmt_msg": "get_rock_ridge_filename(): handle malformed NM entries", + "cmt_id": "122352cc76bf0018b094a3051ca47f3d63cf5668" + }, + "CVE-2016-4565": { + "cmt_msg": "IB/security: Restrict use of the write() interface", + "cmt_id": "f4b592cb05dce29cd4c6778400ece68a45a1a223" + }, + "CVE-2016-2187": { + "cmt_msg": "Input: gtco - fix crash on detecting device without endpoints", + "cmt_id": "772703cadb1bf378bcd5ae87db4c150da37351b6" + }, + "CVE-2016-7916": { + "cmt_msg": "proc: prevent accessing /proc/<PID>/environ until it's ready", + "cmt_id": "eee69c92529e82e48e088f21137220c516c4b8ed" + }, + "CVE-2016-0758": { + "cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing", + "cmt_id": "af00ae6ef5a2c73f21ba215c476570b7772a14fb" + }, + "CVE-2016-3070": { + "cmt_msg": "mm: migrate dirty page without clear_page_dirty_for_io etc", + "cmt_id": "77f7f67dbd37ab3eebd98e2764bd1e0900028a33" + }, + "CVE-2016-7914": { + "cmt_msg": "assoc_array: don't call compare_object() on a node", + "cmt_id": "d513fcfdc14b44cc22f85bd1a5206fc6cd68d354" + } + }, + "3.16.37": { + "CVE-2016-4997": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "35ea6762cc084057963af3833c77cf2906461b75" + }, + "CVE-2016-5728": { + "cmt_msg": "misc: mic: Fix for double fetch security bug in VOP driver", + "cmt_id": "72aaf646fb6b6f8f7befb44cbd5b1acd3bb5b483" + }, + "CVE-2016-4470": { + "cmt_msg": "KEYS: potential uninitialized variable", + "cmt_id": "91c854934664bf4d713b12f663de77397840d5bd" + }, + "CVE-2016-4482": { + "cmt_msg": "USB: usbfs: fix potential infoleak in devio", + "cmt_id": "502c7a5b24af01f64d6812a0a382c6beebef9c55" + }, + "CVE-2016-4998": { + "cmt_msg": "netfilter: x_tables: check for bogus target offset", + "cmt_id": "35ea6762cc084057963af3833c77cf2906461b75" + }, + "CVE-2016-1237": { + "cmt_msg": "posix_acl: Add set_posix_acl", + "cmt_id": "8e31c40b13640f7990ae0038ae4e7a6685998e3a" + }, + "CVE-2014-9922": { + "cmt_msg": "fs: limit filesystem stacking depth", + "cmt_id": "54c202bbeb9a00042d374561c6bf2bf5d586fc11" + }, + "CVE-2014-9904": { + "cmt_msg": "ALSA: compress: fix an integer overflow check", + "cmt_id": "bd5ab00affa19dcc491318cbb1e0891ffa49c645" + }, + "CVE-2016-4578": { + "cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback", + "cmt_id": "d5b7dbe55864c6bb1b966971f6d4ef90d5b95e46" + }, + "CVE-2016-9754": { + "cmt_msg": "ring-buffer: Prevent overflow of size in ring_buffer_resize()", + "cmt_id": "e5e2cbc7f25c06266bba5072adab68cc64f71401" + }, + "CVE-2016-5696": { + "cmt_msg": "tcp: make challenge acks less predictable", + "cmt_id": "c6287499662db0b0caee72d6453e445a2c6162af" + }, + "CVE-2016-5244": { + "cmt_msg": "rds: fix an infoleak in rds_inc_info_copy", + "cmt_id": "5343d1779fd944a3937dafc56f3e853a5e063a3d" + }, + "CVE-2016-5243": { + "cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump", + "cmt_id": "3d4997da790d035dc4cc61f254d4de467a1bbf90" + }, + "CVE-2016-7911": { + "cmt_msg": "block: fix use-after-free in sys_ioprio_get()", + "cmt_id": "60b67e2584e080c42ae23a9518738591969544e1" + }, + "CVE-2016-9806": { + "cmt_msg": "netlink: Fix dump skb leak/double free", + "cmt_id": "ed8ab6b2bb3f3714dad70216b94e1bb8bc8df223" + }, + "CVE-2016-4569": { + "cmt_msg": "ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS", + "cmt_id": "84d8697290dd3b2c08be651651a02d30f62d91a7" + }, + "CVE-2016-5412": { + "cmt_msg": "KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures", + "cmt_id": "b16e5c4a51094b5fbf6e2543f8d1c260429c946d" + }, + "CVE-2017-7495": { + "cmt_msg": "ext4: fix data exposure after a crash", + "cmt_id": "b274508ecc4388f00de57fc6641bf8be2b671908" + }, + "CVE-2016-1583": { + "cmt_msg": "proc: prevent stacking filesystems on top", + "cmt_id": "a0b5c04dfca69e9728b1c454c6f9fde9f8f38613" + }, + "CVE-2016-5829": { + "cmt_msg": "HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands", + "cmt_id": "4ef3e38d4e0726ec7f63f8d9c6b4c3aa1cbeec7b" + }, + "CVE-2016-5828": { + "cmt_msg": "powerpc/tm: Always reclaim in start_thread() for exec() class syscalls", + "cmt_id": "8c96b416de2acc010c9e7f90c9d2dde9b1418444" + }, + "CVE-2016-6130": { + "cmt_msg": "s390/sclp_ctl: fix potential information leak with /dev/sclp", + "cmt_id": "8229d94adedd2cad31fee2e90b1becb2fdc09b9d" + }, + "CVE-2016-6136": { + "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()", + "cmt_id": "c8a3667e957a498865ec82c3d19160f1a330daef" + } + }, + "3.16.38": { + "CVE-2016-5195": { + "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()", + "cmt_id": "2649c26fdeb99f1c104c387ae63fd72e119c2b96" + } + }, + "3.16.39": { + "CVE-2016-7042": { + "cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function", + "cmt_id": "dbc969a232a97c001f6c5f7b4b5e0de4dca4fe84" + }, + "CVE-2016-6828": { + "cmt_msg": "tcp: fix use after free in tcp_xmit_retransmit_queue()", + "cmt_id": "3a7dc8f4b37d2c2b12b805aee4a41e706c43ded1" + }, + "CVE-2016-8658": { + "cmt_msg": "brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()", + "cmt_id": "df523e7adf0595cf509f6382af7ed801ab0bd108" + }, + "CVE-2016-8633": { + "cmt_msg": "firewire: net: guard against rx buffer overflows", + "cmt_id": "88eadd913f235ffd29767b504fd68caaa1394f76" + }, + "CVE-2015-1350": { + "cmt_msg": "fs: Avoid premature clearing of capabilities", + "cmt_id": "3418703a9d04fa65f993e89a3fa6bfeed3c1fe7c" + }, + "CVE-2016-7097": { + "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions", + "cmt_id": "f2ba3e2310b3967720b83126db8684c69ce41894" + }, + "CVE-2016-7425": { + "cmt_msg": "scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()", + "cmt_id": "400ce4d1a8ea346d95b36f6c72b993de69f8a0b0" + }, + "CVE-2016-9084": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "6593fe0cbdc77241f58e75d049296d1fba37d484" + }, + "CVE-2016-6480": { + "cmt_msg": "aacraid: Check size values after double-fetch from user", + "cmt_id": "962b0f29a59ec0dd32c18001ffcd2ba23ab4eada" + }, + "CVE-2016-7910": { + "cmt_msg": "block: fix use-after-free in seq file", + "cmt_id": "2dabc3a663edfc35c2ab48f4d6b51114757b858c" + }, + "CVE-2016-9083": { + "cmt_msg": "vfio/pci: Fix integer overflows, bitmask check", + "cmt_id": "6593fe0cbdc77241f58e75d049296d1fba37d484" + }, + "CVE-2015-8955": { + "cmt_msg": "arm64: perf: reject groups spanning multiple HW PMUs", + "cmt_id": "b2aa2e250fe40b8413aefd8762b488d81f292c34" + }, + "CVE-2015-8956": { + "cmt_msg": "Bluetooth: Fix potential NULL dereference in RFCOMM bind callback", + "cmt_id": "8c996f7322f988a074896c135f90d6c4c6d173ab" + }, + "CVE-2016-3857": { + "cmt_msg": "arm: oabi compat: add missing access checks", + "cmt_id": "7e7aaf7b1bf53b5b0abd380efe7fc430bc8a590d" + } + }, + "3.16.40": { + "CVE-2016-6787": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "18163dd15627bfa34af63299998523d8dd1a109e" + }, + "CVE-2016-6786": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "18163dd15627bfa34af63299998523d8dd1a109e" + }, + "CVE-2015-8964": { + "cmt_msg": "tty: Prevent ldisc drivers from re-using stale tty fields", + "cmt_id": "16c30eea9553b0ccbb379eed34f85fbed5e2cdcd" + }, + "CVE-2015-8962": { + "cmt_msg": "sg: Fix double-free when drives detach during SG_IO", + "cmt_id": "79cfd63480a7c4b48c6c329fab1bde569e0a4ac2" + }, + "CVE-2015-8963": { + "cmt_msg": "perf: Fix race in swevent hash", + "cmt_id": "311c3b32f1e591b88e1b290efdcbc79c081f8e0f" + }, + "CVE-2016-9793": { + "cmt_msg": "net: avoid signed overflows for SO_{SND|RCV}BUFFORCE", + "cmt_id": "756826fd4e4a25589a2e77a7ceb791314c73cf48" + }, + "CVE-2017-15102": { + "cmt_msg": "usb: misc: legousbtower: Fix NULL pointer deference", + "cmt_id": "5d1d4fb4ab35b8eebf3b9112c460cb25edb89143" + }, + "CVE-2016-9794": { + "cmt_msg": "ALSA: pcm : Call kill_fasync() in stream lock", + "cmt_id": "afd9c2402bdfdbc813587faf7f0e8e1f94c2ee91" + }, + "CVE-2016-10200": { + "cmt_msg": "l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()", + "cmt_id": "7c3ad0d86f80618c00a5d6a267080238185038f6" + }, + "CVE-2016-8632": { + "cmt_msg": "tipc: check minimum bearer MTU", + "cmt_id": "cd53924265a9d328af37722c6b682e4ea793d04e" + }, + "CVE-2016-8650": { + "cmt_msg": "mpi: Fix NULL ptr dereference in mpi_powm()", + "cmt_id": "0a74b364c4c2ce4bfffdbefd62cced99ad76bec9" + }, + "CVE-2016-8655": { + "cmt_msg": "packet: fix race condition in packet_set_ring", + "cmt_id": "943e7299c0fec28de9df8985953f45633b071690" + }, + "CVE-2016-8405": { + "cmt_msg": "fbdev: color map copying bounds checking", + "cmt_id": "4952d0fe7849840bf3767051eb296e84c0e6ed52" + }, + "CVE-2016-10088": { + "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS", + "cmt_id": "249741c2c0d7a905da66efc6d1292d3915aef1fc" + }, + "CVE-2016-9120": { + "cmt_msg": "staging/android/ion : fix a race condition in the ion driver", + "cmt_id": "ce626e14b2fd8f1f0ff6d17a8503f12d3e991cd3" + }, + "CVE-2016-7915": { + "cmt_msg": "HID: core: prevent out-of-bound readings", + "cmt_id": "e137da9c2207aa45c353b224a12b1cecfdcb54cb" + }, + "CVE-2016-7917": { + "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages", + "cmt_id": "8a984a4795fd4432da09e170efe7d9766d0e91cf" + }, + "CVE-2016-7912": { + "cmt_msg": "usb: gadget: f_fs: Fix use-after-free", + "cmt_id": "0fbed614ccd7ab27d77bc129a9d8539181d7d275" + }, + "CVE-2016-8645": { + "cmt_msg": "tcp: take care of truncations done by sk_filter()", + "cmt_id": "3d59e6e25fd0cbe700d3f2910291729227dcfd23" + }, + "CVE-2017-6001": { + "cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race", + "cmt_id": "fe525a280e8b5f04c7666fe22d1a4ef592f7b953" + }, + "CVE-2016-9191": { + "cmt_msg": "sysctl: Drop reference added by grab_header in proc_sys_readdir", + "cmt_id": "0b66ea3bca021aea839c526d7643df085c5dadbc" + }, + "CVE-2016-9555": { + "cmt_msg": "sctp: validate chunk len before actually using it", + "cmt_id": "1685cd22d7ebda79ea519457499f9cc4ced1e966" + } + }, + "3.16.41": { + "CVE-2017-2618": { + "cmt_msg": "selinux: fix off-by-one in setprocattr", + "cmt_id": "0646217322101c829aaabf95294ce9b8b02ab807" + }, + "CVE-2017-5970": { + "cmt_msg": "ipv4: keep skb->dst around in presence of IP options", + "cmt_id": "631f00df1b2fa51492de8ab93a91a3876b697aeb" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO", + "cmt_id": "c21341fd2c2e0e840864062707825d6d0d5e13b2" + }, + "CVE-2016-6213": { + "cmt_msg": "mnt: Add a per mount namespace limit on the number of mounts", + "cmt_id": "b71f455440fd7ed03f088580b3a117352fc815dd" + }, + "CVE-2016-10208": { + "cmt_msg": "ext4: validate s_first_meta_bg at mount time", + "cmt_id": "cde863587b6809fdf61ea3c5391ecf06884b5516" + }, + "CVE-2017-5897": { + "cmt_msg": "ip6_gre: fix ip6gre_err() invalid reads", + "cmt_id": "3a997b28bbc69f7637ccd62c5a37379dec34f36b" + }, + "CVE-2016-9588": { + "cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)", + "cmt_id": "8cebcee992c81aaec741311db337705a4949261c" + }, + "CVE-2017-6214": { + "cmt_msg": "tcp: avoid infinite loop in tcp_splice_read()", + "cmt_id": "5b746247d798a6061d213bf3f64c6e434bb4f23d" + }, + "CVE-2017-5549": { + "cmt_msg": "USB: serial: kl5kusb105: fix line-state error handling", + "cmt_id": "59021c058a0bd2af81d1e8116995d7119be15145" + }, + "CVE-2017-5551": { + "cmt_msg": "tmpfs: clear S_ISGID when setting posix ACLs", + "cmt_id": "b35e1587153b27e12747137ce7a0df0eb921cd85" + }, + "CVE-2017-2583": { + "cmt_msg": "KVM: x86: fix emulation of \"MOV SS, null selector\"", + "cmt_id": "448ec74e72bf4c5952e3d369720a862da99c0895" + }, + "CVE-2017-2584": { + "cmt_msg": "KVM: x86: Introduce segmented_write_std", + "cmt_id": "8be074a1f62ff51ffdf5b4634327dee351a5c2c2" + } + }, + "3.16.42": { + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it", + "cmt_id": "ae722d6df3efc7a2df272644d82639f2679042ed" + }, + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf", + "cmt_id": "2e523bd949e3bc43cf61cc8a690350fa778e3f88" + }, + "CVE-2017-7273": { + "cmt_msg": "HID: hid-cypress: validate length of report", + "cmt_id": "60a990276a03f9a11d86017b1217f3698443c47b" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection", + "cmt_id": "13508cb3bf17a73b91957e7070112b710bdfadc2" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete().", + "cmt_id": "55429dd9c16006c5f2edc53c25a3594d299fbf98" + }, + "CVE-2017-5986": { + "cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf", + "cmt_id": "2ad78d37e15d7adba80deb103068faf6d88f95ac" + }, + "CVE-2017-6345": { + "cmt_msg": "net/llc: avoid BUG_ON() in skb_orphan()", + "cmt_id": "8e822a0f8b3b8d2907ae7fba62258562b7ef800c" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()", + "cmt_id": "bf7916239a591920427b0ee8022c222eeccba840" + }, + "CVE-2017-2596": { + "cmt_msg": "kvm: fix page struct leak in handle_vmon", + "cmt_id": "591fc80b6369a886a1d21cacf11f91b455781df3" + } + }, + "3.16.43": { + "CVE-2016-10044": { + "cmt_msg": "aio: mark AIO pseudo-fs noexec", + "cmt_id": "880366a6e2ef182c37b7c7317dc6d449f625b97d" + } + }, + "3.16.44": { + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", + "cmt_id": "629655f798b92fd309fdde494a3cfb8a37f807ad" + }, + "CVE-2017-8064": { + "cmt_msg": "dvb-usb-v2: avoid use-after-free", + "cmt_id": "522182342410708c54eb2b33ff36e85f0b045a6d" + }, + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size", + "cmt_id": "a481ab4edd87bc2dc6f1fa9029866dd69c86fc5c" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent", + "cmt_id": "e4d8daa3b0d195c8aead116dd70aad8124be60c3" + }, + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings", + "cmt_id": "f7ce1014bc5e4bb42d6b9f5afb308f59534067ea" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops", + "cmt_id": "bb0ea8af0b69259f5ea1d2fcff52948c98129c5e" + }, + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window", + "cmt_id": "811f5600db1a0a9c4f1abad5017e09f43d7088f3" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path", + "cmt_id": "c64988b55a19fc5c85f85c433976d6e5210f54dc" + }, + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()", + "cmt_id": "55c51263ff43e3bf5deb1425f4221696f94db1be" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()", + "cmt_id": "a1141b19b23a0605d46f3fab63fd2d76207096c4" + }, + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments", + "cmt_id": "1d4ab03084d4bace93b1573c57a309e954d05c09" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()", + "cmt_id": "61cabe967321767052498032178d56a1ea03a7bc" + }, + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "53d48f98b800059504da76d12bf0074581aa0fe2" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking", + "cmt_id": "c3f18d2a809b563ef078130ab3758899625e4cfb" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent", + "cmt_id": "60e7579f4b71e2e8b252d2f1b3ef5ffb3b971a4e" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options", + "cmt_id": "3bff722de601acaf593a1ade13fbbee54b688e9b" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "53d48f98b800059504da76d12bf0074581aa0fe2" + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe", + "cmt_id": "d2d603cf8fd51f0da5e4bc809d17824faa7630f7" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback", + "cmt_id": "13af702256f8b7d9bb51b86c982fe08e96c589c8" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler", + "cmt_id": "f7287278eea268132ab71b30a0425ccf3a13a323" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open", + "cmt_id": "e766215595e90b7a307cc7c7054ff43e96340731" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings", + "cmt_id": "41bd08bfce7c33e0d383e7678e6d6c7e8e041524" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind.", + "cmt_id": "4474624a1a496e4dc93a2cd49ea915d9c90d80e9" + } + }, + "3.16.45": { + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode", + "cmt_id": "e3378be9d9cbe1f77ecfc03b4350991be58f3f82" + }, + "CVE-2014-9940": { + "cmt_msg": "regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing", + "cmt_id": "702f4dd27ccf3bae7915ef1f8790db3af435d211" + }, + "CVE-2017-7346": { + "cmt_msg": "drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()", + "cmt_id": "7943d19453aa1a1acf93bdb2812e0bef970ec23c" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "978b8aa1646d4e023edd121c7f1b8f938ccb813d" + }, + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "978b8aa1646d4e023edd121c7f1b8f938ccb813d" + }, + "CVE-2017-7518": { + "cmt_msg": "KVM: x86: fix singlestepping over syscall", + "cmt_id": "24ee2a286de7ac680ad4b2423c2dcee68444e567" + } + }, + "3.16.46": { + "CVE-2017-6951": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "89a5900ac15faa45244b42423ff4febd6d35520b" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring", + "cmt_id": "d2cc7a18d6342a7025afd16aac6753ad02d788e5" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl", + "cmt_id": "334e9205dd0c61ec83dfafac51b1947584179bf1" + }, + "CVE-2017-9605": { + "cmt_msg": "drm/vmwgfx: Make sure backup_handle is always valid", + "cmt_id": "26823129d84c6ca3e12b17af7a8e78c579b3bca5" + }, + "CVE-2017-2647": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "89a5900ac15faa45244b42423ff4febd6d35520b" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads", + "cmt_id": "3cbd86d25eeb61e57cb3367fe302c271b0c70fb2" + }, + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers", + "cmt_id": "d7575b387f81c1a92e32c25dcb6a0e14458ae66c" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()", + "cmt_id": "0a56616d2ca35da4397c48b95e71e35a26e67be5" + } + }, + "3.16.47": { + "CVE-2017-1000112": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "08676246d893e3a42a541a2ef1291f2ea62c5b06" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring", + "cmt_id": "ec26c86f4d9fe22ceb9b997aa9134f684b756282" + }, + "CVE-2017-7533": { + "cmt_msg": "dentry name snapshots", + "cmt_id": "2cbc76ab0654c9759e390899584c5f788e21dc5a" + }, + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()", + "cmt_id": "b6ec053486fa50c169eb377e53c72b2a481fbd00" + }, + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper", + "cmt_id": "e7467c79d7dfa504587f9bc95bf180d92715c07d" + }, + "CVE-2017-1000": { + "cmt_msg": "udp: consistently apply ufo or fragmentation", + "cmt_id": "08676246d893e3a42a541a2ef1291f2ea62c5b06" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt", + "cmt_id": "276cb60b67f5c99bf278b5371c6643e4af63f75d" + } + }, + "3.16.48": { + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value", + "cmt_id": "60166dc935e2af97cae9432c0247856e2deb0b3f" + }, + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0", + "cmt_id": "32cb2d4a59d0512aa825e7f0352f66063482cc07" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks", + "cmt_id": "b5a16892623afec2d3212b963dd688b258002b4b" + }, + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length", + "cmt_id": "400773b3c6b7faffafc6adedecdd4882fc677d64" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios", + "cmt_id": "5626cf5977b54cda89f620070dc85c96f01ef359" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging", + "cmt_id": "f664b0113d2bb8d4bcdf5d03b72eb4c433ded452" + }, + "CVE-2017-18221": { + "cmt_msg": "mlock: fix mlock count can not decrease in race condition", + "cmt_id": "d30435bdee3ce282537814d96138a22879522c2f" + }, + "CVE-2017-7541": { + "cmt_msg": "brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()", + "cmt_id": "c63048a29cf222bcd75823b4ca898e2aa6311f8f" + } + }, + "3.16.49": { + "CVE-2017-11089": { + "cmt_msg": "cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE", + "cmt_id": "2a5d2a519162f5c52121c1053439535f2de705af" + }, + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace", + "cmt_id": "093d5ecdeb49c6ad4ea4c1fb39c481e9bcfc1871" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence", + "cmt_id": "ed2305f2eba403d41dc4213746f60d47273980f6" + }, + "CVE-2017-8831": { + "cmt_msg": "saa7164: fix double fetch PCIe access condition", + "cmt_id": "f6c711a2f630b15479466f5b25b25850b04a7106" + }, + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present", + "cmt_id": "1e48f7b93c3a8f1d7bb136ab7fa61e763893a6fd" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8", + "cmt_id": "423a7a81efb8da25dbbcfe7a33bd8bfdce34150b" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length", + "cmt_id": "8a7b081660857a80c3efc463b3da790c4fa0c801" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly", + "cmt_id": "a1b438ad8590add8f6b0b679171bf5e0d45e2da1" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time", + "cmt_id": "b8e534a556b1a6a6eca8fcdca79725f0dea21555" + } + }, + "3.16.50": { + "CVE-2017-0786": { + "cmt_msg": "brcmfmac: add length check in brcmf_cfg80211_escan_handler()", + "cmt_id": "7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting", + "cmt_id": "6a6488e8d231fa1fca2408e59e819f64fecb45f3" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything", + "cmt_id": "a0a8a11d1630cd648dc1ce86da620b4e240e0315" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held", + "cmt_id": "70abad3796f52ed593d5d31bf9f0b5410a522548" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration", + "cmt_id": "cc81fff9d62e32a27b1f16dab1a6172935792ab7" + }, + "CVE-2017-16530": { + "cmt_msg": "USB: uas: fix bug in handling of alternate settings", + "cmt_id": "c0003557dbdec4ec1976ea7be9534abef758297b" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug", + "cmt_id": "8d675aa967d3927ac100f7af48f2a2af8a041d2d" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference", + "cmt_id": "824f2a5ccdd9ddfb53418c13f493aa46ae0c2c00" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables", + "cmt_id": "52b12e5aeae7f71567348776d4f7f12b83788d15" + }, + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()", + "cmt_id": "6514189e83d470af2f35735038c1b096410ab98d" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port", + "cmt_id": "853c65fe1db498563bdeea5b7e733441db34d330" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key", + "cmt_id": "24832178de3ab7b6fb42f2730d8d675e3d30adb2" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy", + "cmt_id": "7bd0cdad74409e093556f200b788f45cdb2064ee" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor", + "cmt_id": "9992800cfd0b367369407d62a4c228c454c5d0e3" + }, + "CVE-2017-12193": { + "cmt_msg": "assoc_array: Fix a buggy node-splitting case", + "cmt_id": "c42ab77ec3454fc0d9710bd6734e241e4202d8b3" + }, + "CVE-2017-12192": { + "cmt_msg": "KEYS: prevent KEYCTL_READ on negative key", + "cmt_id": "3eab231a5b5382067ab3ead172780144f9c0f721" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov", + "cmt_id": "3c885aa3b459aabc5fa04251a5fdd88e29b1de70" + } + }, + "3.16.51": { + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe", + "cmt_id": "7f3ca02c7ed55f7d524fb5c06e2de36ab65f5e20" + }, + "CVE-2017-16536": { + "cmt_msg": "cx231xx-cards: fix NULL-deref on missing association descriptor", + "cmt_id": "99a3c1bb0ed332c64cfcd53a84fea2468ab9e11e" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()", + "cmt_id": "0b3ca265e81f5e1d9f7f66ad416cbabecca914cf" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls", + "cmt_id": "a5f9c8992ea254dc7a80d24257083a666dd600f2" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup", + "cmt_id": "96b62489bc4200803cb77a0ca69aa3d179c7e9f5" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access", + "cmt_id": "9d399eba105c6e311db9ec78ce62579ffc403c0d" + }, + "CVE-2017-16650": { + "cmt_msg": "net: qmi_wwan: fix divide by 0 on bad descriptors", + "cmt_id": "4a14bd934b40b1a9f7fe3e0546f9873bb55e5b61" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code", + "cmt_id": "71ee8480093a46d245f61e2c2c5cfb0d5a6bc61d" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors", + "cmt_id": "fac4f4657e16d3457963d4c8ee6a356103155141" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one", + "cmt_id": "7adde0289baa8d51c2bd072d80cb82a278d24363" + } + }, + "3.16.52": { + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value", + "cmt_id": "8a088612bc35033159077fa7bee6f3761d712725" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "9d62d5d2f4130bd7c6986cfde8becb4fa0cf4f7f" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading", + "cmt_id": "84f9cf6ecccd86254bc6e2cfac0050543269852a" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio", + "cmt_id": "7cc7f67418296f829a284b6e2d4c62d937f15faa" + }, + "CVE-2018-7191": { + "cmt_msg": "tun: call dev_get_valid_name() before register_netdevice()", + "cmt_id": "ff31768dd6814abefb7724fa6dc0976b33edce0e" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "9d62d5d2f4130bd7c6986cfde8becb4fa0cf4f7f" + }, + "CVE-2017-15868": { + "cmt_msg": "Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket", + "cmt_id": "77369e6ee42b28a529932f5f7a5522de73310d21" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code", + "cmt_id": "37e923d49eb8219cab4e49237d026755276484a0" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts", + "cmt_id": "02b1dd5472cee5286ab1a9eb916c036ab2f86b78" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow", + "cmt_id": "072bee30c5d314af02c211112697ab0931ab5039" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed", + "cmt_id": "150fbc1221d1352db7dc830074586e0ee28e2a15" + }, + "CVE-2017-16645": { + "cmt_msg": "Input: ims-psu - check if CDC union descriptor is sane", + "cmt_id": "eb791765b62b2a615fb692c3394d86f370d72681" + }, + "CVE-2015-8709": { + "cmt_msg": "mm: Add a user_ns owner to mm_struct and fix ptrace permission checks", + "cmt_id": "d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12" + }, + "CVE-2017-17448": { + "cmt_msg": "netfilter: nfnetlink_cthelper: Add missing permission checks", + "cmt_id": "fad6474d43e985338e4c2b3bb1a7668cca1f041a" + }, + "CVE-2017-17449": { + "cmt_msg": "netlink: Add netns check on taps", + "cmt_id": "df524750e2d1ead01cceed5ffc0b62166c7630dd" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash", + "cmt_id": "a7d7387cc169e912055faca1b0f123e5bce78f53" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination", + "cmt_id": "d3dc1ffed4044437339a22acebebaf1c5bc141ee" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage", + "cmt_id": "9517d9d0c1d62515d33c0405b5a86e88647012a2" + }, + "CVE-2017-17450": { + "cmt_msg": "netfilter: xt_osf: Add missing permission checks", + "cmt_id": "06b6060a61b14a747b0f29890fcb20ece18a0944" + } + }, + "3.16.54": { + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()", + "cmt_id": "e9546d2629dd45650d9b9035198d7e8ce907e7de" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU", + "cmt_id": "9bcc0508576b2d50efd958f2ea1c5906749c2c89" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free", + "cmt_id": "02cbce8576a31df8fca54aaec91ee081076bd79d" + }, + "CVE-2017-1000410": { + "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element.", + "cmt_id": "bf101edbb0ad37a6cd970cb98a9f1ae950b719f1" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input", + "cmt_id": "61aa1e63c06961e77b6f63823e05af637c1e3acd" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number", + "cmt_id": "65060ba29cc54b3d5f76ceacf3c820f2087c35e6" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address", + "cmt_id": "789998181fc4fe5d48d1b95d796e8b62df17c1d9" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op", + "cmt_id": "c8b61a6ecfb90c7fb4f824df2448b923954de170" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer", + "cmt_id": "49afc374a23c093faabd155e332c927bf0e69af0" + }, + "CVE-2017-13216": { + "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl", + "cmt_id": "63aa20e4f4760249339c7771bd7e4a01d82a95ad" + }, + "CVE-2017-18017": { + "cmt_msg": "netfilter: xt_TCPMSS: add more sanity tests on tcph->doff", + "cmt_id": "d2e769238e6079e1e16c856cc352b0061a111f1d" + }, + "CVE-2018-5332": { + "cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()", + "cmt_id": "a64a21f6de4faf41b74800275be0552f55e83699" + } + }, + "3.16.55": { + "CVE-2017-18595": { + "cmt_msg": "tracing: Fix possible double free on failure of allocating trace buffer", + "cmt_id": "dd520da215e1f8558206ddade1f55b239730bd4f" + }, + "CVE-2017-0861": { + "cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info", + "cmt_id": "da7bce9e41266e17c98a997c154cb126a7ed8e98" + }, + "CVE-2019-9454": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "4a6efb0107eb5cb91dc19efc0a518ee12793190e" + }, + "CVE-2018-6927": { + "cmt_msg": "futex: Prevent overflow by strengthen input validation", + "cmt_id": "762c02e688cd2e326dec50e030ad559a3c943192" + }, + "CVE-2018-7492": { + "cmt_msg": "rds: Fix NULL pointer dereference in __rds_rdma_map", + "cmt_id": "39961200584fe03d2915886ac49e7ec7a8b5a4ae" + }, + "CVE-2017-18551": { + "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA", + "cmt_id": "4a6efb0107eb5cb91dc19efc0a518ee12793190e" + }, + "CVE-2018-18386": { + "cmt_msg": "n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)", + "cmt_id": "7ed9e0c29f0dfae1f249d3d36142a6474ea77895" + }, + "CVE-2018-5750": { + "cmt_msg": "ACPI: sbshc: remove raw pointer from printk() message", + "cmt_id": "0c2575631cae6894ed82e4883ecb6d097157a063" + }, + "CVE-2018-1000028": { + "cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled", + "cmt_id": "76a90eeac5d1935405d646f9c3cbf76be87936e5" + }, + "CVE-2017-18344": { + "cmt_msg": "posix-timer: Properly check sigevent->sigev_notify", + "cmt_id": "115659c998ba0adf97d6c3e9706f618000fa90e2" + }, + "CVE-2015-9016": { + "cmt_msg": "blk-mq: fix race between timeout and freeing request", + "cmt_id": "7acba7c0621efdfb09bb514500ba22f965aba68b" + } + }, + "3.16.57": { + "CVE-2018-20510": { + "cmt_msg": "binder: replace \"%p\" with \"%pK\"", + "cmt_id": "c2c37cd0a0f45dd883fc03b38b04a7f0a269a1ca" + }, + "CVE-2017-18216": { + "cmt_msg": "ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent", + "cmt_id": "d9b4d618a22bf30a1c82dffc5c7cb3b1abda48dc" + }, + "CVE-2018-9518": { + "cmt_msg": "NFC: llcp: Limit size of SDP URI", + "cmt_id": "3b3a343e2442a4fb2730967df4e2a29f0fa66c84" + }, + "CVE-2018-8897": { + "cmt_msg": "x86/entry/64: Don't use IST entry for #BP stack", + "cmt_id": "45dc1e88fb5a728c1f2186edafccf6581c9c99b8" + }, + "CVE-2018-1087": { + "cmt_msg": "kvm/x86: fix icebp instruction handling", + "cmt_id": "e6c4cf2c7cbd5fd81f9a323c30ee0e3e1d2cae4b" + }, + "CVE-2018-7757": { + "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()", + "cmt_id": "c1184c59b37ed607a1193fc4fde0ffda56844bd6" + }, + "CVE-2017-5754": { + "cmt_msg": "x86/cpufeatures: Add Intel feature bits for Speculation Control", + "cmt_id": "13056af0ca8213eb800ada9b2b73eb602bb943e0" + }, + "CVE-2018-1068": { + "cmt_msg": "netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets", + "cmt_id": "71a00fe67dde7d2ed206a0db2a67f29fad90cc72" + }, + "CVE-2018-7995": { + "cmt_msg": "x86/MCE: Serialize sysfs changes", + "cmt_id": "290e29104bf6863d75a8049e501e47815665d39d" + }, + "CVE-2017-16538": { + "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start", + "cmt_id": "c8f3c2e5c507a41f303bbd6e1beeeb830c327881" + }, + "CVE-2018-10940": { + "cmt_msg": "cdrom: information leak in cdrom_ioctl_media_changed()", + "cmt_id": "319975e893eebe88c6695c6876ab75d316aa518b" + }, + "CVE-2018-8781": { + "cmt_msg": "drm: udl: Properly check framebuffer mmap offsets", + "cmt_id": "c2f377300d828234a16a6dc35402bc313bb15bed" + }, + "CVE-2018-8822": { + "cmt_msg": "staging: ncpfs: memory corruption in ncp_read_kernel()", + "cmt_id": "13a0dfcedbaa682bbb720685778185aead8ce996" + }, + "CVE-2018-1000199": { + "cmt_msg": "perf/hwbp: Simplify the perf-hwbp code, fix documentation", + "cmt_id": "6aa1edde1030eb98f6c810709ce4c9d257ecbe5c" + }, + "CVE-2018-1130": { + "cmt_msg": "dccp: check sk for closed state in dccp_sendmsg()", + "cmt_id": "e86c8c8cdf47ce06f29a080f9ab9ee8eee71b374" + }, + "CVE-2017-18208": { + "cmt_msg": "mm/madvise.c: fix madvise() infinite loop under special circumstances", + "cmt_id": "302212255813b55c0daeb8f15bcf25ff542e36cf" + }, + "CVE-2017-18241": { + "cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control", + "cmt_id": "1f0db424c8770c7b31296d5c66a52fffdec1d24c" + }, + "CVE-2018-1092": { + "cmt_msg": "ext4: fail ext4_iget for root directory if unallocated", + "cmt_id": "43ef70b328eddc46938878a270895a9ff7b51059" + }, + "CVE-2018-1093": { + "cmt_msg": "ext4: add validity checks for bitmap block numbers", + "cmt_id": "91a9c8e8ac7da66d7159fd758464808d2a1c979a" + }, + "CVE-2018-7566": { + "cmt_msg": "ALSA: seq: Fix racy pool initializations", + "cmt_id": "1786e202fe5a52fe6d4026b9e40c6a824efce148" + }, + "CVE-2018-6412": { + "cmt_msg": "fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().", + "cmt_id": "b57ed0f08e1ef7bb138f92f71f143e03a5d52136" + }, + "CVE-2019-9456": { + "cmt_msg": "usb: usbmon: Read text within supplied buffer size", + "cmt_id": "cdbb101ef935de73f430019996045d45a653d1a5" + }, + "CVE-2018-5803": { + "cmt_msg": "sctp: verify size of a new chunk in _sctp_make_chunk()", + "cmt_id": "ca566c761ec34bb6bce3a65d1a3688818f29b64f" + }, + "CVE-2017-13220": { + "cmt_msg": "Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()", + "cmt_id": "3738d7b1da4d6f306ca6d5a6a96dd70c36f53f94" + } + }, + "3.16.58": { + "CVE-2018-17182": { + "cmt_msg": "mm: get rid of vmacache_flush_all() entirely", + "cmt_id": "536c4d174c0402c5fbf6f7a995f7c9539d124410" + }, + "CVE-2018-13405": { + "cmt_msg": "Fix up non-directory creation in SGID directories", + "cmt_id": "0b3369840cd61c23e2b9241093737b4c395cb406" + }, + "CVE-2018-13406": { + "cmt_msg": "video: uvesafb: Fix integer overflow in allocation", + "cmt_id": "ab6d43c1c7c298cacaae180b2232fe8abc18075f" + }, + "CVE-2018-14734": { + "cmt_msg": "infiniband: fix a possible use-after-free bug", + "cmt_id": "c62b25af5f51f49e9f93f828cc38a82c23e8a0c5" + }, + "CVE-2018-14617": { + "cmt_msg": "hfsplus: fix NULL dereference in hfsplus_lookup()", + "cmt_id": "5c8e78e811123b61c8a194a28b48df984b540ec7" + }, + "CVE-2018-16276": { + "cmt_msg": "USB: yurex: fix out-of-bounds uaccess in read handler", + "cmt_id": "189254a6aa0cc823b55e624ba77ad3bd0637bbd9" + }, + "CVE-2018-9568": { + "cmt_msg": "net: Set sk_prot_creator when cloning sockets to the right proto", + "cmt_id": "51556151d0c82515934a0feb7c61f3bcad0e73d8" + }, + "CVE-2018-10877": { + "cmt_msg": "ext4: verify the depth of extent tree in ext4_find_extent()", + "cmt_id": "09999807edd836f8d96ca5a5b8bf007856c5f268" + }, + "CVE-2018-10876": { + "cmt_msg": "ext4: only look at the bg_flags field if it is valid", + "cmt_id": "9c2e1d0691bfc68ebc914043497330bd530c6ed6" + }, + "CVE-2018-5814": { + "cmt_msg": "usbip: usbip_host: fix NULL-ptr deref and use-after-free errors", + "cmt_id": "896b00bd9c66cc72ae6800ff6dba65a9e83ea5fd" + }, + "CVE-2018-10879": { + "cmt_msg": "ext4: make sure bitmaps and the inode table don't overlap with bg descriptors", + "cmt_id": "96e340bf132e16be02fdbd6d03c4946f824c085d" + }, + "CVE-2018-10878": { + "cmt_msg": "ext4: always check block group bounds in ext4_init_block_bitmap()", + "cmt_id": "e6eacb6555474a49b1aa29f4e98b38348d3c45fd" + }, + "CVE-2018-10902": { + "cmt_msg": "ALSA: rawmidi: Change resized buffers atomically", + "cmt_id": "c95e0783eab0d1f31c7f8baa6e4ff8b0b8e7eb72" + }, + "CVE-2018-13093": { + "cmt_msg": "xfs: validate cached inodes are free when allocated", + "cmt_id": "7744e6b42712dd27e2457e1eb03b1c73920364c2" + }, + "CVE-2018-16658": { + "cmt_msg": "cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status", + "cmt_id": "585e054220cd820aeac2436c29ff9c06e483dc83" + }, + "CVE-2018-15572": { + "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB", + "cmt_id": "ba4a6140b84f5a86be14c2511431004bc4b9be69" + }, + "CVE-2018-13094": { + "cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp", + "cmt_id": "991ec538e6683859b065467b8406c7e57526e212" + }, + "CVE-2018-9363": { + "cmt_msg": "Bluetooth: hidp: buffer overflow in hidp_process_report", + "cmt_id": "556fa3e5feba266ebfb14df4509ef0a69b0b1f24" + }, + "CVE-2018-10021": { + "cmt_msg": "scsi: libsas: defer ata device eh commands to libata", + "cmt_id": "0643adfa36b54ea5948e48383d8549ac5c2fb69e" + }, + "CVE-2018-10323": { + "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree", + "cmt_id": "00fe22e3f801fd5225aeecc6bf79630ec201f8e4" + }, + "CVE-2018-14609": { + "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized", + "cmt_id": "7cd49306b9e47333e097ea586feef596ba708771" + }, + "CVE-2018-1000204": { + "cmt_msg": "scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()", + "cmt_id": "582802e7c617cfb07cc15f280c128e6decbc57b8" + }, + "CVE-2018-12233": { + "cmt_msg": "jfs: Fix inconsistency between memory allocation and ea_buf->max_size", + "cmt_id": "63bd05e42208647417f421504ea70db00f046d21" + }, + "CVE-2018-9422": { + "cmt_msg": "futex: Remove requirement for lock_page() in get_futex_key()", + "cmt_id": "862b19bc43313fadad14334760d447f715003500" + }, + "CVE-2018-10880": { + "cmt_msg": "ext4: never move the system.data xattr out of the inode body", + "cmt_id": "42a6cd12f1f0728e7c09a0c1dde8f6d9e8a5fbd6" + }, + "CVE-2018-10881": { + "cmt_msg": "ext4: clear i_data in ext4_inode_info when removing inline data", + "cmt_id": "e2e3ff3ad042fba28c0b49e9534f3b281b105c48" + }, + "CVE-2018-10882": { + "cmt_msg": "ext4: add more inode number paranoia checks", + "cmt_id": "f8d710be66f6f85084331734d7795a7fc80d99de" + }, + "CVE-2018-10883": { + "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits", + "cmt_id": "005c9f88b625b204e5f80d0241cbf38963f263bf" + } + }, + "3.16.59": { + "CVE-2019-9457": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "3c270e64a394ea5e52be9e371f5676fa974f6deb" + }, + "CVE-2018-14634": { + "cmt_msg": "exec: Limit arg stack to at most 75% of _STK_LIM", + "cmt_id": "3c270e64a394ea5e52be9e371f5676fa974f6deb" + }, + "CVE-2018-14633": { + "cmt_msg": "scsi: target: iscsi: Use hex2bin instead of a re-implementation", + "cmt_id": "aba97ce870f92835fa3385861f850e3e992dc42a" + }, + "CVE-2018-3639": { + "cmt_msg": "x86/nospec: Simplify alternative_msr_write()", + "cmt_id": "4172af7e06994104deeb53e344f53cf4173ce144" + }, + "CVE-2018-6554": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "af8f681e48239817afb290f4e8ee3ca094f513e6" + }, + "CVE-2018-6555": { + "cmt_msg": "staging: irda: remove the irda network stack and drivers", + "cmt_id": "46b57f819163e3a84ff00b31485ee0638dbf1fdc" + }, + "CVE-2018-9516": { + "cmt_msg": "HID: debug: check length before copy_to_user()", + "cmt_id": "e44ab03f41ba55e181f4ed64e546feac8f8e69dc" + }, + "CVE-2018-7755": { + "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl", + "cmt_id": "3141e0750231be243bd4cd0fa6eebeb6a1578537" + } + }, + "3.16.60": { + "CVE-2019-12881": { + "cmt_msg": "drm/i915/userptr: reject zero user_size", + "cmt_id": "fd55b13e6434a47a82080e1b34b1b29cca8fe98e" + }, + "CVE-2019-18675": { + "cmt_msg": "mmap: introduce sane default mmap limits", + "cmt_id": "72d8a061cbfbee3a357d38ef80688df9e878de43" + } + }, + "3.16.61": { + "CVE-2017-13168": { + "cmt_msg": "scsi: sg: mitigate read/write abuse", + "cmt_id": "3f084a4d285d695b2008533f1b28a5538748e174" + }, + "CVE-2019-9458": { + "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed", + "cmt_id": "a37099499a019538386ef53ca1485cafa6095e0b" + } + }, + "3.16.62": { + "CVE-2018-5848": { + "cmt_msg": "wil6210: missing length check in wmi_set_ie", + "cmt_id": "921c1539170bf690cad59b3dbebf7d46843d28e2" + }, + "CVE-2018-17972": { + "cmt_msg": "proc: restrict kernel stack dumps to root", + "cmt_id": "6e8e3ad9d57f70fc58e2ecbafbfd1b3f37973cfc" + }, + "CVE-2018-18690": { + "cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE", + "cmt_id": "789a4317666e599e487ec1983643de1b519c431e" + }, + "CVE-2018-12896": { + "cmt_msg": "posix-timers: Sanitize overrun handling", + "cmt_id": "f795b11fdc99a3d4d7d6b9d48c5e44e17c287a27" + }, + "CVE-2018-3693": { + "cmt_msg": "ext4: fix spectre gadget in ext4_mb_regular_allocator()", + "cmt_id": "e94d8cd6012da14cf18296d6342c16b295c12cbe" + }, + "CVE-2017-13305": { + "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()", + "cmt_id": "bfe535bf4ab73e41922c7a58d6a858a2c435ff29" + }, + "CVE-2018-13053": { + "cmt_msg": "alarmtimer: Prevent overflow for relative nanosleep", + "cmt_id": "b396dc52e302a0610abfd6467e20fb58352cdb69" + }, + "CVE-2018-16862": { + "cmt_msg": "mm: cleancache: fix corruption on missed inode invalidation", + "cmt_id": "56a7ebd4a3adc001b18a8feeb5cdf0b9fb2684fa" + }, + "CVE-2018-18021": { + "cmt_msg": "arm64: KVM: Tighten guest core register access from userspace", + "cmt_id": "2fdce53c4a81397774363dfda8be635b8a4468db" + }, + "CVE-2018-18710": { + "cmt_msg": "cdrom: fix improper type cast, which can leat to information leak.", + "cmt_id": "4d0f2564603d1ef8cce8a083751442342e9c9474" + }, + "CVE-2018-18281": { + "cmt_msg": "mremap: properly flush TLB before releasing the page", + "cmt_id": "2567a342d707b1245e837f16cb7555b360e2c580" + } + }, + "3.16.63": { + "CVE-2018-19824": { + "cmt_msg": "ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c", + "cmt_id": "1c38b9d9e74a24a8ed9089429031f6d7721b6df0" + }, + "CVE-2018-20169": { + "cmt_msg": "USB: check usb_get_extra_descriptor for proper size", + "cmt_id": "f8860a91d7538022c1c3f0bdddeec9a9d83e0c09" + } + }, + "3.16.64": { + "CVE-2018-20511": { + "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT", + "cmt_id": "0c4d7b52773b227211d311858f3c3b56f7c44874" + }, + "CVE-2018-5953": { + "cmt_msg": "printk: hash addresses printed with %p", + "cmt_id": "9ebdc41f7115c2fb37da946dd50e531d00533ca1" + }, + "CVE-2016-10741": { + "cmt_msg": "xfs: don't BUG() on mixed direct and mapped I/O", + "cmt_id": "96cbb7e99d66cef46c62dc691664d38d5ae2cd8d" + }, + "CVE-2018-19985": { + "cmt_msg": "USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data", + "cmt_id": "2d955f32f4ab31294447a01cf401cec2cef9013e" + }, + "CVE-2019-6974": { + "cmt_msg": "kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)", + "cmt_id": "2aa9f75791601aab7bd02b8783aa9a8f5105f68f" + }, + "CVE-2019-3701": { + "cmt_msg": "can: gw: ensure DLC boundaries after CAN frame modification", + "cmt_id": "1c7dcfd106f42f09e3b7520c26e6eee70a939928" + }, + "CVE-2018-16884": { + "cmt_msg": "sunrpc: use-after-free in svc_process_common()", + "cmt_id": "801f9d2fb42e450a67f83c18fd5d8450ad29224f" + }, + "CVE-2019-7222": { + "cmt_msg": "KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)", + "cmt_id": "234a2dee1b06502face184e241e03582d7946f80" + }, + "CVE-2017-9725": { + "cmt_msg": "mm: cma: fix incorrect type conversion for size during dma allocation", + "cmt_id": "cc12c0099168b416f6c3eff1cd560a771f4b7c3f" + }, + "CVE-2019-7221": { + "cmt_msg": "KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)", + "cmt_id": "69c7b3bb99c621f44fb46c20ccef737e86e1c5c8" + } + }, + "3.16.65": { + "CVE-2018-1066": { + "cmt_msg": "CIFS: Enable encryption during session setup phase", + "cmt_id": "cbf513cb2080cc507f4b1f2d1a95141e64c87db3" + } + }, + "3.16.66": { + "CVE-2019-11599": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "a301e6a651037c11d2d9932a35fb56a04eedba8c" + }, + "CVE-2019-3892": { + "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", + "cmt_id": "a301e6a651037c11d2d9932a35fb56a04eedba8c" + }, + "CVE-2019-11486": { + "cmt_msg": "tty: mark Siemens R3964 line discipline as BROKEN", + "cmt_id": "e0d2ad5eaec135bb79a7045b1c0718557bac4c4d" + }, + "CVE-2019-3901": { + "cmt_msg": "perf/core: Fix perf_event_open() vs. execve() race", + "cmt_id": "92cb82fec63d558f7eecc97afbbbdf3fe5ef95b5" + }, + "CVE-2019-2024": { + "cmt_msg": "media: em28xx: Fix use-after-free when disconnecting", + "cmt_id": "abbb5cf0c8e9995defed43a6c98296f357098b5b" + }, + "CVE-2019-9466": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "52b1af5e74cc3f4d513eacf49f71d9855a9ccbec" + }, + "CVE-2019-3882": { + "cmt_msg": "vfio/type1: Limit DMA mappings per container", + "cmt_id": "d3334471c34797ab1729cbadddd411118d51c584" + }, + "CVE-2019-3460": { + "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt", + "cmt_id": "c5c6a5c7eb7e3d7859e7ec78a2872360e4bab6aa" + }, + "CVE-2019-15927": { + "cmt_msg": "ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()", + "cmt_id": "cacb39e5e4b7de790939b174165503bbe8c82208" + }, + "CVE-2019-11190": { + "cmt_msg": "binfmt_elf: switch to new creds when switching to new mm", + "cmt_id": "1e06334afa7199cc86c6c4830b71a7c1ea8e7901" + }, + "CVE-2019-12819": { + "cmt_msg": "mdio_bus: Fix use-after-free on device_register fails", + "cmt_id": "8a5e2f4be5d08d16964ce2adb8da6fc42052c6f1" + }, + "CVE-2019-9503": { + "cmt_msg": "brcmfmac: add subtype check for event handling in data path", + "cmt_id": "52b1af5e74cc3f4d513eacf49f71d9855a9ccbec" + }, + "CVE-2019-3459": { + "cmt_msg": "Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer", + "cmt_id": "78c2887130f1a7d1883195732be1b6cdab667487" + }, + "CVE-2019-12818": { + "cmt_msg": "net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails", + "cmt_id": "2c716db6f80cef6159972be0dab86892c39de277" + }, + "CVE-2019-9213": { + "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()", + "cmt_id": "c90030281dc8b6a25ac8850e98e15877f80b8d66" + }, + "CVE-2020-10769": { + "cmt_msg": "crypto: authenc - fix parsing key with misaligned rta_len", + "cmt_id": "ccd67cd15b3e3b2f3d1b03fd4336ea7ab5d35211" + } + }, + "3.16.67": { + "CVE-2018-5995": { + "cmt_msg": "printk: hash addresses printed with %p", + "cmt_id": "14c2d9209a135872def8508e3f19c74f0f3fee52" + }, + "CVE-2019-6133": { + "cmt_msg": "fork: record start_time late", + "cmt_id": "971081984266d7934b2f0253215e3f31f9337915" + }, + "CVE-2019-10639": { + "cmt_msg": "netns: provide pure entropy for net_hash_mix()", + "cmt_id": "8b197d3ce585d6777197e0633d71e5af7d98cb35" + } + }, + "3.16.69": { + "CVE-2019-11477": { + "cmt_msg": "tcp: limit payload size of sacked skbs", + "cmt_id": "ef27e3c531782ec8213108e11e5515f9724303c7" + }, + "CVE-2019-11884": { + "cmt_msg": "Bluetooth: hidp: fix buffer overflow", + "cmt_id": "acaf43aa7ede1e500532f1f5d910e207f89d5e1f" + }, + "CVE-2019-11479": { + "cmt_msg": "tcp: add tcp_min_snd_mss sysctl", + "cmt_id": "6b7e7997ad3505db7de85ff12276fc84659481d3" + }, + "CVE-2019-11478": { + "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits", + "cmt_id": "dc97a907bc76b71c08e7e99a5b1b30ef4d5e4a85" + }, + "CVE-2019-11833": { + "cmt_msg": "ext4: zero out the unused memory region in the extent tree block", + "cmt_id": "13c4be25bdcbe5045f9b17ad875c3253a4888e45" + }, + "CVE-2019-10142": { + "cmt_msg": "drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl", + "cmt_id": "bfa8c73482dae6bafc0741cbfd63f84d11311b36" + }, + "CVE-2019-11810": { + "cmt_msg": "scsi: megaraid_sas: return error when create DMA pool failed", + "cmt_id": "bd0908fbd84009cb5f01cf1a258a6f7fd78b6b3a" + } + }, + "3.16.70": { + "CVE-2019-10126": { + "cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()", + "cmt_id": "a62393d7eb63bd075c51154002825cc7ab4dd3eb" + }, + "CVE-2019-2101": { + "cmt_msg": "media: uvcvideo: Fix 'type' check leading to overflow", + "cmt_id": "1ea04ca97ab7f4d583949825dd7d55467aa2536f" + }, + "CVE-2019-3846": { + "cmt_msg": "mwifiex: Fix possible buffer overflows at parsing bss descriptor", + "cmt_id": "a24ac7326f38ffab2b63141496d075da144cec7d" + }, + "CVE-2019-15916": { + "cmt_msg": "net-sysfs: Fix mem leak in netdev_register_kobject", + "cmt_id": "3c169c57e6c00c36b16c59ccb0e5adbd784b157b" + }, + "CVE-2019-16413": { + "cmt_msg": "9p: use inode->i_lock to protect i_size_write() under 32-bit", + "cmt_id": "8463eed58e131d0cc4db4c9f84fb8454e09e48dd" + } + }, + "3.16.71": { + "CVE-2019-13272": { + "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME", + "cmt_id": "d5d5bd909a4f03f132ee3fd3f6f0568c8344eee5" + } + }, + "3.16.72": { + "CVE-2019-20811": { + "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success", + "cmt_id": "1b75034a1bb506abcabb2c2f9d7360020a7e2c42" + }, + "CVE-2019-17351": { + "cmt_msg": "xen: let alloc_xenballooned_pages() fail if not enough memory free", + "cmt_id": "2ed58e578b03269b23eb7119fb38478725ae6470" + }, + "CVE-2019-1125": { + "cmt_msg": "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations", + "cmt_id": "79969c78fd8622fa7e7f925acd483eb01714efa4" + }, + "CVE-2019-15666": { + "cmt_msg": "xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink", + "cmt_id": "056bd2ff271dd62e52efb09c96399a7ef9d68455" + }, + "CVE-2019-20096": { + "cmt_msg": "dccp: Fix memleak in __feat_register_sp", + "cmt_id": "6f5a5f7e229e3ec71d729f3fd4479a11a0a21fd8" + }, + "CVE-2018-20836": { + "cmt_msg": "scsi: libsas: fix a race condition when smp task timeout", + "cmt_id": "d5534b2998f7c7009e600d57f27f68ed45779da2" + }, + "CVE-2019-3900": { + "cmt_msg": "vhost_net: fix possible infinite loop", + "cmt_id": "f3a64b1071c414e59233b769110872a026f8d254" + }, + "CVE-2019-10207": { + "cmt_msg": "Bluetooth: hci_uart: check for missing tty operations", + "cmt_id": "ebb8302ce770e8c455d9209cb598f4cd03021e42" + }, + "CVE-2019-13631": { + "cmt_msg": "Input: gtco - bounds check collection indent level", + "cmt_id": "754d0ca82fed0ad682e875bea824c348d597ca28" + }, + "CVE-2019-15214": { + "cmt_msg": "ALSA: core: Fix card races between register and disconnect", + "cmt_id": "dbcb50792a5175b222c181bafa51f470550ba827" + }, + "CVE-2019-20054": { + "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links", + "cmt_id": "79c7d53c4e3df6bc0c41b62adb0aefe10d28a888" + }, + "CVE-2019-15216": { + "cmt_msg": "USB: yurex: Fix protection fault after device removal", + "cmt_id": "5133454a1f3a7f22412ab083f7ff53f822d50f49" + }, + "CVE-2019-13648": { + "cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM", + "cmt_id": "929606ae749185c940a5476d3a0e8d8e7c9c1db6" + }, + "CVE-2017-18509": { + "cmt_msg": "ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt", + "cmt_id": "2b8d63b97d78835d3cd75b0ee344d21489df4edc" + }, + "CVE-2019-14284": { + "cmt_msg": "floppy: fix div-by-zero in setup_format_params", + "cmt_id": "a36b6459cbff32a0ef228241c99d6586ca7e944c" + }, + "CVE-2019-14283": { + "cmt_msg": "floppy: fix out-of-bounds read in copy_buffer", + "cmt_id": "05429983fa0fa3bfa1b8436beb63913d9d4aad1a" + }, + "CVE-2019-10638": { + "cmt_msg": "inet: switch IP ID generator to siphash", + "cmt_id": "9ebeec41ed3f52fd94267f25f8b9bf3f4cbf1e4e" + } + }, + "3.16.74": { + "CVE-2019-15219": { + "cmt_msg": "USB: sisusbvga: fix oops in error path of sisusb_probe", + "cmt_id": "135b5e3371cdba62761dee1cf6c0e20e48a41ac3" + }, + "CVE-2019-15218": { + "cmt_msg": "media: usb: siano: Fix general protection fault in smsusb", + "cmt_id": "b38d52375b92e1a1ddca9a79cf08bf8d536e8cbb" + }, + "CVE-2019-15212": { + "cmt_msg": "USB: rio500: refuse more than one device at a time", + "cmt_id": "365d2bc245d2b1b2628f80463bdf284544d69c36" + }, + "CVE-2019-15211": { + "cmt_msg": "media: radio-raremono: change devm_k*alloc to k*alloc", + "cmt_id": "cc1b36d4dd926df07d970cb78346a3bda082fe65" + }, + "CVE-2019-15215": { + "cmt_msg": "media: cpia2_usb: first wake up, then free in disconnect", + "cmt_id": "136f9120ecef4d43b5d87000542f16e87c93e2b1" + }, + "CVE-2019-15118": { + "cmt_msg": "ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term", + "cmt_id": "d6e2b6dd35b6f83fd0166745d8ca65f191a3a468" + }, + "CVE-2016-10906": { + "cmt_msg": "net: arc_emac: fix koops caused by sk_buff free", + "cmt_id": "fe2292f42aa20799497099a88771b4bbf6afdc4e" + }, + "CVE-2016-10905": { + "cmt_msg": "GFS2: don't set rgrp gl_object until it's inserted into rgrp tree", + "cmt_id": "b0699c8e33f2fdf5396da2d41cf2f7ffe9a140a9" + }, + "CVE-2019-0136": { + "cmt_msg": "mac80211: drop robust management frames from unknown TA", + "cmt_id": "62909f7d0b1360ddb147bae8f546228dd93588e1" + }, + "CVE-2018-20976": { + "cmt_msg": "xfs: clear sb->s_fs_info on mount failure", + "cmt_id": "bf3878994377a97143f5f6b6e60a18f9b76e0476" + }, + "CVE-2019-15117": { + "cmt_msg": "ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit", + "cmt_id": "b5807684982f4dd978a2a5496514ecc3132bce91" + }, + "CVE-2019-15292": { + "cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit", + "cmt_id": "8a8b481d1908d18213a55260498c5b0af6f12892" + }, + "CVE-2019-9506": { + "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check", + "cmt_id": "e683e0c25ce62690fb5445ac1156c68b785d186e" + }, + "CVE-2019-15917": { + "cmt_msg": "Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()", + "cmt_id": "a79897227b81d588130813e83084b836733cb146" + }, + "CVE-2019-14816": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "fb8186b15518423646f0e2105c34b3e620623b4e" + }, + "CVE-2019-14814": { + "cmt_msg": "mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings", + "cmt_id": "fb8186b15518423646f0e2105c34b3e620623b4e" + }, + "CVE-2019-14835": { + "cmt_msg": "vhost: make sure log_num < in_num", + "cmt_id": "8041c3ee83638f34d4c6b52f432601ad12ea4850" + }, + "CVE-2018-21008": { + "cmt_msg": "rsi: add fix for crash during assertions", + "cmt_id": "fd56118648c89adbd7a64bc8e3e26ac4871d1c1a" + }, + "CVE-2019-15220": { + "cmt_msg": "p54usb: Fix race between disconnect and firmware loading", + "cmt_id": "450e350ba7c383dc74b181e4eeb50526df68433e" + }, + "CVE-2019-15221": { + "cmt_msg": "ALSA: line6: Fix write on zero-sized buffer", + "cmt_id": "f1508f326a3b8f29beef9ca399bec516ecfd0b2a" + }, + "CVE-2019-15807": { + "cmt_msg": "scsi: libsas: delete sas port if expander discover failed", + "cmt_id": "03e6d05e78d421221bca0f7480c59e1c202c54e9" + }, + "CVE-2019-15926": { + "cmt_msg": "ath6kl: add some bounds checking", + "cmt_id": "65e2043814c7d6096521199ae8e18d5b40254a3e" + }, + "CVE-2019-14821": { + "cmt_msg": "KVM: coalesced_mmio: add bounds checking", + "cmt_id": "0bd118896b6a82a42845a6148d2f0f4a3694d178" + } + }, + "3.16.75": { + "CVE-2020-10720": { + "cmt_msg": "net-gro: fix use-after-free read in napi_gro_frags()", + "cmt_id": "f41184b4ba5bbf98b8eecae2a16fca34a669376f" + } + }, + "3.16.77": { + "CVE-2019-17666": { + "cmt_msg": "rtlwifi: Fix potential overflow on P2P code", + "cmt_id": "b78c8469ceff4288d1092e22bfb277d3bd0d7147" + }, + "CVE-2019-15217": { + "cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap", + "cmt_id": "4accfbf9527ed191513f4d2d738caf15ad4e8657" + }, + "CVE-2019-15098": { + "cmt_msg": "ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()", + "cmt_id": "3e8e6f9a952c9a7e0be92518906dcdb7c8d1ca29" + }, + "CVE-2019-15505": { + "cmt_msg": "media: technisat-usb2: break out of loop at end of buffer", + "cmt_id": "2389a6543a1c2b3bd1ab5dae04d23c3ed9c95752" + }, + "CVE-2019-11135": { + "cmt_msg": "x86/msr: Add the IA32_TSX_CTRL MSR", + "cmt_id": "6608a10cecfd899b4e8650aa9149ca5a6171fc43" + }, + "CVE-2019-17053": { + "cmt_msg": "ieee802154: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "b8a15d59a9b26a734f6d8d5f10376f336f7d021b" + }, + "CVE-2019-17052": { + "cmt_msg": "ax25: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "2c675dab816278a1724c1e93b384c2f05a11cb31" + }, + "CVE-2019-17133": { + "cmt_msg": "cfg80211: wext: avoid copying malformed SSIDs", + "cmt_id": "e70efb76ea2eb9f08dc627d93d35a8e5c065346d" + }, + "CVE-2019-17056": { + "cmt_msg": "nfc: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "bc3d2e9cfdc5c1b7e5ed34eb5279e47d462b4d5c" + }, + "CVE-2019-17055": { + "cmt_msg": "mISDN: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "f49bd6510620b9cd434b87bea639f07dfde56f09" + }, + "CVE-2019-17054": { + "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets", + "cmt_id": "2d4020439bd19f2a498a7fccd8755521a90b2886" + } + }, + "3.16.78": { + "CVE-2019-19536": { + "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices", + "cmt_id": "06d7546f7b115a266a9bb81887479f38e166964e" + }, + "CVE-2019-19537": { + "cmt_msg": "USB: core: Fix races in character device registration and deregistraion", + "cmt_id": "7e0af4e53ee2cf9b5e4ee761bd8dc4f25a9c885a" + }, + "CVE-2019-20934": { + "cmt_msg": "sched/fair: Don't free p->numa_faults with concurrent readers", + "cmt_id": "e65d89d6e78cf1463e755a33e013bde15b894cf5" + }, + "CVE-2019-19530": { + "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough", + "cmt_id": "3a8f54a68c9868ddae64603f2ddee082c1737075" + }, + "CVE-2019-19531": { + "cmt_msg": "usb: yurex: Fix use-after-free in yurex_delete", + "cmt_id": "8f6204f2adba5354b65bd0f37b8d930e49df6420" + } + }, + "3.16.79": { + "CVE-2019-19062": { + "cmt_msg": "crypto: user - fix memory leak in crypto_report", + "cmt_id": "52373b487ee420c43e1d9d01b4b8c11bb6e9bdbf" + }, + "CVE-2019-19056": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf", + "cmt_id": "f0eed3b1a34f1e7d8b2c06ad5ddf0ea60aea71ca" + }, + "CVE-2019-19057": { + "cmt_msg": "mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring", + "cmt_id": "914927c7bac4ecd2351bdee0cd5b2b1c11150342" + }, + "CVE-2019-19066": { + "cmt_msg": "scsi: bfa: release allocated memory in case of error", + "cmt_id": "0669f62b66de87c6628edc6b5e7e7b317a4b8876" + }, + "CVE-2019-19052": { + "cmt_msg": "can: gs_usb: gs_can_open(): prevent memory leak", + "cmt_id": "f26d980434a06f44b693a26a87aa5300fa4016fd" + }, + "CVE-2019-19227": { + "cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client", + "cmt_id": "1551894964c90588b285d3a4f7da516e0ee9025a" + }, + "CVE-2019-16746": { + "cmt_msg": "nl80211: validate beacon head", + "cmt_id": "9eec2aca63328997846b52e91e88dab94ccd1414" + }, + "CVE-2019-19534": { + "cmt_msg": "can: peak_usb: fix slab info leak", + "cmt_id": "f13615187cd8069c0f1c492e8f244a0c69d0663e" + }, + "CVE-2019-15291": { + "cmt_msg": "media: b2c2-flexcop-usb: add sanity checking", + "cmt_id": "470a2d36f614f40b7f032071cfa6662dfcc1eda4" + }, + "CVE-2019-19523": { + "cmt_msg": "USB: adutux: fix use-after-free on disconnect", + "cmt_id": "22cbb8fb12b3b5101260915162ad2b0b56a9284d" + }, + "CVE-2019-2215": { + "cmt_msg": "ANDROID: binder: remove waitqueue when thread exits.", + "cmt_id": "3a593dd8bd7505f9acbc7b6f8928ec6b7978c125" + }, + "CVE-2019-19524": { + "cmt_msg": "Input: ff-memless - kill timer in destroy()", + "cmt_id": "8145f2181955c7c95f42a7f71b81ff91bc9e7b8c" + }, + "CVE-2019-19527": { + "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device", + "cmt_id": "a2133df2ca08f0d320e651f682f66a1097e6b752" + }, + "CVE-2019-19532": { + "cmt_msg": "HID: Fix assumption that devices have inputs", + "cmt_id": "f703c175f8e428959a33cdadb3e09986f14390ce" + }, + "CVE-2019-19533": { + "cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()", + "cmt_id": "89577bea6adf8cd2a1b97c91f7266bb56aa181b0" + }, + "CVE-2019-19332": { + "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)", + "cmt_id": "21377f88c2757c6ee3e28407fb1c44b4bdf7e6b2" + }, + "CVE-2019-19528": { + "cmt_msg": "USB: iowarrior: fix use-after-free on disconnect", + "cmt_id": "bc5b704c76044bf22be57e5adcd100d6005115cc" + } + }, + "3.16.80": { + "CVE-2020-10773": { + "cmt_msg": "s390/cmm: fix information leak in cmm_timeout_handler()", + "cmt_id": "c97d5d87f654979c81a36fbd75844a41e5a82cdc" + } + }, + "3.16.81": { + "CVE-2019-19965": { + "cmt_msg": "scsi: libsas: stop discovering if oob mode is disconnected", + "cmt_id": "f4e74a1371c84cca35e53afda50759e2d44e0507" + }, + "CVE-2019-19966": { + "cmt_msg": "media: cpia2: Fix use-after-free in cpia2_exit", + "cmt_id": "56c2514ac65214bfcf60b6df324e3a1d2f31e3b2" + }, + "CVE-2019-14895": { + "cmt_msg": "mwifiex: fix possible heap overflow in mwifiex_process_country_ie()", + "cmt_id": "3b2f9bd867e1a288b470da440992a908c5972644" + }, + "CVE-2019-18806": { + "cmt_msg": "net: qlogic: Fix memory leak in ql_alloc_large_buffers", + "cmt_id": "e1db96134ab329054b73c4075949053e43ac7208" + } + }, + "3.16.82": { + "CVE-2019-19447": { + "cmt_msg": "ext4: work around deleting a file with i_nlink == 0 safely", + "cmt_id": "75b201c2fdfb3cecc3eb6a1dc85b87055de642e9" + } + }, + "3.16.83": { + "CVE-2020-8649": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "bca2e2e83484ff63ca82c9c2c905d4e580f1a35a" + }, + "CVE-2020-8648": { + "cmt_msg": "vt: selection, close sel_buffer race", + "cmt_id": "a93c3b40fc3d2264b1b11c469319c7cbefb80c46" + }, + "CVE-2019-20636": { + "cmt_msg": "Input: add safety guards to input_set_keycode()", + "cmt_id": "4af47d3cc875e43a523f6d3b3edef2ca785ccf27" + }, + "CVE-2020-8647": { + "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region", + "cmt_id": "bca2e2e83484ff63ca82c9c2c905d4e580f1a35a" + }, + "CVE-2020-11668": { + "cmt_msg": "media: xirlink_cit: add missing descriptor sanity checks", + "cmt_id": "9e236e2465ff5858bed537b94b15134e3ba55e75" + }, + "CVE-2020-14416": { + "cmt_msg": "can, slip: Protect tty->disc_data in write_wakeup and close with RCU", + "cmt_id": "10912babe0dff14eea532492a6b9c55f1471fd75" + }, + "CVE-2020-14381": { + "cmt_msg": "futex: Fix inode life-time issue", + "cmt_id": "87903c4d3a9b422cd1d254b693e84b95f9df0706" + }, + "CVE-2020-10690": { + "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev", + "cmt_id": "5230ef61882d2d14deb846eb6b48370694816e4c" + }, + "CVE-2020-0431": { + "cmt_msg": "HID: hid-input: clear unmapped usages", + "cmt_id": "5a1f8cc7d9dde54ab941fc8dbcb4239307d2efb4" + }, + "CVE-2019-14896": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "e4646070f91312414af0ca9332a79b7153150fae" + }, + "CVE-2019-14897": { + "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor", + "cmt_id": "e4646070f91312414af0ca9332a79b7153150fae" + }, + "CVE-2019-19768": { + "cmt_msg": "blktrace: Protect q->blk_trace with RCU", + "cmt_id": "4398bce1bdf258f7d67bcc38c46f5fa9546448bd" + }, + "CVE-2019-14901": { + "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()", + "cmt_id": "ef0449fb4c94e52c1f5f7170b52a738acf9af5ff" + }, + "CVE-2020-0009": { + "cmt_msg": "staging: android: ashmem: Disallow ashmem memory from being remapped", + "cmt_id": "85216b0a3fc5f3eb08e68750175f8507d5608e37" + }, + "CVE-2018-14611": { + "cmt_msg": "btrfs: validate type when reading a chunk", + "cmt_id": "cdfef40f9557b91384c392a9150bf0bb2b3802c7" + }, + "CVE-2018-14610": { + "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time", + "cmt_id": "5203a4d55c2c6a0c86a0ab21bfd071d407ca95a1" + }, + "CVE-2018-14613": { + "cmt_msg": "btrfs: tree-checker: Verify block_group_item", + "cmt_id": "df8ecef7a35de12986676edc45fd841e6d788ba8" + }, + "CVE-2018-14612": { + "cmt_msg": "btrfs: tree-checker: Detect invalid and empty essential trees", + "cmt_id": "e3f6c37c31522cc99cea96e0f0f6f536026fb058" + }, + "CVE-2020-0305": { + "cmt_msg": "chardev: Avoid potential use-after-free in 'chrdev_open()'", + "cmt_id": "6a0a5980a6092c82258858c7588f8bbb36df6026" + }, + "CVE-2020-9383": { + "cmt_msg": "floppy: check FDC index for errors before assigning it", + "cmt_id": "2f9ac30a54dc0181ddac3705cdcf4775d863c530" + }, + "CVE-2020-10942": { + "cmt_msg": "vhost: Check docket sk_family instead of call getname", + "cmt_id": "e4d98e5299b19e1caad03f0b38fd41b046d0de56" + }, + "CVE-2015-8839": { + "cmt_msg": "ext4: fix races between page faults and hole punching", + "cmt_id": "81a2281115c28be55d3489c3a79c84db294b722a" + }, + "CVE-2020-11494": { + "cmt_msg": "slcan: Don't transmit uninitialized stack data in padding", + "cmt_id": "08fadc32ce6239dc75fd5e869590e29bc62bbc28" + }, + "CVE-2019-5108": { + "cmt_msg": "mac80211: Do not send Layer 2 Update frame before authorization", + "cmt_id": "93864704f211e55eddec0c03ca300b1cf6414d8c" + }, + "CVE-2019-20812": { + "cmt_msg": "af_packet: set defaule value for tmo", + "cmt_id": "8c1a8e6dba6a09d65ec7eef54ac13e36b7be9536" + }, + "CVE-2020-11565": { + "cmt_msg": "mm: mempolicy: require at least one nodeid for MPOL_PREFERRED", + "cmt_id": "7ca9aeb9a22b50841c401164703c5b0a4a510aff" + }, + "CVE-2020-1749": { + "cmt_msg": "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup", + "cmt_id": "b9f3e457098ea76f2d69bfc369bae1fd0cf2a6e5" + }, + "CVE-2020-2732": { + "cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode", + "cmt_id": "5d7476c40cd352ec82aec26f6c6d8c413eb2b17b" + }, + "CVE-2020-11608": { + "cmt_msg": "media: ov519: add missing endpoint sanity checks", + "cmt_id": "39a4c51860e9695369b640962be4eb6984175384" + }, + "CVE-2020-11609": { + "cmt_msg": "media: stv06xx: add missing descriptor sanity checks", + "cmt_id": "98d33c0103b16e64a6a4788cf81e22baf229f48e" + } + }, + "3.16.84": { + "CVE-2020-12769": { + "cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls", + "cmt_id": "f358118d34cdd7e898685205bb62e41e9a3246aa" + }, + "CVE-2020-12114": { + "cmt_msg": "make struct mountpoint bear the dentry reference to mountpoint, not struct mount", + "cmt_id": "172f22d527862eb5aa9dd767826f5d68562943db" + }, + "CVE-2020-0404": { + "cmt_msg": "media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors", + "cmt_id": "320230e4875672908b1ec29251b13548e16af1ef" + } + }, + "3.16.85": { + "CVE-2019-19319": { + "cmt_msg": "ext4: protect journal inode's blocks using block_validity", + "cmt_id": "51890201da4d654f6ca131bc45a0e892bb10de1d" + }, + "CVE-2020-0543": { + "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()", + "cmt_id": "98a637c406eefe95f2428739c1397f250bb7fadd" + }, + "CVE-2020-12770": { + "cmt_msg": "scsi: sg: add sg_remove_request in sg_write", + "cmt_id": "f5eb337df20a24a9f9c7f96181ace9d61b590def" + }, + "CVE-2020-12652": { + "cmt_msg": "scsi: mptfusion: Fix double fetch bug in ioctl", + "cmt_id": "a226f907bd999713e9349bc35aa133cf519a864e" + }, + "CVE-2020-12464": { + "cmt_msg": "USB: core: Fix free-while-in-use bug in the USB S-Glibrary", + "cmt_id": "575f200adca1fe48df15063b1a5673a9b5f713bd" + }, + "CVE-2020-0255": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "9592b90cdc99f58e0674e64037c422ea7e9aa367" + }, + "CVE-2020-10751": { + "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()", + "cmt_id": "9592b90cdc99f58e0674e64037c422ea7e9aa367" + }, + "CVE-2020-12653": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()", + "cmt_id": "f0c210c885dbc5000d3c3e27723beedda5988cee" + }, + "CVE-2020-13143": { + "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC", + "cmt_id": "d126cf46f829d146dde3e6a8963e095ac6cfcd1c" + }, + "CVE-2017-14991": { + "cmt_msg": "scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE", + "cmt_id": "f37de82d22dc41e9748b788655fab4bfea465a02" + }, + "CVE-2020-10732": { + "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()", + "cmt_id": "d03daec2e50aa2a0b6de2c3572af5e1d61f9d132" + }, + "CVE-2020-12654": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()", + "cmt_id": "60a613dc22ee9932c3ba67eadb08de357e36f01f" + }, + "CVE-2020-12826": { + "cmt_msg": "signal: Extend exec_id to 64bits", + "cmt_id": "303c5366d664e0b860041e0647952dafcd71c5a1" + } + }, + "outstanding": { + "CVE-2020-36322": { + "cmt_msg": "fuse: fix bad inode" + }, + "CVE-2020-35508": { + "cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2021-45095": { + "cmt_msg": "phonet: refcount leak in pep_sock_accep" + }, + "CVE-2022-0001": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-45469": { + "cmt_msg": "f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()" + }, + "CVE-2021-3894": { + "cmt_msg": "sctp: account stream padding length for reconf chunk" + }, + "CVE-2020-24587": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2020-24586": { + "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" + }, + "CVE-2022-0995": { + "cmt_msg": "watch_queue: Fix filter limit check" + }, + "CVE-2021-0129": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-24588": { + "cmt_msg": "cfg80211: mitigate A-MSDU aggregation attacks" + }, + "CVE-2018-10087": { + "cmt_msg": "kernel/exit.c: avoid undefined behaviour when calling wait4()" + }, + "CVE-2020-36158": { + "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" + }, + "CVE-2022-0480": { + "cmt_msg": "memcg: enable accounting for file lock caches" + }, + "CVE-2018-10124": { + "cmt_msg": "kernel/signal.c: avoid undefined behaviour in kill_something_info" + }, + "CVE-2022-0487": { + "cmt_msg": "moxart: fix potential use-after-free on remove path" + }, + "CVE-2021-0920": { + "cmt_msg": "af_unix: fix garbage collect vs MSG_PEEK" + }, + "CVE-2019-19241": { + "cmt_msg": "io_uring: async workers should inherit the user creds" + }, + "CVE-2021-28688": { + "cmt_msg": "xen-blkback: don't leak persistent grants from xen_blkbk_map()" + }, + "CVE-2021-39686": { + "cmt_msg": "binder: use euid from cred instead of using task" + }, + "CVE-2021-39685": { + "cmt_msg": "USB: gadget: detect too-big endpoint 0 requests" + }, + "CVE-2021-43975": { + "cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait" + }, + "CVE-2021-43976": { + "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" + }, + "CVE-2020-0466": { + "cmt_msg": "do_epoll_ctl(): clean the failure exits up a bit" + }, + "CVE-2019-12379": { + "cmt_msg": "consolemap: Fix a memory leaking bug in drivers/tty/vt/consolemap.c" + }, + "CVE-2019-12378": { + "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" + }, + "CVE-2021-30002": { + "cmt_msg": "media: v4l: ioctl: Fix memory leak in video_usercopy" + }, + "CVE-2021-0941": { + "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" + }, + "CVE-2015-4176": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2022-0002": { + "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" + }, + "CVE-2021-39713": { + "cmt_msg": "net: sched: use Qdisc rcu API instead of relying on rtnl lock" + }, + "CVE-2015-4178": { + "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." + }, + "CVE-2018-3646": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2021-39714": { + "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" + }, + "CVE-2021-28711": { + "cmt_msg": "xen/blkfront: harden blkfront against event channel storms" + }, + "CVE-2018-14614": { + "cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum" + }, + "CVE-2018-14616": { + "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" + }, + "CVE-2020-26145": { + "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" + }, + "CVE-2020-26147": { + "cmt_msg": "mac80211: assure all fragments are encrypted" + }, + "CVE-2020-26141": { + "cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2018-13096": { + "cmt_msg": "f2fs: fix to do sanity check with node footer and iblocks" + }, + "CVE-2018-13097": { + "cmt_msg": "f2fs: fix to do sanity check with user_block_count" + }, + "CVE-2018-13095": { + "cmt_msg": "xfs: More robust inode extent count validation" + }, + "CVE-2020-29661": { + "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" + }, + "CVE-2020-29660": { + "cmt_msg": "tty: Fix ->session locking" + }, + "CVE-2018-13098": { + "cmt_msg": "f2fs: fix to do sanity check with extra_attr feature" + }, + "CVE-2018-13099": { + "cmt_msg": "f2fs: fix to do sanity check with reserved blkaddr of inline inode" + }, + "CVE-2022-1734": { + "cmt_msg": "nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs" + }, + "CVE-2014-9717": { + "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" + }, + "CVE-2019-19074": { + "cmt_msg": "ath9k: release allocated buffer if timed out" + }, + "CVE-2019-19073": { + "cmt_msg": "ath9k_htc: release allocated buffer if timed out" + }, + "CVE-2019-18680": { + "cmt_msg": "" + }, + "CVE-2022-23038": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23039": { + "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" + }, + "CVE-2021-45868": { + "cmt_msg": "quota: check block number when reading the block in quota file" + }, + "CVE-2022-23036": { + "cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()" + }, + "CVE-2022-23037": { + "cmt_msg": "xen/netfront: don't use gnttab_query_foreign_access() for mapped status" + }, + "CVE-2021-38160": { + "cmt_msg": "virtio_console: Assure used length from device is limited" + }, + "CVE-2021-42008": { + "cmt_msg": "net: 6pack: fix slab-out-of-bounds in decode_data" + }, + "CVE-2022-0998": { + "cmt_msg": "vdpa: clean up get_config_size ret value handling" + }, + "CVE-2020-25643": { + "cmt_msg": "hdlc_ppp: add range checks in ppp_cp_parse_cr()" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2021-33135": { + "cmt_msg": "" + }, + "CVE-2021-33034": { + "cmt_msg": "Bluetooth: verify AMP hci_chan before amp_destroy" + }, + "CVE-2019-19922": { + "cmt_msg": "sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices" + }, + "CVE-2019-19927": { + "cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages" + }, + "CVE-2020-27066": { + "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" + }, + "CVE-2020-27068": { + "cmt_msg": "cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE" + }, + "CVE-2020-28974": { + "cmt_msg": "vt: Disable KD_FONT_OP_COPY" + }, + "CVE-2019-20806": { + "cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2020-14305": { + "cmt_msg": "netfilter: helpers: remove data_len usage for inkernel helpers" + }, + "CVE-2020-15393": { + "cmt_msg": "usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect" + }, + "CVE-2021-3564": { + "cmt_msg": "Bluetooth: fix the erroneous flush_work() order" + }, + "CVE-2017-16995": { + "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" + }, + "CVE-2019-2025": { + "cmt_msg": "binder: fix race that allows malicious free of live buffer" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2018-12127": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2018-12126": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-28964": { + "cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root" + }, + "CVE-2020-13974": { + "cmt_msg": "vt: keyboard: avoid signed integer overflow in k_ascii" + }, + "CVE-2021-4083": { + "cmt_msg": "fget: check that the fd still exists after getting a ref to it" + }, + "CVE-2018-9465": { + "cmt_msg": "binder: fix proc->files use-after-free" + }, + "CVE-2020-15437": { + "cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()" + }, + "CVE-2020-15436": { + "cmt_msg": "block: Fix use-after-free in blkdev_get()" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2021-28660": { + "cmt_msg": "staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()" + }, + "CVE-2016-9178": { + "cmt_msg": "fix minor infoleak in get_user_ex()" + }, + "CVE-2019-0154": { + "cmt_msg": "drm/i915: Lower RM timeout to avoid DSI hard hangs" + }, + "CVE-2020-36386": { + "cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()" + }, + "CVE-2020-36385": { + "cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy" + }, + "CVE-2022-1048": { + "cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls" + }, + "CVE-2018-7480": { + "cmt_msg": "blkcg: fix double free of new_blkg in blkcg_init_queue" + }, + "CVE-2019-14615": { + "cmt_msg": "drm/i915/gen9: Clear residual context state on context switch" + }, + "CVE-2016-3139": { + "cmt_msg": "Input: wacom - compute the HID report size to get the actual packet size" + }, + "CVE-2020-16120": { + "cmt_msg": "ovl: switch to mounter creds in readdir" + }, + "CVE-2022-29581": { + "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" + }, + "CVE-2022-1204": { + "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" + }, + "CVE-2022-1205": { + "cmt_msg": "ax25: Fix NULL pointer dereferences in ax25 timers" + }, + "CVE-2016-10723": { + "cmt_msg": "mm, oom: remove sleep from under oom_lock" + }, + "CVE-2019-19036": { + "cmt_msg": "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" + }, + "CVE-2021-34693": { + "cmt_msg": "can: bcm: fix infoleak in struct bcm_msg_head" + }, + "CVE-2019-19039": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2020-8832": { + "cmt_msg": "drm/i915: Record the default hw state after reset upon load" + }, + "CVE-2022-1836": { + "cmt_msg": "floppy: disable FDRAWCMD by default" + }, + "CVE-2021-32078": { + "cmt_msg": "ARM: footbridge: remove personal server platform" + }, + "CVE-2022-30594": { + "cmt_msg": "ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE" + }, + "CVE-2017-16528": { + "cmt_msg": "ALSA: seq: Cancel pending autoload work at unbinding device" + }, + "CVE-2021-38204": { + "cmt_msg": "usb: max-3421: Prevent corruption of freed memory" + }, + "CVE-2021-38205": { + "cmt_msg": "net: xilinx_emaclite: Do not print real IOMEM pointer" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2021-38208": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2017-18232": { + "cmt_msg": "scsi: libsas: direct call probe and destruct" + }, + "CVE-2019-2213": { + "cmt_msg": "binder: fix possible UAF when freeing buffer" + }, + "CVE-2020-25211": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2020-25212": { + "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" + }, + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2020-26555": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2018-1128": { + "cmt_msg": "libceph: add authorizer challenge" + }, + "CVE-2018-1129": { + "cmt_msg": "libceph: implement CEPHX_V2 calculation mode" + }, + "CVE-2018-1120": { + "cmt_msg": "proc: do not access cmdline nor environ from file-backed areas" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2017-5753": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2022-0644": { + "cmt_msg": "vfs: check fd has read access in kernel_read_file_from_fd()" + }, + "CVE-2020-29568": { + "cmt_msg": "xen/xenbus: Allow watches discard events before queueing" + }, + "CVE-2020-27786": { + "cmt_msg": "ALSA: rawmidi: Fix racy buffer resize under concurrent accesses" + }, + "CVE-2022-0382": { + "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" + }, + "CVE-2020-25672": { + "cmt_msg": "nfc: fix memory leak in llcp_sock_connect()" + }, + "CVE-2020-25673": { + "cmt_msg": "nfc: Avoid endless loops caused by repeated llcp_sock_connect()" + }, + "CVE-2020-25670": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_bind()" + }, + "CVE-2020-25671": { + "cmt_msg": "nfc: fix refcount leak in llcp_sock_connect()" + }, + "CVE-2019-15222": { + "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" + }, + "CVE-2019-15223": { + "cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection" + }, + "CVE-2019-19813": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2020-29374": { + "cmt_msg": "gup: document and work around \"COW can break either way\" issue" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2020-29371": { + "cmt_msg": "romfs: fix uninitialized memory leak in romfs_dev_read()" + }, + "CVE-2019-19816": { + "cmt_msg": "btrfs: inode: Verify inode mode to avoid NULL pointer dereference" + }, + "CVE-2022-1015": { + "cmt_msg": "netfilter: nf_tables: validate registers coming from userspace." + }, + "CVE-2019-9453": { + "cmt_msg": "f2fs: fix to avoid accessing xattr across the boundary" + }, + "CVE-2022-1016": { + "cmt_msg": "netfilter: nf_tables: initialize registers in nft_do_chain()" + }, + "CVE-2022-1011": { + "cmt_msg": "fuse: fix pipe buffer lifetime for direct_io" + }, + "CVE-2022-1012": { + "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" + }, + "CVE-2022-1882": { + "cmt_msg": "" + }, + "CVE-2021-26931": { + "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" + }, + "CVE-2021-26930": { + "cmt_msg": "xen-blkback: fix error handling in xen_blkbk_map()" + }, + "CVE-2021-26932": { + "cmt_msg": "Xen/x86: don't bail early from clear_foreign_p2m_mapping()" + }, + "CVE-2022-0492": { + "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" + }, + "CVE-2020-12352": { + "cmt_msg": "Bluetooth: A2MP: Fix not initializing all members" + }, + "CVE-2022-23042": { + "cmt_msg": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()" + }, + "CVE-2022-25636": { + "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" + }, + "CVE-2022-0494": { + "cmt_msg": "block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern" + }, + "CVE-2020-26088": { + "cmt_msg": "net/nfc/rawsock.c: add CAP_NET_RAW check." + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2021-3178": { + "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" + }, + "CVE-2022-28796": { + "cmt_msg": "jbd2: fix use-after-free of transaction_t race" + }, + "CVE-2018-7754": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0330": { + "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2022-28893": { + "cmt_msg": "SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()" + }, + "CVE-2021-3772": { + "cmt_msg": "sctp: use init_tag from inithdr for ABORT chunk" + }, + "CVE-2021-3679": { + "cmt_msg": "tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop." + }, + "CVE-2021-37159": { + "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" + }, + "CVE-2021-39711": { + "cmt_msg": "bpf: fix panic due to oob in bpf_prog_test_run_skb" + }, + "CVE-2021-34556": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2021-28713": { + "cmt_msg": "xen/console: harden hvc_xen against event channel storms" + }, + "CVE-2021-28712": { + "cmt_msg": "xen/netfront: harden netfront against event channel storms" + }, + "CVE-2017-18261": { + "cmt_msg": "clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2022-23960": { + "cmt_msg": "ARM: report Spectre v2 status through sysfs" + }, + "CVE-2017-11472": { + "cmt_msg": "ACPICA: Namespace: fix operand cache leak" + }, + "CVE-2021-39657": { + "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" + }, + "CVE-2021-3669": { + "cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()" + }, + "CVE-2019-18885": { + "cmt_msg": "btrfs: merge btrfs_find_device and find_device" + }, + "CVE-2019-11091": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-34981": { + "cmt_msg": "Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails" + }, + "CVE-2022-1786": { + "cmt_msg": "io_uring: remove io_identity" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2022-28390": { + "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2014-3180": { + "cmt_msg": "compat: nanosleep: Clarify error handling" + }, + "CVE-2022-1158": { + "cmt_msg": "KVM: x86/mmu: do compare-and-exchange of gPTE via the user address" + }, + "CVE-2017-8797": { + "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" + }, + "CVE-2017-5715": { + "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" + }, + "CVE-2018-5344": { + "cmt_msg": "loop: fix concurrent lo_open/lo_release" + }, + "CVE-2018-3620": { + "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" + }, + "CVE-2020-16166": { + "cmt_msg": "random32: update the net random state on interrupt and activity" + }, + "CVE-2021-29155": { + "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" + }, + "CVE-2022-28389": { + "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" + }, + "CVE-2022-28388": { + "cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path" + }, + "CVE-2020-12362": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12363": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2020-12364": { + "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" + }, + "CVE-2022-0500": { + "cmt_msg": "bpf: Introduce MEM_RDONLY flag" + }, + "CVE-2021-0605": { + "cmt_msg": "af_key: pfkey_dump needs parameter validation" + }, + "CVE-2021-3896": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-4002": { + "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" + }, + "CVE-2022-1055": { + "cmt_msg": "net: sched: fix use-after-free in tc_new_tfilter()" + }, + "CVE-2022-20008": { + "cmt_msg": "mmc: block: fix read single on recovery logic" + }, + "CVE-2019-16232": { + "cmt_msg": "libertas: fix a potential NULL pointer dereference" + }, + "CVE-2019-20810": { + "cmt_msg": "media: go7007: fix a miss of snd_card_free" + }, + "CVE-2020-14314": { + "cmt_msg": "ext4: fix potential negative array index in do_split()" + }, + "CVE-2018-5391": { + "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." + }, + "CVE-2019-18660": { + "cmt_msg": "powerpc/book3s64: Fix link stack flush on context switch" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2018-7273": { + "cmt_msg": "printk: hash addresses printed with %p" + }, + "CVE-2022-0617": { + "cmt_msg": "udf: Fix NULL ptr deref when converting from inline format" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2021-32399": { + "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" + }, + "CVE-2021-33098": { + "cmt_msg": "ixgbe: fix large MTU request from VF" + }, + "CVE-2021-28972": { + "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" + }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, + "CVE-2017-10810": { + "cmt_msg": "drm/virtio: don't leak bo on drm_gem_object_init failure" + }, + "CVE-2022-24958": { + "cmt_msg": "usb: gadget: don't release an existing dev->buf" + }, + "CVE-2020-10766": { + "cmt_msg": "x86/speculation: Prevent rogue cross-process SSBD shutdown" + }, + "CVE-2020-10767": { + "cmt_msg": "x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS." + }, + "CVE-2018-12207": { + "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" + }, + "CVE-2020-10768": { + "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." + }, + "CVE-2019-0148": { + "cmt_msg": "i40e: Wrong truncation from u16 to u8" + }, + "CVE-2019-17075": { + "cmt_msg": "RDMA/cxgb4: Do not dma memory off of the stack" + }, + "CVE-2014-7145": { + "cmt_msg": "[CIFS] Possible null ptr deref in SMB2_tcon" + }, + "CVE-2019-0146": { + "cmt_msg": "" + }, + "CVE-2017-0750": { + "cmt_msg": "f2fs: do more integrity verification for superblock" + }, + "CVE-2019-11191": { + "cmt_msg": "x86: Deprecate a.out support" + }, + "CVE-2018-10322": { + "cmt_msg": "xfs: enhance dinode verifier" + }, + "CVE-2016-9644": { + "cmt_msg": "x86/mm: Expand the exception table logic to allow new handling options" + }, + "CVE-2020-26139": { + "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" + }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, + "CVE-2021-3609": { + "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" + }, + "CVE-2021-0929": { + "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" + }, + "CVE-2017-18255": { + "cmt_msg": "perf/core: Fix the perf_cpu_time_max_percent check" + }, + "CVE-2022-0168": { + "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" + }, + "CVE-2020-28374": { + "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" + }, + "CVE-2022-1419": { + "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" + }, + "CVE-2020-27825": { + "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" + }, + "CVE-2019-2181": { + "cmt_msg": "binder: check for overflow when alloc for security context" + }, + "CVE-2020-27820": { + "cmt_msg": "drm/nouveau: use drm_dev_unplug() during device removal" + }, + "CVE-2020-0067": { + "cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr" + }, + "CVE-2020-26558": { + "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" + }, + "CVE-2020-26541": { + "cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries" + }, + "CVE-2021-20317": { + "cmt_msg": "lib/timerqueue: Rely on rbtree semantics for next timer" + }, + "CVE-2021-43389": { + "cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound" + }, + "CVE-2021-33061": { + "cmt_msg": "ixgbe: add improvement for MDD response functionality" + }, + "CVE-2017-18552": { + "cmt_msg": "RDS: validate the requested traces user input against max supported" + }, + "CVE-2022-27950": { + "cmt_msg": "HID: elo: fix memory leak in elo_probe" + }, + "CVE-2022-1652": { + "cmt_msg": "" + }, + "CVE-2022-1651": { + "cmt_msg": "virt: acrn: fix a memory leak in acrn_dev_ioctl()" + }, + "CVE-2015-8830": { + "cmt_msg": "aio: lift iov_iter_init() into aio_setup_..._rw()" + }, + "CVE-2020-14351": { + "cmt_msg": "perf/core: Fix race in the perf_mmap_close() function" + }, + "CVE-2019-19054": { + "cmt_msg": "media: rc: prevent memory leak in cx23888_ir_probe" + }, + "CVE-2020-0429": { + "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" + }, + "CVE-2020-0427": { + "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" + }, + "CVE-2022-1789": { + "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" + }, + "CVE-2017-9984": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2017-15537": { + "cmt_msg": "x86/fpu: Don't let userspace set bogus xcomp_bv" + }, + "CVE-2020-25669": { + "cmt_msg": "Input: sunkbd - avoid use-after-free in teardown paths" + }, + "CVE-2020-25668": { + "cmt_msg": "tty: make FONTX ioctl use the tty pointer they were actually passed" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2018-20854": { + "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" + }, + "CVE-2018-25020": { + "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" + }, + "CVE-2018-20855": { + "cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace" + }, + "CVE-2019-15239": { + "cmt_msg": "" + }, + "CVE-2021-4037": { + "cmt_msg": "xfs: fix up non-directory creation in SGID directories" + }, + "CVE-2021-22543": { + "cmt_msg": "KVM: do not allow mapping valid but non-reference-counted pages" + }, + "CVE-2019-1999": { + "cmt_msg": "binder: fix race between munmap() and direct reclaim" + }, + "CVE-2020-10135": { + "cmt_msg": "Bluetooth: Consolidate encryption handling in hci_encrypt_cfm" + }, + "CVE-2019-7308": { + "cmt_msg": "bpf: fix sanitation of alu op with pointer / scalar type from different paths" + }, + "CVE-2017-9986": { + "cmt_msg": "sound: Retire OSS" + }, + "CVE-2017-9985": { + "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" + }, + "CVE-2021-3587": { + "cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect" + }, + "CVE-2021-20261": { + "cmt_msg": "floppy: fix lock_fdc() signal handling" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2017-13695": { + "cmt_msg": "ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2021-4149": { + "cmt_msg": "btrfs: unlock newly allocated extent buffer after error" + }, + "CVE-2021-4148": { + "cmt_msg": "mm: khugepaged: skip huge page collapse for special files" + }, + "CVE-2021-3640": { + "cmt_msg": "Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()" + }, + "CVE-2022-29968": { + "cmt_msg": "io_uring: fix uninitialized field in rw io_kiocb" + }, + "CVE-2020-28097": { + "cmt_msg": "vgacon: remove software scrollback support" + }, + "CVE-2022-1508": { + "cmt_msg": "io_uring: reexpand under-reexpanded iters" + }, + "CVE-2021-29265": { + "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" + }, + "CVE-2021-39648": { + "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" + }, + "CVE-2019-16921": { + "cmt_msg": "RDMA/hns: Fix init resp when alloc ucontext" + }, + "CVE-2021-21781": { + "cmt_msg": "ARM: ensure the signal page contains defined contents" + }, + "CVE-2021-0512": { + "cmt_msg": "HID: make arrays usage and value to be the same" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2021-40490": { + "cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing" + }, + "CVE-2021-33909": { + "cmt_msg": "seq_file: disallow extremely large seq buffer allocations" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2015-8952": { + "cmt_msg": "ext2: convert to mbcache2" + }, + "CVE-2022-0812": { + "cmt_msg": "xprtrdma: fix incorrect header size calculations" + }, + "CVE-2022-0742": { + "cmt_msg": "ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()" + }, + "CVE-2022-0854": { + "cmt_msg": "swiotlb: rework \"fix info leak with DMA_FROM_DEVICE\"" + }, + "CVE-2020-14390": { + "cmt_msg": "fbcon: remove soft scrollback code" + }, + "CVE-2017-10663": { + "cmt_msg": "f2fs: sanity check checkpoint segno and blkoff" + }, + "CVE-2017-10662": { + "cmt_msg": "f2fs: sanity check segment count" + }, + "CVE-2022-1184": { + "cmt_msg": "" + }, + "CVE-2020-0465": { + "cmt_msg": "HID: core: Sanitize event code and type when mapping input" + }, + "CVE-2021-1048": { + "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" + }, + "CVE-2021-4218": { + "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" + }, + "CVE-2019-15902": { + "cmt_msg": "" + }, + "CVE-2021-27365": { + "cmt_msg": "scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE" + }, + "CVE-2021-27364": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2021-27363": { + "cmt_msg": "scsi: iscsi: Restrict sessions and handles to admin capabilities" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2021-20321": { + "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" + }, + "CVE-2022-1043": { + "cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check" + }, + "CVE-2017-5967": { + "cmt_msg": "time: Remove CONFIG_TIMER_STATS" + }, + "CVE-2019-2054": { + "cmt_msg": "arm/ptrace: run seccomp after ptrace" + }, + "CVE-2016-10147": { + "cmt_msg": "crypto: mcryptd - Check mcryptd algorithm compatibility" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2020-12656": { + "cmt_msg": "sunrpc: check that domain table is empty at module unload." + }, + "CVE-2022-23040": { + "cmt_msg": "xen/xenbus: don't let xenbus_grant_ring() remove grants in error case" + }, + "CVE-2020-12655": { + "cmt_msg": "xfs: add agf freeblocks verify in xfs_agf_verify" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2019-12380": { + "cmt_msg": "efi/x86/Add missing error handling to old_memmap 1:1 mapping code" + }, + "CVE-2019-12381": { + "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" + }, + "CVE-2020-36310": { + "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" + }, + "CVE-2020-36313": { + "cmt_msg": "KVM: Fix out of range accesses to memslots" + }, + "CVE-2020-35519": { + "cmt_msg": "net/x25: prevent a couple of overflows" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-0707": { + "cmt_msg": "dmabuf: fix use-after-free of dmabuf's file->f_inode" + }, + "CVE-2022-26966": { + "cmt_msg": "sr9700: sanity check for packet length" + }, + "CVE-2021-42739": { + "cmt_msg": "media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()" + }, + "CVE-2020-12771": { + "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2020-25285": { + "cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers" + }, + "CVE-2020-25284": { + "cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping" + }, + "CVE-2015-3339": { + "cmt_msg": "fs: take i_mutex during prepare_binprm for set[ug]id executables" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-4788": { + "cmt_msg": "powerpc/64s: flush L1D on kernel entry" + }, + "CVE-2021-39698": { + "cmt_msg": "wait: add wake_up_pollfree()" + }, + "CVE-2019-19377": { + "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" + }, + "CVE-2022-0850": { + "cmt_msg": "ext4: fix kernel infoleak via ext4_extent_header" + }, + "CVE-2017-13166": { + "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" + }, + "CVE-2021-3612": { + "cmt_msg": "Input: joydev - prevent potential read overflow in ioctl" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2019-19448": { + "cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space" + }, + "CVE-2019-19449": { + "cmt_msg": "f2fs: fix to do sanity check on segment/section count" + }, + "CVE-2021-3753": { + "cmt_msg": "vt_kdsetmode: extend console locking" + }, + "CVE-2021-3752": { + "cmt_msg": "Bluetooth: fix use-after-free error in lock_sock_nested()" + }, + "CVE-2021-0937": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2017-18249": { + "cmt_msg": "f2fs: fix race condition in between free nid allocator/initializer" + }, + "CVE-2022-1263": { + "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" + }, + "CVE-2021-35477": { + "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" + }, + "CVE-2019-12614": { + "cmt_msg": "powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()" + }, + "CVE-2021-37576": { + "cmt_msg": "KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow" + }, + "CVE-2020-27815": { + "cmt_msg": "jfs: Fix array index bounds check in dbAdjTree" + }, + "CVE-2022-23041": { + "cmt_msg": "xen/9p: use alloc/free_pages_exact()" + }, + "CVE-2022-1462": { + "cmt_msg": "" + }, + "CVE-2020-27777": { + "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" + }, + "CVE-2017-1000405": { + "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" + }, + "CVE-2020-27673": { + "cmt_msg": "xen/events: add a proper barrier to 2-level uevent unmasking" + }, + "CVE-2020-27675": { + "cmt_msg": "xen/events: avoid removing an event channel while handling it" + }, + "CVE-2020-28915": { + "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" + }, + "CVE-2019-20908": { + "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" + }, + "CVE-2021-28038": { + "cmt_msg": "Xen/gnttab: handle p2m update errors on a per-slot basis" + }, + "CVE-2019-19060": { + "cmt_msg": "iio: imu: adis16400: release allocated memory on failure" + }, + "CVE-2019-19061": { + "cmt_msg": "iio: imu: adis16400: fix memory leak" + }, + "CVE-2019-19063": { + "cmt_msg": "rtlwifi: prevent memory leak in rtl_usb_probe" + }, + "CVE-2019-9445": { + "cmt_msg": "f2fs: check if file namelen exceeds max value" + }, + "CVE-2021-3506": { + "cmt_msg": "f2fs: fix to avoid out-of-bounds memory access" + }, + "CVE-2020-0435": { + "cmt_msg": "f2fs: fix to do sanity check with i_extra_isize" + }, + "CVE-2020-0432": { + "cmt_msg": "staging: most: net: fix buffer overflow" + }, + "CVE-2020-0433": { + "cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter" + }, + "CVE-2019-3874": { + "cmt_msg": "sctp: implement memory accounting on tx path" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2017-15116": { + "cmt_msg": "crypto: rng - Remove old low-level rng interface" + }, + "CVE-2021-3483": { + "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" + }, + "CVE-2022-29156": { + "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" + }, + "CVE-2021-38300": { + "cmt_msg": "bpf, mips: Validate conditional branch offsets" + }, + "CVE-2020-25656": { + "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" + }, + "CVE-2022-24448": { + "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" + }, + "CVE-2021-4023": { + "cmt_msg": "io-wq: fix cancellation on create-worker failure" + }, + "CVE-2021-22555": { + "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2020-36516": { + "cmt_msg": "" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2021-3573": { + "cmt_msg": "Bluetooth: use correct lock to prevent UAF of hdev object" + }, + "CVE-2022-1679": { + "cmt_msg": "" + }, + "CVE-2018-1000026": { + "cmt_msg": "bnx2x: disable GSO where gso_size is too big for hardware" + }, + "CVE-2018-12130": { + "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" + }, + "CVE-2021-20292": { + "cmt_msg": "drm/ttm/nouveau: don't call tt destroy callback on alloc failure." + }, + "CVE-2021-31916": { + "cmt_msg": "dm ioctl: fix out of bounds array access when no devices" + }, + "CVE-2017-8065": { + "cmt_msg": "crypto: ccm - move cbcmac input off the stack" + }, + "CVE-2020-11669": { + "cmt_msg": "powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle" + }, + "CVE-2021-3659": { + "cmt_msg": "net: mac802154: Fix general protection fault" + }, + "CVE-2022-25258": { + "cmt_msg": "USB: gadget: validate interface OS descriptor requests" + }, + "CVE-2021-4155": { + "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" + }, + "CVE-2021-0695": { + "cmt_msg": "" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self" + }, + "CVE-2021-4150": { + "cmt_msg": "block: fix incorrect references to disk objects" + }, + "CVE-2020-3702": { + "cmt_msg": "ath: Use safer key clearing with key cache entries" + }, + "CVE-2021-28951": { + "cmt_msg": "io_uring: ensure that SQPOLL thread is started for exit" + }, + "CVE-2022-1671": { + "cmt_msg": "rxrpc: fix some null-ptr-deref bugs in server_key.c" + }, + "CVE-2021-3653": { + "cmt_msg": "KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)" + }, + "CVE-2021-3655": { + "cmt_msg": "sctp: validate from_addr_param return" + }, + "CVE-2020-8694": { + "cmt_msg": "powercap: restrict energy meter to root access" + }, + "CVE-2021-4159": { + "cmt_msg": "bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()" + }, + "CVE-2021-29154": { + "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" + }, + "CVE-2019-12615": { + "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-11487": { + "cmt_msg": "fs: prevent page refcount overflow in pipe_buf_get" + }, + "CVE-2019-16230": { + "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" + }, + "CVE-2017-12168": { + "cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access" + }, + "CVE-2019-16233": { + "cmt_msg": "scsi: qla2xxx: fix a potential NULL pointer dereference" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2021-39633": { + "cmt_msg": "ip_gre: add validation for csum_start" + }, + "CVE-2022-27223": { + "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" + }, + "CVE-2021-39636": { + "cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace" + }, + "CVE-2017-18204": { + "cmt_msg": "ocfs2: should wait dio before inode lock in ocfs2_setattr()" + }, + "CVE-2021-39634": { + "cmt_msg": "epoll: do not insert into poll queues until all sanity checks are done" + }, + "CVE-2022-25375": { + "cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command" + }, + "CVE-2018-20509": { + "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" + }, + "CVE-2017-18193": { + "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" + }, + "CVE-2022-1280": { + "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" + }, + "CVE-2020-12888": { + "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" + }, + "CVE-2016-6198": { + "cmt_msg": "vfs: add vfs_select_inode() helper" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2022-23222": { + "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" + }, + "CVE-2021-0448": { + "cmt_msg": "netfilter: ctnetlink: add a range check for l3/l4 protonum" + }, + "CVE-2016-6197": { + "cmt_msg": "ovl: verify upper dentry before unlink and rename" + }, + "CVE-2020-0030": { + "cmt_msg": "ANDROID: binder: synchronize_rcu() when using POLLFREE." + }, + "CVE-2021-29650": { + "cmt_msg": "netfilter: x_tables: Use correct memory barriers." + }, + "CVE-2017-12762": { + "cmt_msg": "isdn/i4l: fix buffer overflow" + }, + "CVE-2022-1353": { + "cmt_msg": "af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register" + }, + "CVE-2022-28356": { + "cmt_msg": "llc: fix netdevice reference leaks in llc_ui_bind()" + }, + "CVE-2022-1198": { + "cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()" + }, + "CVE-2022-1199": { + "cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device" + }, + "CVE-2015-8966": { + "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()" + }, + "CVE-2015-8967": { + "cmt_msg": "arm64: make sys_call_table const" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2021-39802": { + "cmt_msg": "" + }, + "CVE-2019-3837": { + "cmt_msg": "net_dma: simple removal" + }, + "CVE-2022-1195": { + "cmt_msg": "hamradio: improve the incomplete fix to avoid NPD" + }, + "CVE-2021-4202": { + "cmt_msg": "NFC: reorganize the functions in nci_request" + }, + "CVE-2021-4203": { + "cmt_msg": "af_unix: fix races in sk_peer_pid and sk_peer_cred accesses" + }, + "CVE-2021-44879": { + "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" + }, + "CVE-2022-1516": { + "cmt_msg": "net/x25: Fix null-ptr-deref caused by x25_disconnect" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2022-0171": { + "cmt_msg": "" + }, + "CVE-2022-29582": { + "cmt_msg": "io_uring: fix race between timeout flush and removal" + }, + "CVE-2021-38198": { + "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" + }, + "CVE-2017-5972": { + "cmt_msg": "tcp: do not lock listener to process SYN packets" + }, + "CVE-2022-1678": { + "cmt_msg": "tcp: optimize tcp internal pacing" + }, + "CVE-2015-4004": { + "cmt_msg": "staging: ozwpan: Remove from tree" + }, + "CVE-2021-26401": { + "cmt_msg": "x86/speculation: Use generic retpoline by default on AMD" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2021-45486": { + "cmt_msg": "inet: use bigger hash table for IP ID generation" + }, + "CVE-2020-14331": { + "cmt_msg": "vgacon: Fix for missing check in scrollback handling" + }, + "CVE-2021-45485": { + "cmt_msg": "ipv6: use prandom_u32() for ID generation" + }, + "CVE-2018-13100": { + "cmt_msg": "f2fs: fix to do sanity check with secs_per_zone" + }, + "CVE-2017-16646": { + "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" + }, + "CVE-2019-5489": { + "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" + }, + "CVE-2017-16648": { + "cmt_msg": "dvb_frontend: don't use-after-free the frontend struct" + } + } + }, + "3.2": { + "3.2.2": { + "CVE-2011-4131": { + "cmt_msg": "NFSv4: include bitmap in nfsv4 get acl data", + "cmt_id": "628fc192adbaae0c6178b9015fb916ce61d72b36" + } + }, + "3.2.15": { + "CVE-2012-2745": { + "cmt_msg": "cred: copy_process() should clear child->replacement_session_keyring", + "cmt_id": "fbb67524e89163c020c3588aec36f3013da0e56e" + }, + "CVE-2012-2375": { + "cmt_msg": "Fix length of buffer copied in __nfs4_get_acl_uncached", + "cmt_id": "a94841724154dac38ce5239d1d88c00e758dc20d" + } + }, + "3.2.17": { + "CVE-2012-2319": { + "cmt_msg": "hfsplus: Fix potential buffer overflows", + "cmt_id": "d4af6eb924ce29b9e46037134ca69ce085b5c36c" + } + }, + "3.2.19": { + "CVE-2012-6701": { + "cmt_msg": "vfs: make AIO use the proper rw_verify_area() area helpers", + "cmt_id": "07343eab681bf8c22a2b31d978569a5f65253171" + }, + "CVE-2012-2313": { + "cmt_msg": "dl2k: Clean up rio_ioctl", + "cmt_id": "bdd06be083b51fa7bdf04d8c8b699870f29bae69" + } + }, + "3.2.20": { + "CVE-2012-2390": { + "cmt_msg": "hugetlb: fix resv_map leak in error path", + "cmt_id": "73436db332d5b4dd792f115cf0b500521badf3e5" + } + }, + "3.2.22": { + "CVE-2012-2669": { + "cmt_msg": "Tools: hv: verify origin of netlink connector message", + "cmt_id": "10682d24d003b44cc4dac217047d26f9b210a514" + } + }, + "3.2.23": { + "CVE-2012-3511": { + "cmt_msg": "mm: Hold a file reference in madvise_remove", + "cmt_id": "1935549ba38cf30ebe8748ccb88fb99d009241d4" + }, + "CVE-2012-3400": { + "cmt_msg": "udf: Fortify loading of sparing table", + "cmt_id": "a9f1af04f086656246f30354fb4564ce3b08c4a0" + }, + "CVE-2012-3364": { + "cmt_msg": "NFC: Prevent multiple buffer overflows in NCI", + "cmt_id": "ec5b2b02eedb2c3471d5a87ba0f72d11b04c2af1" + }, + "CVE-2012-2136": { + "cmt_msg": "net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()", + "cmt_id": "caade06b9bc468620636953b15d7d36a12d2b88e" + } + }, + "3.2.24": { + "CVE-2012-6638": { + "cmt_msg": "tcp: drop SYN+FIN messages", + "cmt_id": "e6364fb003c0bc98c5fcde51aac6fd3b6a1337c3" + }, + "CVE-2012-2119": { + "cmt_msg": "macvtap: zerocopy: fix offset calculation when building skb", + "cmt_id": "c1b5b21b540f22a8e008d30545c044a6c949b47b" + }, + "CVE-2012-2137": { + "cmt_msg": "KVM: Fix buffer overflow in kvm_set_irq()", + "cmt_id": "0f3cbc35d2097d2c655789dd4996e7b87bdb5d34" + } + }, + "3.2.27": { + "CVE-2012-6647": { + "cmt_msg": "futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi()", + "cmt_id": "4344b8578fb31bb06abd397219ac0376f116f6f2" + } + }, + "3.2.28": { + "CVE-2012-6547": { + "cmt_msg": "net/tun: fix ioctl() based info leaks", + "cmt_id": "9deaafcd3ee894ef714c44e0414e85db36e62641" + }, + "CVE-2013-0310": { + "cmt_msg": "cipso: don't follow a NULL pointer when setsockopt() is called", + "cmt_id": "7f6453d8c6f68e26fa6086c654b7fca39b960637" + } + }, + "3.2.29": { + "CVE-2013-1827": { + "cmt_msg": "dccp: check ccid before dereferencing", + "cmt_id": "372c463a7c5ea46eca693ea52bd95cb8512247f8" + } + }, + "3.2.30": { + "CVE-2012-6689": { + "cmt_msg": "netlink: fix possible spoofing from non-root processes", + "cmt_id": "e6ae7506816cdf4d702c501ceb5202eecf7e4a07" + }, + "CVE-2012-3412": { + "cmt_msg": "net: Allow driver to limit number of GSO segments per skb", + "cmt_id": "99ea81edff2135603588fe12bd95cca2dd76a5cb" + }, + "CVE-2012-6545": { + "cmt_msg": "Bluetooth: RFCOMM - Fix info leak via getsockname()", + "cmt_id": "18fc748c13b0a15152bd711c3d42560f833af9e5" + }, + "CVE-2012-6544": { + "cmt_msg": "Bluetooth: L2CAP - Fix info leak via getsockname()", + "cmt_id": "79690021eba0738861965187af2f75035f846d6f" + }, + "CVE-2012-6546": { + "cmt_msg": "atm: fix info leak via getsockname()", + "cmt_id": "86cbb1ef4f7b1e6ac6cb65bb34b6949cd5b90c6e" + }, + "CVE-2012-6541": { + "cmt_msg": "dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO)", + "cmt_id": "24635bcd494892f4fce7b2504f3f1c65cc2d6ad2" + }, + "CVE-2012-6540": { + "cmt_msg": "ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT)", + "cmt_id": "9b2a14018c8a62cf910e10efb4b24787549de5c4" + }, + "CVE-2012-6542": { + "cmt_msg": "llc: fix info leak via getsockname()", + "cmt_id": "3f497daadeeb2b84dc8e97b32416d98b34485b99" + }, + "CVE-2012-6539": { + "cmt_msg": "net: fix info leak in compat dev_ifconf()", + "cmt_id": "daf8fa93325e55ec605c4e725e6dc07d63d0d5c1" + }, + "CVE-2012-3520": { + "cmt_msg": "af_netlink: force credentials passing [CVE-2012-3520]", + "cmt_id": "dc77000f6fa5f7dd5eac1d02fa7812a131a67b89" + } + }, + "3.2.31": { + "CVE-2013-1826": { + "cmt_msg": "xfrm_user: return error pointer instead of NULL", + "cmt_id": "468bf9f70353872173b11b92dc15fe84d3dacbb4" + }, + "CVE-2012-3430": { + "cmt_msg": "rds: set correct msg_namelen", + "cmt_id": "2a181c85136b1d5481dd5334037ad160450fa09d" + }, + "CVE-2012-6538": { + "cmt_msg": "xfrm_user: fix info leak in copy_to_user_auth()", + "cmt_id": "744e0a9c51333d712e76850bf58b4aeb277016fe" + }, + "CVE-2012-6657": { + "cmt_msg": "net: guard tcp_set_keepalive() to tcp sockets", + "cmt_id": "9a2ed90a493c0b955d973b25d81c78621e49af93" + }, + "CVE-2012-6536": { + "cmt_msg": "xfrm_user: ensure user supplied esn replay window is valid", + "cmt_id": "ab98741ba1888af9aeb4a88423bda1e2d93932e5" + }, + "CVE-2012-6537": { + "cmt_msg": "xfrm_user: fix info leak in copy_to_user_tmpl()", + "cmt_id": "26d560eb8ee3e6dd505a5a8a43ff904c279f60ce" + } + }, + "3.2.32": { + "CVE-2013-0309": { + "cmt_msg": "mm: thp: fix pmd_present for split_huge_page and PROT_NONE with THP", + "cmt_id": "ddd937a27bb51cda5a5400df8e18e9a29d7fa8ec" + } + }, + "3.2.33": { + "CVE-2013-1928": { + "cmt_msg": "fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check", + "cmt_id": "5bbeedc3110bbb1b5c6b01fc1f027ab5d2eb40d6" + }, + "CVE-2012-4508": { + "cmt_msg": "ext4: race-condition protection for ext4_convert_unwritten_extents_endio", + "cmt_id": "814a7833df19e1de7447f870ae890adb12561627" + }, + "CVE-2012-0957": { + "cmt_msg": "kernel/sys.c: fix stack memory content leak via UNAME26", + "cmt_id": "3042c7c2ee52f0ebfc8e09bc2c4cdbff3fc4ec61" + } + }, + "3.2.34": { + "CVE-2012-4565": { + "cmt_msg": "net: fix divide by zero in tcp algorithm illinois", + "cmt_id": "df769f065d7bebf0ddc5f61605dbb1d8ea5ee2d8" + } + }, + "3.2.36": { + "CVE-2012-4461": { + "cmt_msg": "KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set (CVE-2012-4461)", + "cmt_id": "53f02039f794725f843494a36d82f045d78ba697" + } + }, + "3.2.37": { + "CVE-2004-0230": { + "cmt_msg": "tcp: implement RFC 5961 3.2", + "cmt_id": "61f69dc4e40e41b0018f00fa4aeb23d3239556fb" + } + }, + "3.2.38": { + "CVE-2013-1774": { + "cmt_msg": "USB: io_ti: Fix NULL dereference in chase_port()", + "cmt_id": "7b4992729ddd232f6026c109f93d8296ca58b3ed" + }, + "CVE-2013-0349": { + "cmt_msg": "Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()", + "cmt_id": "150df53ab8dfcdf0b3872a60f7a092c4e541f138" + }, + "CVE-2013-0190": { + "cmt_msg": "xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests.", + "cmt_id": "5c0ce9fed10a58f65fe2784b664e03bdeaaac650" + }, + "CVE-2013-0268": { + "cmt_msg": "x86/msr: Add capabilities check", + "cmt_id": "6ebf5f3dfa9dfd384169f001eecf4e5119c670cc" + }, + "CVE-2013-0313": { + "cmt_msg": "evm: checking if removexattr is not a NULL", + "cmt_id": "f666957665d9c9b2ec308963333dbd224271b4d6" + } + }, + "3.2.39": { + "CVE-2013-0228": { + "cmt_msg": "x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.", + "cmt_id": "9a9adb457bc2665cac647e4c90d76acf23f1a65e" + }, + "CVE-2013-0871": { + "cmt_msg": "ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up()", + "cmt_id": "bb24eda9eee7a1cc865bb10dbb89edf7c1f5cdc7" + }, + "CVE-2013-0216": { + "cmt_msg": "netback: correct netbk_tx_err to handle wrap around.", + "cmt_id": "adecb7c418057a934b327c1177d738e17f0cf98a" + }, + "CVE-2013-0217": { + "cmt_msg": "xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop.", + "cmt_id": "dd4d2748d11f601975b78c88130bd274d3e90eb5" + } + }, + "3.2.40": { + "CVE-2013-1767": { + "cmt_msg": "tmpfs: fix use-after-free of mempolicy object", + "cmt_id": "2b82b58d6d1a3c79e28ce80c559a442e3d034b1a" + }, + "CVE-2013-0231": { + "cmt_msg": "xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()", + "cmt_id": "ecb1d58c0722e593e50317a63294a52ac2308ace" + }, + "CVE-2013-0311": { + "cmt_msg": "vhost: fix length for cross region descriptor", + "cmt_id": "e188567f35fe514253b2e46a31cf03272ab8c030" + }, + "CVE-2012-4530": { + "cmt_msg": "exec: use -ELOOP for max recursion depth", + "cmt_id": "511d07bc0a060049009954eeb8b34eda016c9c0e" + } + }, + "3.2.41": { + "CVE-2012-5517": { + "cmt_msg": "mm/hotplug: correctly add new zone to all other nodes' zone lists", + "cmt_id": "1bdb24f5ab52e64658f496a0dbfe04ffb56edaf6" + }, + "CVE-2013-1860": { + "cmt_msg": "USB: cdc-wdm: fix buffer overflow", + "cmt_id": "8e535446a78958888b16db9d619d0f60c1950622" + }, + "CVE-2013-1792": { + "cmt_msg": "keys: fix race with concurrent install_user_keyrings()", + "cmt_id": "c1dd1f576c5ce265bb8e186f01c91340a5138f49" + }, + "CVE-2013-2548": { + "cmt_msg": "crypto: user - fix info leaks in report API", + "cmt_id": "f56cb892159202ee6486c7fd3c5dec3f82bd5114" + }, + "CVE-2013-0914": { + "cmt_msg": "signal: always clear sa_restorer on execve", + "cmt_id": "125664f0332d57735ba5b79aed4d94a3c04f1090" + }, + "CVE-2013-1848": { + "cmt_msg": "ext3: Fix format string issues", + "cmt_id": "058f677c359d91e6692dc9a9da36b2e3eadf36ba" + }, + "CVE-2013-2546": { + "cmt_msg": "crypto: user - fix info leaks in report API", + "cmt_id": "f56cb892159202ee6486c7fd3c5dec3f82bd5114" + }, + "CVE-2013-2547": { + "cmt_msg": "crypto: user - fix info leaks in report API", + "cmt_id": "f56cb892159202ee6486c7fd3c5dec3f82bd5114" + }, + "CVE-2013-1773": { + "cmt_msg": "NLS: improve UTF8 -> UTF16 string conversion routine", + "cmt_id": "6022b67230dcb25c267e832d72223ffb54703cc8" + } + }, + "3.2.42": { + "CVE-2013-0913": { + "cmt_msg": "drm/i915: bounds check execbuffer relocation count", + "cmt_id": "48e308efbd714ce74b0db89cfa78941cdebc3568" + }, + "CVE-2013-2634": { + "cmt_msg": "dcbnl: fix various netlink info leaks", + "cmt_id": "42d4afd275648c190ec1efc13491c294dadfa49d" + }, + "CVE-2012-6549": { + "cmt_msg": "isofs: avoid info leak on export", + "cmt_id": "edea8d0998c2b2bdade2b6c44fa6fac27ecfd2b7" + }, + "CVE-2012-6548": { + "cmt_msg": "udf: avoid info leak on export", + "cmt_id": "ac23922b930695ed3178cab78b0a9c31a9fa226b" + } + }, + "3.2.43": { + "CVE-2013-1929": { + "cmt_msg": "tg3: fix length overflow in VPD firmware parsing", + "cmt_id": "2b79fa8fddde2d070ca28a2d94394c39bfd8d741" + } + }, + "3.2.44": { + "CVE-2013-3301": { + "cmt_msg": "tracing: Fix possible NULL pointer dereferences", + "cmt_id": "ee3c9aabb636fcfc21d53c506362620b55fdd8c6" + }, + "CVE-2013-2141": { + "cmt_msg": "kernel/signal.c: stop info leak via the tkill and the tgkill syscalls", + "cmt_id": "ffe1341edbe2878134f3083625d5c916670d0fca" + }, + "CVE-2013-1796": { + "cmt_msg": "KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796)", + "cmt_id": "b7c5ee6d49b7cf5a52ae87b955d7ab984cb9c974" + }, + "CVE-2013-1797": { + "cmt_msg": "KVM: x86: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache functions (CVE-2013-1797)", + "cmt_id": "767d3d43c0a02485a8574c0efe39524f246d698b" + }, + "CVE-2013-1798": { + "cmt_msg": "KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798)", + "cmt_id": "6d29de40486edf7d5a61d40f4b18431e2c644ad0" + }, + "CVE-2013-1979": { + "cmt_msg": "net: fix incorrect credentials passing", + "cmt_id": "5428146ebea24b916eb9e3684449699cb6a5c8c0" + } + }, + "3.2.45": { + "CVE-2013-2094": { + "cmt_msg": "perf: Treat attr.config as u64 in perf_swevent_init()", + "cmt_id": "3fc8fc1cc2d585c1f695f7de914063258aafe50e" + }, + "CVE-2013-3076": { + "cmt_msg": "crypto: algif - suppress sending source address information in recvmsg", + "cmt_id": "419f4ba0f032c8d906153d24e017f4bee6df26f5" + }, + "CVE-2013-3224": { + "cmt_msg": "Bluetooth: fix possible info leak in bt_sock_recvmsg()", + "cmt_id": "95ee0fb7a014cdf80be37b329fa462ff3847f7c0" + }, + "CVE-2013-2146": { + "cmt_msg": "perf/x86: Fix offcore_rsp valid mask for SNB/IVB", + "cmt_id": "4fcd6db795fa0f317deb7b64cce89ca2502ff934" + }, + "CVE-2013-0160": { + "cmt_msg": "TTY: do not update atime/mtime on read/write", + "cmt_id": "c29ad805df8c54a9f5d74c66bf5d4a2d449bd99a" + }, + "CVE-2013-3222": { + "cmt_msg": "atm: update msg_namelen in vcc_recvmsg()", + "cmt_id": "2a8c07b253bac436358adb9eb96a37dd223ef120" + }, + "CVE-2013-3223": { + "cmt_msg": "ax25: fix info leak via msg_name in ax25_recvmsg()", + "cmt_id": "e72f86d5b6602c86efb08443c58086c40228b81b" + }, + "CVE-2013-3232": { + "cmt_msg": "netrom: fix info leak via msg_name in nr_recvmsg()", + "cmt_id": "c0bf432a4c3e6870fc87debb9393cb93f638dcba" + }, + "CVE-2013-2596": { + "cmt_msg": "vm: convert fb_mmap to vm_iomap_memory() helper", + "cmt_id": "fc6b92e0aa98ec9547bf779f4e71c0f259f794f3" + }, + "CVE-2013-3234": { + "cmt_msg": "rose: fix info leak via msg_name in rose_recvmsg()", + "cmt_id": "f05503a9ef115c505b36fcd75f77b341811e9169" + } + }, + "3.2.47": { + "CVE-2013-2850": { + "cmt_msg": "iscsi-target: fix heap buffer overflow on error", + "cmt_id": "ba73be1c56e3a459f5cd4580177e865b362d76a7" + }, + "CVE-2013-2852": { + "cmt_msg": "b43: stop format string leaking into error msgs", + "cmt_id": "bfb624e7fd41437a2c256adaf4041fe4414f8f26" + } + }, + "3.2.49": { + "CVE-2013-1059": { + "cmt_msg": "libceph: Fix NULL pointer dereference in auth client code", + "cmt_id": "88a4055704b39e5c67c9cbc837cc15ec6a6d8671" + }, + "CVE-2013-2164": { + "cmt_msg": "drivers/cdrom/cdrom.c: use kzalloc() for failing hardware", + "cmt_id": "6dfd19d0d4d5dd081e1312a550ffae6acc85d70a" + }, + "CVE-2013-2851": { + "cmt_msg": "block: do not pass disk names as format strings", + "cmt_id": "b442223040adf969fd02124c29c856a06cf5649c" + } + }, + "3.2.50": { + "CVE-2013-4162": { + "cmt_msg": "ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data", + "cmt_id": "5d14d39515e0149b5fcd319e4409d8304e7688c7" + }, + "CVE-2013-2232": { + "cmt_msg": "ipv6: ip6_sk_dst_check() must not assume ipv6 dst", + "cmt_id": "a7cdf6bc2abd64f94622fe12a1a212a07a316a83" + }, + "CVE-2013-2234": { + "cmt_msg": "af_key: fix info leaks in notify messages", + "cmt_id": "31bd7d1943f42c22850bb3bc6a7dd89fc4cf9b08" + }, + "CVE-2013-2148": { + "cmt_msg": "fanotify: info leak in copy_event_to_user()", + "cmt_id": "72925fa9b85b0501a4e96c5066af3214292d36d2" + } + }, + "3.2.51": { + "CVE-2013-2237": { + "cmt_msg": "af_key: initialize satype in key_notify_policy_flush()", + "cmt_id": "54811a1992e2c5e318ae91b99ea94c9724bc8f66" + } + }, + "3.2.52": { + "CVE-2013-4350": { + "cmt_msg": "net: sctp: fix ipv6 ipsec encryption bug in sctp_v6_xmit", + "cmt_id": "af7e0f4a91ca9049ee9e541f8a98e762a12e9b9b" + }, + "CVE-2013-2147": { + "cmt_msg": "cpqarray: fix info leak in ida_locked_ioctl()", + "cmt_id": "e1fd636836ca3c883c172dc619a909e988a2f4b5" + }, + "CVE-2013-2896": { + "cmt_msg": "HID: ntrig: validate feature report details", + "cmt_id": "c790976bda06884d78a1f8208d74e566ac41954e" + }, + "CVE-2013-2895": { + "cmt_msg": "HID: logitech-dj: validate output report details", + "cmt_id": "1eb7b3faf9357f481238a3237f637f77fce974a5" + }, + "CVE-2013-2889": { + "cmt_msg": "HID: zeroplus: validate output report details", + "cmt_id": "e0f897f0929d27dc5d7de5cc24ccbeac572e5176" + }, + "CVE-2013-2888": { + "cmt_msg": "HID: validate HID report id size", + "cmt_id": "1ccd1fd4c43407721caa38ae034359bf8d9a1b34" + }, + "CVE-2013-4387": { + "cmt_msg": "ipv6: udp packets following an UFO enqueued packet need also be handled by UFO", + "cmt_id": "e381c716ed158b0b77879625fa58929f1a59a940" + }, + "CVE-2013-2892": { + "cmt_msg": "HID: pantherlord: validate output report details", + "cmt_id": "db841e0c2b59b27c521512930d4e818d92ee1caa" + }, + "CVE-2013-2893": { + "cmt_msg": "HID: LG: validate HID output report details", + "cmt_id": "3da8b771809032cf829869cabbffbed96cd47bc4" + }, + "CVE-2013-0343": { + "cmt_msg": "ipv6: remove max_addresses check from ipv6_create_tempaddr", + "cmt_id": "7319901766396653fae51d2f37c5d23eb4537766" + }, + "CVE-2013-2899": { + "cmt_msg": "HID: picolcd_core: validate output report details", + "cmt_id": "49ad1670d8a0a8e9a7f84272e3054c80563b87bc" + } + }, + "3.2.53": { + "CVE-2013-4470": { + "cmt_msg": "ip6_output: do skb ufo init for peeked non ufo skb as well", + "cmt_id": "5124ae99ac8a8f63d0fca9b75adaef40b20678ff" + }, + "CVE-2013-7470": { + "cmt_msg": "net: fix cipso packet validation when !NETLABEL", + "cmt_id": "55bf9001c5311b9a3e06c2be94e59b70881adea1" + }, + "CVE-2014-1445": { + "cmt_msg": "wanxl: fix info leak in ioctl", + "cmt_id": "e6c24ff286f37711185fe1b6ce1cea58d7fc8c50" + }, + "CVE-2014-1444": { + "cmt_msg": "farsync: fix info leak in ioctl", + "cmt_id": "5bf019ebfa38379d51698b7f0fefcd44d6f0447d" + }, + "CVE-2013-7027": { + "cmt_msg": "wireless: radiotap: fix parsing buffer overrun", + "cmt_id": "d58900877a2845d03b40638fc3b4f2b2d0afe652" + }, + "CVE-2013-6383": { + "cmt_msg": "aacraid: missing capable() check in compat ioctl", + "cmt_id": "a88f5ccd2ac9798c046609a8aec18c3f522a6334" + }, + "CVE-2013-4512": { + "cmt_msg": "uml: check length in exitcode_proc_write()", + "cmt_id": "02c54b6cf2b7bd1089bef485d7a81bdf0c5999d8" + }, + "CVE-2013-4511": { + "cmt_msg": "uml: check length in exitcode_proc_write()", + "cmt_id": "02c54b6cf2b7bd1089bef485d7a81bdf0c5999d8" + }, + "CVE-2013-4515": { + "cmt_msg": "Staging: bcm: info leak in ioctl", + "cmt_id": "43455e8604586d80d43ebb23f9cbb31d6321ef7d" + }, + "CVE-2013-4514": { + "cmt_msg": "staging: wlags49_h2: buffer overflow setting station name", + "cmt_id": "840834b578803d8153b6fd8526d23e615916208b" + }, + "CVE-2013-4299": { + "cmt_msg": "dm snapshot: fix data corruption", + "cmt_id": "7a14369589fd368dd0a83e6b70d0a3eddef071e8" + } + }, + "3.2.54": { + "CVE-2013-7264": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "05d3c1eece356052d8119663d5415c2fcb4680d8" + }, + "CVE-2013-4345": { + "cmt_msg": "crypto: ansi_cprng - Fix off by one error in non-block size request", + "cmt_id": "d1b8de7813fc2127dc16cd9f282bb63611583997" + }, + "CVE-2013-6367": { + "cmt_msg": "KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)", + "cmt_id": "245d4b4480c20ffb50f0eddadcc6516b9017d863" + }, + "CVE-2013-4592": { + "cmt_msg": "KVM: perform an invalid memslot step for gpa base change", + "cmt_id": "c2152747e746aceaa85360eb20b719a835c9d101" + }, + "CVE-2013-7263": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "05d3c1eece356052d8119663d5415c2fcb4680d8" + }, + "CVE-2013-6380": { + "cmt_msg": "aacraid: prevent invalid pointer dereference", + "cmt_id": "1016f060cfaf7c575fce3a92c987d21202da3261" + }, + "CVE-2013-6381": { + "cmt_msg": "qeth: avoid buffer overflow in snmp ioctl", + "cmt_id": "a3e38398c95c83c06c1b8028e406f3aca23ec43d" + }, + "CVE-2013-4348": { + "cmt_msg": "net: flow_dissector: fail on evil iph->ihl", + "cmt_id": "f7d537dc8714abf422238419d057376a772be9fd" + }, + "CVE-2013-7270": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + }, + "CVE-2013-6378": { + "cmt_msg": "libertas: potential oops in debugfs", + "cmt_id": "e3715d06207f877ac6c15b2627515f63e2c59f57" + }, + "CVE-2013-7265": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "05d3c1eece356052d8119663d5415c2fcb4680d8" + }, + "CVE-2013-7266": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + }, + "CVE-2013-4587": { + "cmt_msg": "KVM: Improve create VCPU parameter (CVE-2013-4587)", + "cmt_id": "4a94970b318e0d7387c2d84fa7c92ea782ae52b3" + }, + "CVE-2013-7281": { + "cmt_msg": "inet: prevent leakage of uninitialized memory to user in recv syscalls", + "cmt_id": "05d3c1eece356052d8119663d5415c2fcb4680d8" + }, + "CVE-2013-6382": { + "cmt_msg": "xfs: underflow bug in xfs_attrlist_by_handle()", + "cmt_id": "cc5285f4c67a48e5775d633267f8e284626a990a" + }, + "CVE-2013-6282": { + "cmt_msg": "ARM: 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_DOMAINS", + "cmt_id": "b5c70f452589114e6a551803bf312eed1b57f964" + }, + "CVE-2013-2929": { + "cmt_msg": "exec/ptrace: fix get_dumpable() incorrect tests", + "cmt_id": "983e0bc2210a853af015841de33a06abd873a4fe" + }, + "CVE-2013-7271": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + }, + "CVE-2013-7267": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + }, + "CVE-2013-7268": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + }, + "CVE-2013-7269": { + "cmt_msg": "net: rework recvmsg handler msg_name and msg_namelen logic", + "cmt_id": "a598f7fa9c24c3ef458043d59c237b8fc5d1adad" + } + }, + "3.2.55": { + "CVE-2012-2372": { + "cmt_msg": "rds: prevent BUG_ON triggered on congestion update to loopback", + "cmt_id": "2c3178865b995398e3516a3e260c23c65efad90f" + }, + "CVE-2013-4579": { + "cmt_msg": "ath9k_htc: properly set MAC address and BSSID mask", + "cmt_id": "f7a9877cc68188252558001c9f6907fcb8af0b0f" + }, + "CVE-2014-1446": { + "cmt_msg": "hamradio/yam: fix info leak in ioctl", + "cmt_id": "794ce89c4585d8679fae8c06ddabf8d3a4c4fa53" + }, + "CVE-2013-6368": { + "cmt_msg": "KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368)", + "cmt_id": "6aa82e036079eaf208bd581c201dc61c9200bb2e" + }, + "CVE-2013-7339": { + "cmt_msg": "rds: prevent dereference of a NULL device", + "cmt_id": "95ae36775c086d7549bc65281d22a54b4788f933" + }, + "CVE-2014-1438": { + "cmt_msg": "x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround", + "cmt_id": "bbc220abf9c3e4dbfb7372596661f580fb15a7c8" + } + }, + "3.2.56": { + "CVE-2014-0101": { + "cmt_msg": "net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable", + "cmt_id": "c7160985f53fe845eb5e882a492196a844962650" + }, + "CVE-2014-2672": { + "cmt_msg": "ath9k: protect tid->sched check", + "cmt_id": "cf117670cf074367290d5993fe3111ac6d6b1777" + }, + "CVE-2014-8709": { + "cmt_msg": "mac80211: fix fragmentation code, particularly for encryption", + "cmt_id": "c7b18cdf1887e8ce91e04342cfd2d8fe1630be92" + }, + "CVE-2014-2706": { + "cmt_msg": "mac80211: fix AP powersave TX vs. wakeup race", + "cmt_id": "ad64b463d919a18be70b281efb135231169caf4a" + } + }, + "3.2.57": { + "CVE-2014-2523": { + "cmt_msg": "netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages", + "cmt_id": "5b866eaa34e4ddc312c927030fde5f6a6184ddc5" + }, + "CVE-2014-2039": { + "cmt_msg": "s390: fix kernel crash due to linkage stack instructions", + "cmt_id": "1664028240024d96721a5328c93ff206661cd9e1" + }, + "CVE-2013-4483": { + "cmt_msg": "ipc,sem: fine grained locking for semtimedop", + "cmt_id": "91182754daa6ca26dd2e97ee0b0f6e9e37d33324" + }, + "CVE-2014-0069": { + "cmt_msg": "cifs: ensure that uncached writes handle unmapped areas correctly", + "cmt_id": "b1a292f3ccbbfe864cb4931e8fed4baea6b17eb8" + } + }, + "3.2.58": { + "CVE-2014-2309": { + "cmt_msg": "ipv6: don't set DST_NOCOUNT for remotely added routes", + "cmt_id": "5aa3bcddc8ddc4a8c09541d4b608bfa765631a6d" + }, + "CVE-2014-2678": { + "cmt_msg": "rds: prevent dereference of a NULL device in rds_iw_laddr_check", + "cmt_id": "710da494970f1d73c7df3fc0997e565cf4396e9d" + }, + "CVE-2014-0077": { + "cmt_msg": "vhost: fix total length when packets are too short", + "cmt_id": "cb505037a28ad1d8c378b40366e17fbbc44d10e6" + }, + "CVE-2014-3122": { + "cmt_msg": "mm: try_to_unmap_cluster() should lock_page() before mlocking", + "cmt_id": "8e8836abf74a0b227c651cf76466b8d711470a76" + }, + "CVE-2014-0055": { + "cmt_msg": "vhost: validate vhost_get_vq_desc return value", + "cmt_id": "4334fca3512d179726666ad18459965916a1f189" + } + }, + "3.2.59": { + "CVE-2014-1738": { + "cmt_msg": "floppy: don't write kernel-only members to FDRAWCMD ioctl output", + "cmt_id": "629cbea2961ec001a85a4ac8821dcd45226dd29c" + }, + "CVE-2014-0196": { + "cmt_msg": "n_tty: Fix n_tty_write crash when echoing in raw mode", + "cmt_id": "1e5099713cefc67aa562f6d8fe43444f41baf52d" + }, + "CVE-2014-1737": { + "cmt_msg": "floppy: ignore kernel-only members in FDRAWCMD ioctl input", + "cmt_id": "d79119d4089defc81a49c6a7e26ff5ff86f4b342" + } + }, + "3.2.60": { + "CVE-2014-1739": { + "cmt_msg": "media-device: fix infoleak in ioctl media_enum_entities()", + "cmt_id": "5003eea6cec931203469521351918d4a54c18185" + }, + "CVE-2014-3144": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "d41eb74e53d94aba656ffda647d106808e636cd6" + }, + "CVE-2014-2851": { + "cmt_msg": "net: ipv4: current group_info should be put after using.", + "cmt_id": "a8a695a43272a19b08004a3632da23d03170bd87" + }, + "CVE-2014-3153": { + "cmt_msg": "futex: Make lookup_pi_state more robust", + "cmt_id": "5957ab36e4d0b027f2f32618d30dcc135fbd7077" + }, + "CVE-2014-3145": { + "cmt_msg": "filter: prevent nla extensions to peek beyond the end of the message", + "cmt_id": "d41eb74e53d94aba656ffda647d106808e636cd6" + } + }, + "3.2.61": { + "CVE-2014-4508": { + "cmt_msg": "x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)", + "cmt_id": "bb99d6796995968ca6a42b17fbfb48d073bb234c" + }, + "CVE-2014-4157": { + "cmt_msg": "MIPS: asm: thread_info: Add _TIF_SECCOMP flag", + "cmt_id": "f50bf61a3282988b2fe46e8cb88c9b8698a2d8d2" + }, + "CVE-2014-4699": { + "cmt_msg": "ptrace,x86: force IRET path after a ptrace_stop()", + "cmt_id": "a0eb191eff753e790def174b3fbe66efadfd401d" + }, + "CVE-2014-4655": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "0e2e43eca302b31f64ebfe4734fd2cc7358c4555" + }, + "CVE-2014-4667": { + "cmt_msg": "sctp: Fix sk_ack_backlog wrap-around problem", + "cmt_id": "fe33a3ee987dac85ac24b2d8147d2165051c80d9" + }, + "CVE-2014-4654": { + "cmt_msg": "ALSA: control: Fix replacing user controls", + "cmt_id": "0e2e43eca302b31f64ebfe4734fd2cc7358c4555" + }, + "CVE-2014-3917": { + "cmt_msg": "auditsc: audit_krule mask accesses need bounds checking", + "cmt_id": "38831a0a5984c10d6763aba7e3fffe7fe04a1741" + }, + "CVE-2014-0131": { + "cmt_msg": "skbuff: skb_segment: orphan frags before copying", + "cmt_id": "77c01a54cde87eb3bf6685fb44398352f11db3fa" + }, + "CVE-2014-4656": { + "cmt_msg": "ALSA: control: Handle numid overflow", + "cmt_id": "e3ca27c942102af152aabb2d2a4ab5fa0abe7d95" + }, + "CVE-2014-4653": { + "cmt_msg": "ALSA: control: Don't access controls outside of protected regions", + "cmt_id": "79b789d8e20e22196285ac98247b5aeee2cade17" + }, + "CVE-2014-4652": { + "cmt_msg": "ALSA: control: Protect user controls against concurrent access", + "cmt_id": "7a3e84b9fd584f2f41600a69fe3cc317b2c34b14" + } + }, + "3.2.62": { + "CVE-2014-3534": { + "cmt_msg": "s390/ptrace: fix PSW mask check", + "cmt_id": "438127dd5b66029f904e96900d0f90b1c5a80bf9" + }, + "CVE-2014-4171": { + "cmt_msg": "shmem: fix faulting into a hole while it's punched", + "cmt_id": "f159cc257190477cece829606cfb879612f52f2c" + } + }, + "3.2.63": { + "CVE-2014-5077": { + "cmt_msg": "net: sctp: inherit auth_capable on INIT collisions", + "cmt_id": "38710dd12b99b31bd21b0eac5f457915eaf5e04b" + }, + "CVE-2014-5472": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "d6621d0d6de4b00498cf1bcd8b78f3caa80edf13" + }, + "CVE-2014-3186": { + "cmt_msg": "HID: picolcd: sanity check report size in raw_event() callback", + "cmt_id": "b23ea023ee26e97ba6ffdc3c9d54448a77f1b894" + }, + "CVE-2014-5471": { + "cmt_msg": "isofs: Fix unbounded recursion when processing relocated directories", + "cmt_id": "d6621d0d6de4b00498cf1bcd8b78f3caa80edf13" + }, + "CVE-2014-3181": { + "cmt_msg": "HID: magicmouse: sanity check report size in raw_event() callback", + "cmt_id": "e3ead9249d874dbb7a8e7c3e6e54de35a481986c" + }, + "CVE-2014-3182": { + "cmt_msg": "HID: logitech: perform bounds checking on device_id early enough", + "cmt_id": "e6bc6f668be4ada3a23c136035cb2b83e8521da5" + }, + "CVE-2014-3184": { + "cmt_msg": "HID: fix a couple of off-by-ones", + "cmt_id": "328538d74181a95fa26fa354314f6079945fd5ee" + }, + "CVE-2014-3185": { + "cmt_msg": "USB: whiteheat: Added bounds checking for bulk command response", + "cmt_id": "f92c5bd2c6fcbc55377645c6c023dff1e8849c3b" + }, + "CVE-2014-3601": { + "cmt_msg": "kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)", + "cmt_id": "1bc6485405f05ff9912055c67b43fc86b183eec3" + } + }, + "3.2.64": { + "CVE-2014-3687": { + "cmt_msg": "net: sctp: fix panic on duplicate ASCONF chunks", + "cmt_id": "9a3c6f2e051b608181aff9345481e586b2d54fc9" + }, + "CVE-2014-3690": { + "cmt_msg": "x86,kvm,vmx: Preserve CR4 across VM entry", + "cmt_id": "9e793c5ed9204271ecc2cb7c899010e70561a452" + }, + "CVE-2014-7207": { + "cmt_msg": "ipv6: reuse ip6_frag_id from ip6_ufo_append_data", + "cmt_id": "8db33010af3020af7f4904b2dfffc9841ffc42e4" + }, + "CVE-2014-3647": { + "cmt_msg": "KVM: x86: Emulator fixes for eip canonical checks on near branches", + "cmt_id": "71ca9dc31fd6cd39ade2b3b6f1fa8fe4f2a915fa" + }, + "CVE-2014-3646": { + "cmt_msg": "kvm: vmx: handle invvpid vm exit gracefully", + "cmt_id": "3f09b1f1033b9a6350b72649c6abdafdf81e5c2d" + }, + "CVE-2014-3645": { + "cmt_msg": "nEPT: Nested INVEPT", + "cmt_id": "02a988e6e4511b1f6d83525710a12db9c5a45149" + }, + "CVE-2014-3673": { + "cmt_msg": "net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks", + "cmt_id": "aa001b043dde50e2856fe9460bc819d2a70dc309" + }, + "CVE-2014-6418": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "3ab3b3b67868458de3b047e199c0efe8119ef0de" + }, + "CVE-2014-3610": { + "cmt_msg": "KVM: x86: Check non-canonical addresses upon WRMSR", + "cmt_id": "76715b56c6fcdafae8d47d4fcfe8c940e76f0553" + }, + "CVE-2014-3611": { + "cmt_msg": "KVM: x86: Improve thread safety in pit", + "cmt_id": "30a340f59414f02434e8b7a880241b2bd657cb7b" + }, + "CVE-2014-3688": { + "cmt_msg": "net: sctp: fix remote memory pressure from excessive queueing", + "cmt_id": "3a8c709ba4cf6fe86f5069c71325029d412bcf1e" + }, + "CVE-2014-6417": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "3ab3b3b67868458de3b047e199c0efe8119ef0de" + }, + "CVE-2014-6416": { + "cmt_msg": "libceph: do not hard code max auth ticket len", + "cmt_id": "3ab3b3b67868458de3b047e199c0efe8119ef0de" + } + }, + "3.2.65": { + "CVE-2014-9090": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "4c414592a79b82ddca76945c7afb4843684aa9a8" + }, + "CVE-2014-4608": { + "cmt_msg": "lzo: check for length overrun in variable length encoding.", + "cmt_id": "69d33070a8f165c4bd69fe208085f262201d10fb" + }, + "CVE-2014-9322": { + "cmt_msg": "x86_64, traps: Stop using IST for #SS", + "cmt_id": "4c414592a79b82ddca76945c7afb4843684aa9a8" + }, + "CVE-2014-7826": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "8043761416d5ae6d8fe5e95331d26465d52e8c6e" + }, + "CVE-2014-7825": { + "cmt_msg": "tracing/syscalls: Ignore numbers outside NR_syscalls' range", + "cmt_id": "8043761416d5ae6d8fe5e95331d26465d52e8c6e" + } + }, + "3.2.66": { + "CVE-2014-8133": { + "cmt_msg": "x86/tls: Validate TLS entries to protect espfix", + "cmt_id": "106ed96d46fcaf9f2e72555035fa585403cf4dd3" + }, + "CVE-2015-7509": { + "cmt_msg": "ext4: make orphan functions be no-op in no-journal mode", + "cmt_id": "6d9f360c00512f6a6fded2efcfcbe78ec73e5b1b" + }, + "CVE-2014-7841": { + "cmt_msg": "net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet", + "cmt_id": "590461b16c5464b9d4377898abc057239a6afc3a" + }, + "CVE-2014-7842": { + "cmt_msg": "KVM: x86: Don't report guest userspace emulation error to userspace", + "cmt_id": "1aded21661bda559a407cfb7c69d0e53b72bc671" + }, + "CVE-2014-8134": { + "cmt_msg": "x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit", + "cmt_id": "060d11323f35afb752a7ba6c5bead732c204de55" + }, + "CVE-2014-6410": { + "cmt_msg": "udf: Avoid infinite loop when processing indirect ICBs", + "cmt_id": "7ecef8c8b70c21c944ccdf8b8406292e71038a98" + }, + "CVE-2014-8559": { + "cmt_msg": "move d_rcu from overlapping d_child to overlapping d_alias", + "cmt_id": "026181647a6262f4ba6d60c0847d306ad685468c" + }, + "CVE-2014-8884": { + "cmt_msg": "ttusb-dec: buffer overflow in ioctl", + "cmt_id": "2f67670174ad4bd1c48e8b97cc107e3232d422ce" + } + }, + "3.2.67": { + "CVE-2014-9644": { + "cmt_msg": "crypto: include crypto- module prefix in template", + "cmt_id": "bed7f528031d6c800615380990af22cd8b0e3577" + }, + "CVE-2014-8160": { + "cmt_msg": "netfilter: conntrack: disable generic tracking for known protocols", + "cmt_id": "d7cde286daad20dd171247ea47fc5ff4868591f0" + }, + "CVE-2013-6885": { + "cmt_msg": "x86, cpu, amd: Add workaround for family 16h, erratum 793", + "cmt_id": "9ec2b3153415ca412de6471baec2e61ec89997e1" + }, + "CVE-2014-9419": { + "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES", + "cmt_id": "cca3e6170e186ad88c11ee91cfd37d400dcaa9b0" + }, + "CVE-2014-9584": { + "cmt_msg": "isofs: Fix unchecked printing of ER records", + "cmt_id": "48c47581acba6c3cc9739b33a1107c5446db0a82" + }, + "CVE-2014-9420": { + "cmt_msg": "isofs: Fix infinite looping over CE entries", + "cmt_id": "212c4d33ca83e2144064fe9c2911607fbed5386f" + }, + "CVE-2014-9529": { + "cmt_msg": "KEYS: close race between key lookup and freeing", + "cmt_id": "dc4a2f40de419c01b538c87f6bdfc15d574d9f7e" + }, + "CVE-2014-9585": { + "cmt_msg": "x86_64, vdso: Fix the vdso address randomization algorithm", + "cmt_id": "ba4055175ea39c9f0c16da025c908d3049d2f791" + }, + "CVE-2014-9729": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "24282850119ea4dc29afeb3b2e670f85a9755955" + }, + "CVE-2015-0239": { + "cmt_msg": "KVM: x86: SYSENTER emulation is broken", + "cmt_id": "038911f3d317d331d9637531c13710b8435fe96e" + }, + "CVE-2014-9728": { + "cmt_msg": "udf: Verify i_size when loading inode", + "cmt_id": "24282850119ea4dc29afeb3b2e670f85a9755955" + }, + "CVE-2014-9730": { + "cmt_msg": "udf: Check component length before reading it", + "cmt_id": "1e21fa3ab68b261aa6086c49567963f6f3ad87b9" + }, + "CVE-2014-9731": { + "cmt_msg": "udf: Check path length when reading symlink", + "cmt_id": "fbdbac7bd9def21be7ac4e680c25d880661c10d9" + }, + "CVE-2014-7822": { + "cmt_msg": "->splice_write() via ->write_iter()", + "cmt_id": "894c6350eaad7e613ae267504014a456e00a3e2a" + }, + "CVE-2013-7421": { + "cmt_msg": "crypto: prefix module autoloading with \"crypto-\"", + "cmt_id": "9ffea4cb2306945b5df5f28bb8686333fe666bf1" + }, + "CVE-2015-1421": { + "cmt_msg": "net: sctp: fix slab corruption from use after free on INIT collisions", + "cmt_id": "8662a896ae1ff85dca6797a0e9977a4794b67847" + }, + "CVE-2014-9683": { + "cmt_msg": "eCryptfs: Remove buggy and unnecessary write in file name decode routine", + "cmt_id": "f2d130454e46c3989af1b4f882b6a666d24fa2e0" + } + }, + "3.2.69": { + "CVE-2015-4167": { + "cmt_msg": "udf: Check length of extended attributes and allocation descriptors", + "cmt_id": "925cab7b6a683f791644dfde345f91e87017a023" + }, + "CVE-2016-0823": { + "cmt_msg": "pagemap: do not leak physical addresses to non-privileged userspace", + "cmt_id": "1ffc3cd9a36b504c20ce98fe5eeb5463f389e1ac" + }, + "CVE-2015-2830": { + "cmt_msg": "x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization", + "cmt_id": "159891c0953a89a28f793fc52373b031262c44d2" + }, + "CVE-2015-2150": { + "cmt_msg": "xen-pciback: limit guest control of command register", + "cmt_id": "6dc77dfffb8317d01fc9c2d25d0288c7b31b8623" + }, + "CVE-2015-2041": { + "cmt_msg": "net: llc: use correct size for sysctl timeout entries", + "cmt_id": "88fe14be08a475ad0eea4ca7c51f32437baf41af" + }, + "CVE-2015-2042": { + "cmt_msg": "net: rds: use correct size for max unacked packets and bytes", + "cmt_id": "3760b67b3e419b9ac42a45417491360a14a35357" + }, + "CVE-2015-2922": { + "cmt_msg": "ipv6: Don't reduce hop limit for an interface", + "cmt_id": "f10f7d2a8200fe33c5030c7e32df3a2b3561f3cd" + }, + "CVE-2015-3331": { + "cmt_msg": "crypto: aesni - fix memory usage in GCM decryption", + "cmt_id": "217e17258ab5f5540aef2769c78ff6b3e2b08dde" + }, + "CVE-2015-1593": { + "cmt_msg": "x86, mm/ASLR: Fix stack randomization on 64-bit systems", + "cmt_id": "766dde0195e427b2371fa2e00cd86a88e2c948bf" + }, + "CVE-2014-8159": { + "cmt_msg": "IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic", + "cmt_id": "485f16b743d98527620396639b73d7214006f3c7" + }, + "CVE-2015-3636": { + "cmt_msg": "ipv4: Missing sk_nulls_node_init() in ping_unhash().", + "cmt_id": "d3df672020a93355bc8f683fc19694e0316381ab" + } + }, + "3.2.70": { + "CVE-2015-4700": { + "cmt_msg": "x86: bpf_jit: fix compilation of large bpf programs", + "cmt_id": "a8139dccd98bdece27deac8da46b4145ec7f61c1" + }, + "CVE-2015-6526": { + "cmt_msg": "powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH", + "cmt_id": "3c9d9d2cc60b5063cda0e92d4b6cdb92da268e7b" + }, + "CVE-2015-1420": { + "cmt_msg": "vfs: read file_handle only once in handle_to_path", + "cmt_id": "8dfc8b9e8432f50606820b40a7d63618d9d61a07" + }, + "CVE-2017-1000253": { + "cmt_msg": "fs/binfmt_elf.c: fix bug in loading of PIE binaries", + "cmt_id": "c3727815f928a838e845b5755b4dde4efb2841c9" + }, + "CVE-2015-5364": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "556574d97b6e0c2970b7e5ab693bcf35f73195fa" + }, + "CVE-2015-5366": { + "cmt_msg": "udp: fix behavior of wrong checksums", + "cmt_id": "556574d97b6e0c2970b7e5ab693bcf35f73195fa" + }, + "CVE-2015-5707": { + "cmt_msg": "sg_start_req(): make sure that there's not too many elements in iovec", + "cmt_id": "07213eed86c17c544bb10568fc04e49e03730ab7" + }, + "CVE-2015-3212": { + "cmt_msg": "sctp: fix ASCONF list handling", + "cmt_id": "001b7cc921ce608997f2796ecf95fe05b7288457" + } + }, + "3.2.71": { + "CVE-2015-6252": { + "cmt_msg": "vhost: actually track log eventfd file", + "cmt_id": "403652a78799f25e3c0d07326805cc1ffcce0f87" + }, + "CVE-2015-3288": { + "cmt_msg": "mm: avoid setting up anonymous pages into file mapping", + "cmt_id": "e2506476534cff7bb3697fbe0654fdefd101bc80" + }, + "CVE-2015-9289": { + "cmt_msg": "cx24116: fix a buffer overflow when checking userspace params", + "cmt_id": "729c8c5e3700410e3436573abfa5b68e8d3c89d6" + } + }, + "3.2.72": { + "CVE-2015-7613": { + "cmt_msg": "Initialize msg/shm IPC objects before doing ipc_addid()", + "cmt_id": "2ef259c0f5b2f3ca28ccb7bf126a0a2177012f89" + }, + "CVE-2015-8215": { + "cmt_msg": "ipv6: addrconf: validate new MTU before applying it", + "cmt_id": "1c825dacb615430cb384e0e3be07700013291742" + }, + "CVE-2015-5697": { + "cmt_msg": "md: use kzalloc() when bitmap is disabled", + "cmt_id": "06f0f9d843af52573c7dad0d81ee9df984e0b6be" + }, + "CVE-2015-5156": { + "cmt_msg": "virtio-net: drop NETIF_F_FRAGLIST", + "cmt_id": "e4afe1f118e136464da2faeb18c6c9a791ce25bc" + }, + "CVE-2015-2925": { + "cmt_msg": "dcache: Handle escaped paths in prepend_path", + "cmt_id": "722632af3c2b4828e79f143e356489c6761035ec" + }, + "CVE-2015-5257": { + "cmt_msg": "USB: whiteheat: fix potential null-deref at probe", + "cmt_id": "cbea57119272755ccfd710fdaf4669ae05512b02" + }, + "CVE-2015-6937": { + "cmt_msg": "RDS: verify the underlying transport exists before creating a connection", + "cmt_id": "987ad6eef35223b149baf453171b74917c372cbc" + } + }, + "3.2.73": { + "CVE-2015-7872": { + "cmt_msg": "KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring", + "cmt_id": "a6826ecbeab9c832ed742653de895ad4de61c858" + }, + "CVE-2015-5307": { + "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered", + "cmt_id": "3553e5d34d72a3aac5d967ec8b4d45a88340d679" + }, + "CVE-2015-8019": { + "cmt_msg": "net: add length argument to skb_copy_and_csum_datagram_iovec", + "cmt_id": "127500d724f8c43f452610c9080444eedb5eaa6c" + } + }, + "3.2.74": { + "CVE-2015-8374": { + "cmt_msg": "Btrfs: fix truncation of compressed and inlined extents", + "cmt_id": "2a97932f99303b32c6683f136628298da7f85323" + }, + "CVE-2016-8646": { + "cmt_msg": "crypto: algif_hash - Only export and import on sockets with data", + "cmt_id": "bd65107fc1d80498ea8d8185edb48d05a1a85255" + }, + "CVE-2015-8104": { + "cmt_msg": "KVM: svm: unconditionally intercept #DB", + "cmt_id": "b42506c6c820764f26e3036dfd733e0401525c88" + } + }, + "3.2.75": { + "CVE-2015-8543": { + "cmt_msg": "net: add validation for the socket syscall protocol argument", + "cmt_id": "ef6d51d24d878be2291d7af783441356eb77649d" + }, + "CVE-2015-8785": { + "cmt_msg": "fuse: break infinite loop in fuse_fill_write_pages()", + "cmt_id": "a5b234167a1ff46f311f5835828eec2f971b9bb4" + }, + "CVE-2015-7799": { + "cmt_msg": "isdn_ppp: Add checks for allocation failure in isdn_ppp_open()", + "cmt_id": "3ed88ba9e848aac74ae150b089ed36c25016faca" + }, + "CVE-2015-8569": { + "cmt_msg": "pptp: verify sockaddr_len in pptp_bind() and pptp_connect()", + "cmt_id": "1e44aafdd1181dd5e5b0638f9d3498b73c4d89e9" + }, + "CVE-2016-3841": { + "cmt_msg": "ipv6: add complete rcu protection around np->opt", + "cmt_id": "5bf369b4470d3618af67b572a82d76b92ce1abd1" + }, + "CVE-2015-8575": { + "cmt_msg": "bluetooth: Validate socket address length in sco_sock_bind().", + "cmt_id": "805ce945362d9e496563c9885e7fde00cbd83635" + }, + "CVE-2013-7446": { + "cmt_msg": "unix: avoid use-after-free in ep_remove_wait_queue", + "cmt_id": "a3b0f6e8a21ef02f69a15abac440572d8cde8c2a" + } + }, + "3.2.76": { + "CVE-2015-8551": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "9bb38c41353fa56c8d5c0a18becab89a503a514e" + }, + "CVE-2015-8550": { + "cmt_msg": "xen: Add RING_COPY_REQUEST()", + "cmt_id": "a489a13bfc648d5d3764d2fe064135f83ff34ee8" + }, + "CVE-2015-8553": { + "cmt_msg": "xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set.", + "cmt_id": "16f592aba4a0e7741823a37b0e5064f08c5f6dc1" + }, + "CVE-2015-7513": { + "cmt_msg": "KVM: x86: Reload pit counters for all channels when restoring state", + "cmt_id": "08b8d1a6ccdefd3d517d04c472b7f42f51b3059b" + }, + "CVE-2015-7550": { + "cmt_msg": "KEYS: Fix race between read and revoke", + "cmt_id": "027466a78ea676dcb831fef6ec9092f25b8fa624" + }, + "CVE-2016-10229": { + "cmt_msg": "udp: properly support MSG_PEEK with truncated buffers", + "cmt_id": "18a6eba2eabbcb50a78210b16f7dd43d888a537b" + }, + "CVE-2015-8816": { + "cmt_msg": "USB: fix invalid memory access in hub_activate()", + "cmt_id": "10037421b529bc1fc18994e94e37d745184c4ea9" + }, + "CVE-2015-8552": { + "cmt_msg": "xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled", + "cmt_id": "9bb38c41353fa56c8d5c0a18becab89a503a514e" + } + }, + "3.2.77": { + "CVE-2016-2069": { + "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization", + "cmt_id": "72e67165876432b2803c02ba8a8f0168f18ab3c7" + }, + "CVE-2017-13215": { + "cmt_msg": "crypto: algif_skcipher - Load TX SG list after waiting", + "cmt_id": "9cf50c3ff1d3286a25781c8d6f81e83f7835c5c8" + }, + "CVE-2016-2548": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "65b6e4a0b6497a57608821c20149e83f256dc32c" + }, + "CVE-2016-2545": { + "cmt_msg": "ALSA: timer: Fix double unlink of active_list", + "cmt_id": "0e8f916d7dc9170ab2ef4b9a9ed19b640720029b" + }, + "CVE-2016-2544": { + "cmt_msg": "ALSA: seq: Fix race at timer setup and close", + "cmt_id": "d60262682193d5098dc1e13cd374ddfa49ee4c8d" + }, + "CVE-2016-2547": { + "cmt_msg": "ALSA: timer: Harden slave timer list handling", + "cmt_id": "65b6e4a0b6497a57608821c20149e83f256dc32c" + }, + "CVE-2016-2546": { + "cmt_msg": "ALSA: timer: Fix race among timer ioctls", + "cmt_id": "12f88515e0e99a220afdfaeeeedf2fe206fbdc24" + }, + "CVE-2016-2543": { + "cmt_msg": "ALSA: seq: Fix missing NULL check at remove_events ioctl", + "cmt_id": "4cc2016fc314d14eb406dbd654120ae5a1bc2423" + }, + "CVE-2015-8970": { + "cmt_msg": "crypto: algif_skcipher - Require setkey before accept(2)", + "cmt_id": "e249f66acd1096c07a64cf59b6add21b0edbc7f3" + }, + "CVE-2016-2549": { + "cmt_msg": "ALSA: hrtimer: Fix stall by hrtimer_cancel()", + "cmt_id": "f35e5e1204e0017f4011fd2896b16c6d30e2e827" + }, + "CVE-2015-8767": { + "cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event", + "cmt_id": "a655ba1a8c185ef3d8ecc2709df568c1a7840b74" + } + }, + "3.2.78": { + "CVE-2016-2782": { + "cmt_msg": "USB: visor: fix null-deref at probe", + "cmt_id": "eff70986a653dbf87ede52a1293dc499b6eb829e" + }, + "CVE-2016-2384": { + "cmt_msg": "ALSA: usb-audio: avoid freeing umidi object twice", + "cmt_id": "78a6b3f7be7ae07c7e60f638c77c87701a703559" + }, + "CVE-2016-0723": { + "cmt_msg": "tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)", + "cmt_id": "710dbb61210c0546cd1bfd9ebd0ad29207202d26" + }, + "CVE-2021-20265": { + "cmt_msg": "af_unix: fix struct pid memory leak", + "cmt_id": "60bfb26f95813ca8c779fbc16ade031dc85f5394" + }, + "CVE-2017-13167": { + "cmt_msg": "ALSA: timer: Fix race at concurrent reads", + "cmt_id": "c65409e6175adaaf9430a8b12111afcda58c7dce" + }, + "CVE-2015-7566": { + "cmt_msg": "USB: serial: visor: fix crash on detecting device without write_urbs", + "cmt_id": "8bc91d462570df465937a516c721ff0f4ae0e0ed" + }, + "CVE-2015-8812": { + "cmt_msg": "iw_cxgb3: Fix incorrectly returning error on success", + "cmt_id": "4249217f43bc2d1f0ba71895a566d28d8d097d52" + }, + "CVE-2016-2847": { + "cmt_msg": "pipe: limit the per-user amount of pages allocated in pipes", + "cmt_id": "92375b85b70395c8180991084c05e8d78e55d066" + }, + "CVE-2013-4312": { + "cmt_msg": "unix: properly account for FDs passed over unix sockets", + "cmt_id": "a5a6cf8c405e826ff7ed1308dde72560c0ed4854" + } + }, + "3.2.79": { + "CVE-2016-2143": { + "cmt_msg": "s390/mm: four page table levels vs. fork", + "cmt_id": "03aeac3050c3ec92a50e1409e0b5037a97a20834" + }, + "CVE-2015-7515": { + "cmt_msg": "Input: aiptek - fix crash on detecting device without endpoints", + "cmt_id": "90eb3c037fe3f0f25f01713a92725a8daa2b41f3" + }, + "CVE-2016-0821": { + "cmt_msg": "include/linux/poison.h: fix LIST_POISON{1,2} offset", + "cmt_id": "d7a1adecfd8254ea61c79585a9c56dd6e3d0f5b7" + } + }, + "3.2.80": { + "CVE-2016-3137": { + "cmt_msg": "USB: cypress_m8: add endpoint sanity check", + "cmt_id": "2f974f8dc1e451dedb79eeac94f24e667c09917a" + }, + "CVE-2016-3157": { + "cmt_msg": "x86/iopl/64: Properly context-switch IOPL on Xen PV", + "cmt_id": "880ee9d2f52a511bb603ef79030d6fbd30c5d878" + }, + "CVE-2016-3156": { + "cmt_msg": "ipv4: Don't do expensive useless work during inetdev destroy.", + "cmt_id": "d72b450666d8d0ee1dc01911c4193bc27b71af3d" + }, + "CVE-2016-3672": { + "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32", + "cmt_id": "84f60bacb3084374a161bcb3e847dd22ed65f0a2" + }, + "CVE-2016-3140": { + "cmt_msg": "USB: digi_acceleport: do sanity checking for the number of ports", + "cmt_id": "3867082924673a9371792e822fe3ed403eeff4d9" + }, + "CVE-2016-3136": { + "cmt_msg": "USB: mct_u232: add sanity checking in probe", + "cmt_id": "b323f6de337f4904272172958322b5f2bf50984d" + }, + "CVE-2016-3955": { + "cmt_msg": "USB: usbip: fix potential out-of-bounds write", + "cmt_id": "7ce55b83fbf2ff341aacfe825001d40e7bbccbe2" + }, + "CVE-2016-7117": { + "cmt_msg": "net: Fix use after free in the recvmmsg exit path", + "cmt_id": "61934d093bc3acbd3d968b4b2f31c7c98b3edc10" + }, + "CVE-2016-9685": { + "cmt_msg": "xfs: fix two memory leaks in xfs_attr_list.c error paths", + "cmt_id": "f9b3ef7e5d25db9c35ebb61ba70bb502174c8b5d" + }, + "CVE-2016-3134": { + "cmt_msg": "netfilter: x_tables: fix unconditional helper", + "cmt_id": "985970fd0118576d9853d1d1a9c4309ae4d248bb" + }, + "CVE-2016-4805": { + "cmt_msg": "ppp: take reference on channels netns", + "cmt_id": "7fda126c5155acc3e61596ce4c5dcf3859e22444" + }, + "CVE-2016-2185": { + "cmt_msg": "Input: ati_remote2 - fix crashes on detecting device with invalid descriptor", + "cmt_id": "ae211053c771562a27a53c2a49f20f720a7c473d" + }, + "CVE-2016-2184": { + "cmt_msg": "ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()", + "cmt_id": "8e5c3482b5c7bcbd7df6b10ddb6d7bcc578f3553" + }, + "CVE-2016-2186": { + "cmt_msg": "Input: powermate - fix oops with malicious USB descriptors", + "cmt_id": "615fd7f1ce2ced5bd401aeac55cda44295c2ae58" + }, + "CVE-2016-3138": { + "cmt_msg": "USB: cdc-acm: more sanity checking", + "cmt_id": "c50eccdcbb5df7830e4a0229844a154855ac13ff" + } + }, + "3.2.81": { + "CVE-2016-3961": { + "cmt_msg": "x86/mm/xen: Suppress hugetlbfs in PV guests", + "cmt_id": "2ecc8cfb833a45c8df005209fbd6e0382cf3c0b1" + }, + "CVE-2016-4580": { + "cmt_msg": "net: fix a kernel infoleak in x25 module", + "cmt_id": "132c5255a23f505ffefe03cfc1f01ee9c82f3e09" + }, + "CVE-2016-4486": { + "cmt_msg": "net: fix infoleak in rtnetlink", + "cmt_id": "114253841cddf0f87b19ab8b0091abea41c58735" + }, + "CVE-2016-4485": { + "cmt_msg": "net: fix infoleak in llc", + "cmt_id": "3ec6a22dc6ded2c350e1d47513d316c55e9330c1" + }, + "CVE-2016-4913": { + "cmt_msg": "get_rock_ridge_filename(): handle malformed NM entries", + "cmt_id": "d4203ded7550f38e69b18c37c1e0a67064fc02a8" + }, + "CVE-2016-4565": { + "cmt_msg": "IB/security: Restrict use of the write() interface", + "cmt_id": "7cd419255d03561d98c94fad1a027a539c4a7484" + }, + "CVE-2016-2187": { + "cmt_msg": "Input: gtco - fix crash on detecting device without endpoints", + "cmt_id": "315085d5f39f1be90960b9ee4749c2e5df21096e" + }, + "CVE-2016-7916": { + "cmt_msg": "proc: prevent accessing /proc/<PID>/environ until it's ready", + "cmt_id": "99cfe931aa948c3af2f288f9d603bddbbc456a90" + } + }, + "3.2.82": { + "CVE-2016-4569": { + "cmt_msg": "ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS", + "cmt_id": "c76456ef3f9371a7647f6dea87e8cdcc38cb33db" + }, + "CVE-2016-5829": { + "cmt_msg": "HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands", + "cmt_id": "7cb5ee0e7e734969b39370ac739d473e0ae367bd" + }, + "CVE-2016-4578": { + "cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback", + "cmt_id": "506a6ad7e521baf8e554eedfd09873f490c8a304" + }, + "CVE-2016-4470": { + "cmt_msg": "KEYS: potential uninitialized variable", + "cmt_id": "2145d937988c272cf59be94cc8a9669a6f0508e7" + }, + "CVE-2016-5243": { + "cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump", + "cmt_id": "9fa075340941fc16110bca226c50819b2453fa9b" + }, + "CVE-2016-5244": { + "cmt_msg": "rds: fix an infoleak in rds_inc_info_copy", + "cmt_id": "948969a457e89903d180d01cbcbfee59c16f5bb5" + }, + "CVE-2016-4482": { + "cmt_msg": "USB: usbfs: fix potential infoleak in devio", + "cmt_id": "05b352b3503450e32a6b3b4fad6358d7bf1290f5" + }, + "CVE-2016-1583": { + "cmt_msg": "proc: prevent stacking filesystems on top", + "cmt_id": "cf3069a14a9cccdd89d2b482f9eee5e37ebe25a6" + }, + "CVE-2014-9922": { + "cmt_msg": "fs: limit filesystem stacking depth", + "cmt_id": "9d6c5babc04522ff85b550f14563970279ab8f90" + }, + "CVE-2016-6136": { + "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()", + "cmt_id": "143d0f1678e19294b33de07309013c8ff4777ebe" + } + }, + "3.2.84": { + "CVE-2016-7042": { + "cmt_msg": "KEYS: Fix short sprintf buffer in /proc/keys show function", + "cmt_id": "b70315cfd846c29a85c7348c4ff948fa54252d3a" + }, + "CVE-2016-6828": { + "cmt_msg": "tcp: fix use after free in tcp_xmit_retransmit_queue()", + "cmt_id": "dce1c887660cb96ee0ba5e3751aa6845589c6fec" + }, + "CVE-2016-8633": { + "cmt_msg": "firewire: net: guard against rx buffer overflows", + "cmt_id": "4538dfea79538a98e1468088b05627f82ac69789" + }, + "CVE-2015-1350": { + "cmt_msg": "fs: Avoid premature clearing of capabilities", + "cmt_id": "7230a82ecc91aaf0c62b048afb15f3b8e2d8059f" + }, + "CVE-2016-7097": { + "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions", + "cmt_id": "a06d3be52bce98746341cfb290203603fd028290" + }, + "CVE-2016-7425": { + "cmt_msg": "scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()", + "cmt_id": "5d14051db0eb5b81f1e5814681f3c60c232a33d8" + }, + "CVE-2016-6480": { + "cmt_msg": "aacraid: Check size values after double-fetch from user", + "cmt_id": "8c7c27347bf94d568353a539dfff6578b6181b82" + }, + "CVE-2016-7910": { + "cmt_msg": "block: fix use-after-free in seq file", + "cmt_id": "48e28a20b22794a94a65305299f83d183d274a39" + }, + "CVE-2016-3857": { + "cmt_msg": "arm: oabi compat: add missing access checks", + "cmt_id": "b1038b4e5e64547052f91767ddf369683ebf2697" + } + }, + "3.2.85": { + "CVE-2017-15102": { + "cmt_msg": "usb: misc: legousbtower: Fix NULL pointer deference", + "cmt_id": "dde8322a694ca0c466775c3463fccd74a8ce14e2" + }, + "CVE-2016-7915": { + "cmt_msg": "HID: core: prevent out-of-bound readings", + "cmt_id": "119e11a50fc0e5218e0a0f2d7d87c0cbf1d54940" + }, + "CVE-2016-8632": { + "cmt_msg": "tipc: check minimum bearer MTU", + "cmt_id": "29273d459fb00a86bfb1ffed026033b152a99870" + }, + "CVE-2016-8655": { + "cmt_msg": "packet: fix race condition in packet_set_ring", + "cmt_id": "a9aaf8204feb497bb47aab977f04f5cea69b174e" + }, + "CVE-2016-10088": { + "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS", + "cmt_id": "e30250c95b840896da4cb71e84bead5803ee1ff6" + }, + "CVE-2016-8405": { + "cmt_msg": "fbdev: color map copying bounds checking", + "cmt_id": "00a188b0e63feb83d7e78a91dee6f621a0dcbdda" + }, + "CVE-2016-6787": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "f8ab792cab4a7c86288b8fba946a27a3e3119f46" + }, + "CVE-2016-6786": { + "cmt_msg": "perf: Fix event->ctx locking", + "cmt_id": "f8ab792cab4a7c86288b8fba946a27a3e3119f46" + }, + "CVE-2017-6001": { + "cmt_msg": "perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race", + "cmt_id": "9eb0e01be831d0f37ea6278a92c32424141f55fb" + }, + "CVE-2015-8963": { + "cmt_msg": "perf: Fix race in swevent hash", + "cmt_id": "d96703774345ffb7513b76058f4879ae14c298be" + }, + "CVE-2016-9555": { + "cmt_msg": "sctp: validate chunk len before actually using it", + "cmt_id": "ba43cdd87d0aaed69ef1bb14a91c3e767a4c210f" + }, + "CVE-2016-9794": { + "cmt_msg": "ALSA: pcm : Call kill_fasync() in stream lock", + "cmt_id": "5409b6c1f1b38d3fb461704d02addf55119c5230" + }, + "CVE-2015-8964": { + "cmt_msg": "tty: Prevent ldisc drivers from re-using stale tty fields", + "cmt_id": "72bc3e471e03421dd6e1dd71762b3208af8e02a5" + }, + "CVE-2012-6704": { + "cmt_msg": "net: cleanups in sock_setsockopt()", + "cmt_id": "3e21b29fc335c07161b01459a4123721da2e4642" + }, + "CVE-2015-8962": { + "cmt_msg": "sg: Fix double-free when drives detach during SG_IO", + "cmt_id": "08f231da62d5a411ac5594409e76606e80107e02" + }, + "CVE-2014-9888": { + "cmt_msg": "ARM: dma-mapping: don't allow DMA mappings to be marked executable", + "cmt_id": "d05fedab817c43171d355d3aad5a9281ff80a7ba" + }, + "CVE-2016-7911": { + "cmt_msg": "block: fix use-after-free in sys_ioprio_get()", + "cmt_id": "1691990a88bdc50085de174b24861fbca12fcc57" + }, + "CVE-2016-8645": { + "cmt_msg": "tcp: take care of truncations done by sk_filter()", + "cmt_id": "1433b66208118028d7f1a5fc235f2660badb6c05" + }, + "CVE-2014-9895": { + "cmt_msg": "media: info leak in __media_device_enum_links()", + "cmt_id": "f43c83348acdbdd8ca1af3c52f6ace629f5b386d" + } + }, + "3.2.86": { + "CVE-2016-9588": { + "cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)", + "cmt_id": "b54f0df42fbd30cd1c6fdf4e72fd398b713a539e" + }, + "CVE-2017-6214": { + "cmt_msg": "tcp: avoid infinite loop in tcp_splice_read()", + "cmt_id": "cd3b9e464ca54547965df76463bdfb26e6712287" + }, + "CVE-2017-6074": { + "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO", + "cmt_id": "fd75b79ea9c7cf89d5b95f9896c6b4dcdac8c4cb" + }, + "CVE-2017-5549": { + "cmt_msg": "USB: serial: kl5kusb105: fix line-state error handling", + "cmt_id": "70c3dd409057dfe3a5d3486a0600bba340aab664" + } + }, + "3.2.87": { + "CVE-2017-6353": { + "cmt_msg": "sctp: deny peeloff operation on asocs with threads sleeping on it", + "cmt_id": "6c24f53714319676adf7ab0d2d081e4b9de35bad" + }, + "CVE-2017-2636": { + "cmt_msg": "tty: n_hdlc: get rid of racy n_hdlc.tbuf", + "cmt_id": "d7ac6cf6751a0ffa00f9e46022024f79b0daa771" + }, + "CVE-2017-7273": { + "cmt_msg": "HID: hid-cypress: validate length of report", + "cmt_id": "4faec4a2ef5dd481682cc155cb9ea14ba2534b76" + }, + "CVE-2017-5669": { + "cmt_msg": "ipc/shm: Fix shmat mmap nil-page protection", + "cmt_id": "c14d51ebac238f5bb6148c6999a54b02821445c6" + }, + "CVE-2017-6348": { + "cmt_msg": "irda: Fix lockdep annotations in hashbin_delete().", + "cmt_id": "c512d1770f6731d7c34eb71d7463852d3ad0e452" + }, + "CVE-2017-5986": { + "cmt_msg": "sctp: avoid BUG_ON on sctp_wait_for_sndbuf", + "cmt_id": "8b9f297cd4171ffaec7441b38cecd61f9c5b3a7f" + }, + "CVE-2017-6346": { + "cmt_msg": "packet: fix races in fanout_add()", + "cmt_id": "382299a020add34cc75ac501bbcb655195c123b8" + } + }, + "3.2.88": { + "CVE-2016-10200": { + "cmt_msg": "l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()", + "cmt_id": "2147a17048314f069838aace1d08b8c719448b50" + }, + "CVE-2017-5970": { + "cmt_msg": "ipv4: keep skb->dst around in presence of IP options", + "cmt_id": "6892986c7db05c281322f1f8870f5a46d4080e99" + } + }, + "3.2.89": { + "CVE-2017-7294": { + "cmt_msg": "drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", + "cmt_id": "c2e7959f2ea446a417bf2cdb79792575852d17bb" + }, + "CVE-2017-7308": { + "cmt_msg": "net/packet: fix overflow in check for priv area size", + "cmt_id": "091a6de006536c50f8a30db60d994a5b083b1c7b" + }, + "CVE-2017-8890": { + "cmt_msg": "dccp/tcp: do not inherit mc_list from parent", + "cmt_id": "3d221359fedfc759661fb4a72804b6e798886e8f" + }, + "CVE-2017-7472": { + "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings", + "cmt_id": "0ebd7208190d2f7b16fee3cea05665e212cebaab" + }, + "CVE-2017-7895": { + "cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops", + "cmt_id": "6b9ba0c00cb068a50a409bbdc7cfbe473f1c01a3" + }, + "CVE-2017-7184": { + "cmt_msg": "xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window", + "cmt_id": "04dba730e9d4798184b4769f74ef14c20f8c6f9a" + }, + "CVE-2017-7487": { + "cmt_msg": "ipx: call ipxitf_put() in ioctl error path", + "cmt_id": "48dc185bcc73e1bb42d007cbaf96ad55cefaf4cb" + }, + "CVE-2017-9242": { + "cmt_msg": "ipv6: fix out of bound writes in __ip6_append_data()", + "cmt_id": "e5238fca9694d61861096d5fb80685c9f6581555" + }, + "CVE-2017-0605": { + "cmt_msg": "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()", + "cmt_id": "e39e64193a8a611d11d4c62579a7246c1af70d1c" + }, + "CVE-2017-7645": { + "cmt_msg": "nfsd: check for oversized NFSv2/v3 arguments", + "cmt_id": "1eb3e42d91d63fc757a8da38683f417bcdf953a2" + }, + "CVE-2017-7261": { + "cmt_msg": "drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()", + "cmt_id": "20996e6d81c907b10a5ab57c4172be97cb1a7de1" + }, + "CVE-2017-9077": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "0767192a2c4ac9145a7e8fb00370963bc145a920" + }, + "CVE-2017-2671": { + "cmt_msg": "ping: implement proper locking", + "cmt_id": "352651a0a07649e4ee03e294da069b5c3e42aae4" + }, + "CVE-2017-9075": { + "cmt_msg": "sctp: do not inherit ipv6_{mc|ac|fl}_list from parent", + "cmt_id": "cc1fa7814bdb7ebee2ee79bbce181c0783de9ad5" + }, + "CVE-2017-9074": { + "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options", + "cmt_id": "ad8a4d9d3f255a783d534a47d4b4ac611bb291d8" + }, + "CVE-2017-9076": { + "cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent", + "cmt_id": "0767192a2c4ac9145a7e8fb00370963bc145a920" + }, + "CVE-2016-2188": { + "cmt_msg": "USB: iowarrior: fix NULL-deref at probe", + "cmt_id": "6598f3d653a85dccfb4a472504ec6fd12cec8e42" + }, + "CVE-2017-7618": { + "cmt_msg": "crypto: ahash - Fix EINPROGRESS notification callback", + "cmt_id": "82ef3e7b16e777db114a0c3699b91134417fe8c9" + }, + "CVE-2017-8924": { + "cmt_msg": "USB: serial: io_ti: fix information leak in completion handler", + "cmt_id": "6d0c587048c85ca94723fc1bd900130cbe875eb3" + }, + "CVE-2017-8925": { + "cmt_msg": "USB: serial: omninet: fix reference leaks at open", + "cmt_id": "8b236342396140be22ab9b486c412666f161af78" + }, + "CVE-2016-9604": { + "cmt_msg": "KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings", + "cmt_id": "7488aaea277dc17eb12bda22c91332c804c62965" + }, + "CVE-2017-7616": { + "cmt_msg": "mm/mempolicy.c: fix error handling in set_mempolicy and mbind.", + "cmt_id": "3f3b4a9db31af279e793229177b63ea201e24629" + } + }, + "3.2.90": { + "CVE-2017-1000364": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "640c7dfdc7c723143b1ce42f5569ec8565cbbde7" + }, + "CVE-2017-7482": { + "cmt_msg": "rxrpc: Fix several cases where a padded len isn't checked in ticket decode", + "cmt_id": "09c9faacebb3c1e279ec962cff3072995328ca29" + }, + "CVE-2017-1000379": { + "cmt_msg": "mm: larger stack guard gap, between vmas", + "cmt_id": "640c7dfdc7c723143b1ce42f5569ec8565cbbde7" + } + }, + "3.2.91": { + "CVE-2017-6951": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "206659fcb63b2ba078a0c288e470ea12cacce316" + }, + "CVE-2017-10911": { + "cmt_msg": "xen-blkback: don't leak stack data via response ring", + "cmt_id": "cc21fe1ff77acfab555df5577ea46fc89932f3b2" + }, + "CVE-2017-1000380": { + "cmt_msg": "ALSA: timer: Fix race between read and ioctl", + "cmt_id": "7aba7242b83b6e9a56a8eb875d669cfab4eff542" + }, + "CVE-2017-2647": { + "cmt_msg": "KEYS: Remove key_type::match in favour of overriding default by match_preparse", + "cmt_id": "206659fcb63b2ba078a0c288e470ea12cacce316" + }, + "CVE-2017-7889": { + "cmt_msg": "mm: Tighten x86 /dev/mem with zeroing reads", + "cmt_id": "b8f254aa17f720053054c4ecff3920973a83b9d6" + }, + "CVE-2017-1000365": { + "cmt_msg": "fs/exec.c: account for argv/envp pointers", + "cmt_id": "cea299eb189fca09c413432b807abd607385b3bc" + }, + "CVE-2017-1000363": { + "cmt_msg": "char: lp: fix possible integer overflow in lp_setup()", + "cmt_id": "550845d02afb926d50d1487f9e2b954270c83963" + } + }, + "3.2.92": { + "CVE-2017-10661": { + "cmt_msg": "timerfd: Protect the might cancel mechanism proper", + "cmt_id": "1b31fcb21779ddbe0b49f519830e203fe0586688" + }, + "CVE-2017-11176": { + "cmt_msg": "mqueue: fix a use-after-free in sys_mq_notify()", + "cmt_id": "3557f62ec91e10cb2ac8e5f312bec0977d67803f" + }, + "CVE-2017-1000111": { + "cmt_msg": "packet: fix tp_reserve race in packet_set_ring", + "cmt_id": "8f716035da0ad35d5a65668eb3c10aad6c439d7b" + }, + "CVE-2017-7542": { + "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt", + "cmt_id": "c5a5d1b1cb8449c77d3cb1663649391635228cff" + } + }, + "3.2.93": { + "CVE-2017-11600": { + "cmt_msg": "xfrm: policy: check policy direction value", + "cmt_id": "31f11713f7bb0a4cb90466331832658c0b9c9e80" + }, + "CVE-2017-14106": { + "cmt_msg": "tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0", + "cmt_id": "16a0303d3f6b222044de5d33c01cbdf590050473" + }, + "CVE-2017-18360": { + "cmt_msg": "USB: serial: io_ti: fix div-by-zero in set_termios", + "cmt_id": "5b044cee0ef9b5f61bca80be15a019eb4ffa6a09" + }, + "CVE-2017-14140": { + "cmt_msg": "Sanitize 'move_pages()' permission checks", + "cmt_id": "a9a659c916c81b3385479ee00d4547912f08abf6" + }, + "CVE-2017-15274": { + "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length", + "cmt_id": "134a3099ea5bb3d13126321ac48bfc48c72784ed" + }, + "CVE-2017-12134": { + "cmt_msg": "xen: fix bio vec merging", + "cmt_id": "33bab9221e22bab4ddc167f6c49b6ca9c35c2ccf" + } + }, + "3.2.94": { + "CVE-2017-14156": { + "cmt_msg": "video: fbdev: aty: do not leak uninitialized padding in clk to userspace", + "cmt_id": "71b8eab658c3569c1b3fe3d4df3334bb3fe85903" + }, + "CVE-2017-12153": { + "cmt_msg": "nl80211: check for the required netlink attributes presence", + "cmt_id": "082d8a6a55d2b6583d9e93ac9796efdf4c412658" + }, + "CVE-2017-8831": { + "cmt_msg": "saa7164: fix double fetch PCIe access condition", + "cmt_id": "10c59d27363eba9fece1965293f83d865ba532be" + }, + "CVE-2017-14340": { + "cmt_msg": "xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present", + "cmt_id": "90b59e69283444326907eb6c6b447366814d0960" + }, + "CVE-2017-12154": { + "cmt_msg": "kvm: nVMX: Don't allow L2 to access the hardware CR8", + "cmt_id": "7999f7fc5b2ca4c0b2a96b7fb3dfa4e30274da27" + }, + "CVE-2017-1000251": { + "cmt_msg": "Bluetooth: Properly check L2CAP config option output buffer length", + "cmt_id": "26d624204b5243a0c928bad4bf62560bb63f385d" + }, + "CVE-2017-14489": { + "cmt_msg": "scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly", + "cmt_id": "7d38a8202c4a6acf91d6163f53f3253a261bbd22" + }, + "CVE-2017-18079": { + "cmt_msg": "Input: i8042 - fix crash at boot time", + "cmt_id": "87f5229f69b4bfc48c97c631d823dea5444029c3" + } + }, + "3.2.95": { + "CVE-2017-16535": { + "cmt_msg": "USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()", + "cmt_id": "7c27b82fad16d2804c7c8405316a636f57edeabd" + }, + "CVE-2017-15299": { + "cmt_msg": "KEYS: don't let add_key() update an uninstantiated key", + "cmt_id": "57f94e88bb255bf7b7d267c999aefbe4557307c1" + }, + "CVE-2017-13080": { + "cmt_msg": "mac80211: accept key reinstall without changing anything", + "cmt_id": "ef810e7c3d2a8fb3bbd23726599c487c30ea747e" + }, + "CVE-2017-15649": { + "cmt_msg": "packet: in packet_do_bind, test fanout with bind_lock held", + "cmt_id": "ca3d015d39f0357889fa3ef6a88028162de17d7d" + }, + "CVE-2017-16531": { + "cmt_msg": "USB: fix out-of-bounds in usb_set_configuration", + "cmt_id": "a0e0a5850211dd09725c819a8915c2cbe9067317" + }, + "CVE-2017-16533": { + "cmt_msg": "HID: usbhid: fix out-of-bounds bug", + "cmt_id": "99de0781e0de7c866f762b931351c2a501c3074f" + }, + "CVE-2017-16527": { + "cmt_msg": "ALSA: usb-audio: Kill stray URB at exiting", + "cmt_id": "72f4b1c7114c1b34302999d72bc5b16c8c1a1945" + }, + "CVE-2017-11473": { + "cmt_msg": "x86/acpi: Prevent out of bound access caused by broken ACPI tables", + "cmt_id": "96301209473afd3f2f274b91cb7082d161b9be65" + }, + "CVE-2017-16532": { + "cmt_msg": "usb: usbtest: fix NULL pointer dereference", + "cmt_id": "f2a780301ae85dbe704499675832487130b8e267" + }, + "CVE-2017-16529": { + "cmt_msg": "ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor", + "cmt_id": "8a930044f0b100d6b28a94525e9cf62787b3ec3a" + }, + "CVE-2015-9004": { + "cmt_msg": "perf: Tighten (and fix) the grouping condition", + "cmt_id": "5f542f7740bc8db862b8078e6a621ee7a13427b8" + }, + "CVE-2018-10675": { + "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy", + "cmt_id": "cb46e434ba111d1fd83dcb8bcc44c404e9d12a16" + }, + "CVE-2017-15265": { + "cmt_msg": "ALSA: seq: Fix use-after-free at creating a port", + "cmt_id": "c3895a053b2505f9e409e6d6c57dcece714ab486" + }, + "CVE-2017-12190": { + "cmt_msg": "fix unbalanced page refcounting in bio_map_user_iov", + "cmt_id": "9ff5d8fe36745867da8a028b3ea58629f7546155" + } + }, + "3.2.96": { + "CVE-2017-16537": { + "cmt_msg": "media: imon: Fix null-ptr-deref in imon_probe", + "cmt_id": "0df873c63e8e99a8fb6e068d182b860e6e6e07a9" + }, + "CVE-2017-16536": { + "cmt_msg": "cx231xx-cards: fix NULL-deref on missing association descriptor", + "cmt_id": "59a7195cd497d430d9f76bc9f71cf53ed4102743" + }, + "CVE-2018-9517": { + "cmt_msg": "l2tp: pass tunnel pointer to ->session_create()", + "cmt_id": "ca8172873304dbc6c6047b698452d9c89d86f037" + }, + "CVE-2017-0627": { + "cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls", + "cmt_id": "c889e4cbe9b3975b3f8d109c397b0b8ef2d7bd2f" + }, + "CVE-2017-16525": { + "cmt_msg": "USB: serial: console: fix use-after-free after failed setup", + "cmt_id": "b92072aadd839c9379190979edac63285ae2b790" + }, + "CVE-2017-16643": { + "cmt_msg": "Input: gtco - fix potential out-of-bound access", + "cmt_id": "2de544fd1b16f76f8dd1213d585ce611155ccd34" + }, + "CVE-2017-14051": { + "cmt_msg": "scsi: qla2xxx: Fix an integer overflow in sysfs code", + "cmt_id": "1714a066d71dc00bc336aa1565ec86551e388704" + }, + "CVE-2017-16649": { + "cmt_msg": "net: cdc_ether: fix divide by 0 on bad descriptors", + "cmt_id": "d7d24810ac55e2f3fb213d6acf80016a0d337c50" + }, + "CVE-2017-15115": { + "cmt_msg": "sctp: do not peel off an assoc from one netns to another one", + "cmt_id": "16585babafe54375f23f73a8fc323bd51e7955d7" + } + }, + "3.2.97": { + "CVE-2017-16526": { + "cmt_msg": "uwb: properly check kthread_run return value", + "cmt_id": "c95d921ebf9e02853bd090f3b3845085082185f8" + }, + "CVE-2020-14353": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "a0ff43031db9d248f659a5db3a819f5498203775" + }, + "CVE-2017-17741": { + "cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio", + "cmt_id": "26a8a3c531ae847048ee9126f07cb07424bd4724" + }, + "CVE-2017-18270": { + "cmt_msg": "KEYS: prevent creating a different user's keyrings", + "cmt_id": "a0ff43031db9d248f659a5db3a819f5498203775" + }, + "CVE-2017-15868": { + "cmt_msg": "Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket", + "cmt_id": "d5623517462d7bdf03cae13e8b713389b0cdd381" + }, + "CVE-2017-8824": { + "cmt_msg": "dccp: CVE-2017-8824: use-after-free in DCCP code", + "cmt_id": "e23d13a89d8ca5fe717d75248672e1b8bc4a3be8" + }, + "CVE-2017-1000407": { + "cmt_msg": "KVM: VMX: remove I/O port 0x80 bypass on Intel hosts", + "cmt_id": "13b86808f7fabea496c02131f49fec46a84fb3c9" + }, + "CVE-2017-17558": { + "cmt_msg": "USB: core: prevent malicious bNumInterfaces overflow", + "cmt_id": "11a1db99b93dbb5f7b78cffe9b85e616ab749776" + }, + "CVE-2017-17806": { + "cmt_msg": "crypto: hmac - require that the underlying hash algorithm is unkeyed", + "cmt_id": "a63785d3294e9d7704db04500400fd8bb4b59a69" + }, + "CVE-2020-27067": { + "cmt_msg": "l2tp: fix l2tp_eth module loading", + "cmt_id": "1e44d4e0c0ef21599f86e0b7adb2dc6bcd0c35dd" + }, + "CVE-2017-16939": { + "cmt_msg": "ipsec: Fix aborted xfrm policy dump crash", + "cmt_id": "43ce9bf0770f22048156e7b36fe812a3352da842" + }, + "CVE-2017-17807": { + "cmt_msg": "KEYS: add missing permission check for request_key() destination", + "cmt_id": "5d8207e99e9baadab32d815772da60bff3a07eb5" + }, + "CVE-2017-17805": { + "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage", + "cmt_id": "a1eb10d948c39388c5dea527aa4e76ac90a6a7e1" + } + }, + "3.2.99": { + "CVE-2017-18203": { + "cmt_msg": "dm: fix race between dm_get_from_kobject() and __dm_destroy()", + "cmt_id": "90c6762af0480451a1c32cf33dcf075795f5d3ed" + }, + "CVE-2021-0447": { + "cmt_msg": "l2tp: protect sock pointer of struct pppol2tp_session with RCU", + "cmt_id": "d36e5ba7bbed5d7bd26e8609ffed503c2def401b" + }, + "CVE-2018-1000004": { + "cmt_msg": "ALSA: seq: Make ioctls race-free", + "cmt_id": "d6693160906d55ba376bf0b88b7c129762170162" + }, + "CVE-2017-16913": { + "cmt_msg": "usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input", + "cmt_id": "629f509078f02bf65da3ecca8363104b08a3fdd7" + }, + "CVE-2017-16912": { + "cmt_msg": "usbip: fix stub_rx: get_pipe() to validate endpoint number", + "cmt_id": "95ac81780575f669db047b30511d56400c67099e" + }, + "CVE-2017-16911": { + "cmt_msg": "usbip: prevent vhci_hcd driver from leaking a socket pointer address", + "cmt_id": "11406025161a8745167414687bca1f8c04b5eb6c" + }, + "CVE-2018-5333": { + "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op", + "cmt_id": "57e49cc5d8048f4274b3b2c8ec075f656f8a3ed1" + }, + "CVE-2017-16914": { + "cmt_msg": "usbip: fix stub_send_ret_submit() vulnerabi