Update 5Jun23 [ci skip]
diff --git a/CHANGES.md b/CHANGES.md index 64229d1..cdcab90 100644 --- a/CHANGES.md +++ b/CHANGES.md
@@ -1,29 +1,46 @@ # **Linux Kernel CVE Changes** -## Last Update - 25May23 19:34 +## Last Update - 04Jun23 21:20 ### **New CVEs Added:** -[CVE-2020-36694](cves/CVE-2020-36694) -[CVE-2023-32250](cves/CVE-2023-32250) -[CVE-2023-32254](cves/CVE-2023-32254) -[CVE-2023-33250](cves/CVE-2023-33250) -[CVE-2023-33288](cves/CVE-2023-33288) +[CVE-2022-48502](cves/CVE-2022-48502) +[CVE-2023-2898](cves/CVE-2023-2898) +[CVE-2023-2985](cves/CVE-2023-2985) +[CVE-2023-3006](cves/CVE-2023-3006) +[CVE-2023-3022](cves/CVE-2023-3022) +[CVE-2023-34255](cves/CVE-2023-34255) +[CVE-2023-34256](cves/CVE-2023-34256) ### **New Versions Checked:** -[5.15.113](streams/5.15) -[6.1.30](streams/6.1) +[4.14.316](streams/4.14) +[4.19.284](streams/4.19) +[5.10.181](streams/5.10) +[5.15.114](streams/5.15) +[5.4.244](streams/5.4) +[6.1.31](streams/6.1) ### **Updated CVEs:** -[CVE-2022-48425](cves/CVE-2022-48425) +[CVE-2022-2586](cves/CVE-2022-2586) +[CVE-2022-34918](cves/CVE-2022-34918) +[CVE-2022-3535](cves/CVE-2022-3535) +[CVE-2022-39189](cves/CVE-2022-39189) +[CVE-2022-4269](cves/CVE-2022-4269) +[CVE-2023-0615](cves/CVE-2023-0615) +[CVE-2023-2156](cves/CVE-2023-2156) [CVE-2023-28410](cves/CVE-2023-28410) -[CVE-2023-31084](cves/CVE-2023-31084) +[CVE-2023-33250](cves/CVE-2023-33250) +[CVE-2020-36694](cves/CVE-2020-36694) +[CVE-2023-0459](cves/CVE-2023-0459) +[CVE-2023-1195](cves/CVE-2023-1195) +[CVE-2023-1859](cves/CVE-2023-1859) +[CVE-2023-2002](cves/CVE-2023-2002) +[CVE-2023-2124](cves/CVE-2023-2124) +[CVE-2023-2598](cves/CVE-2023-2598) [CVE-2023-33203](cves/CVE-2023-33203) -[CVE-2023-21102](cves/CVE-2023-21102) -[CVE-2023-21106](cves/CVE-2023-21106) -[CVE-2023-2483](cves/CVE-2023-2483) +[CVE-2023-33288](cves/CVE-2023-33288)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt index 9019222..41e0ec7 100644 --- a/data/3.12/3.12_CVEs.txt +++ b/data/3.12/3.12_CVEs.txt
@@ -1228,6 +1228,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1238,7 +1239,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream CVE-2023-1118: Fix not seen in stream @@ -1254,7 +1255,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2248: Fix not seen in stream @@ -1268,8 +1268,11 @@ CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-31081: Fix unknown CVE-2023-31082: Fix unknown @@ -1281,5 +1284,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt index 2d1ab18..bbef062 100644 --- a/data/3.12/3.12_security.txt +++ b/data/3.12/3.12_security.txt
@@ -1366,6 +1366,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1376,7 +1377,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() @@ -1392,7 +1393,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -1406,8 +1406,11 @@ CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1419,5 +1422,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt index 337b4bd..69c7a3a 100644 --- a/data/3.14/3.14_CVEs.txt +++ b/data/3.14/3.14_CVEs.txt
@@ -1197,6 +1197,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1207,7 +1208,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream CVE-2023-1118: Fix not seen in stream @@ -1223,7 +1224,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2248: Fix not seen in stream @@ -1237,8 +1237,11 @@ CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-31081: Fix unknown CVE-2023-31082: Fix unknown @@ -1250,5 +1253,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt index ccd34bf..108b124 100644 --- a/data/3.14/3.14_security.txt +++ b/data/3.14/3.14_security.txt
@@ -1331,6 +1331,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1341,7 +1342,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() @@ -1357,7 +1358,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -1371,8 +1371,11 @@ CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1384,5 +1387,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt index 45c9eaf..396d750 100644 --- a/data/3.16/3.16_CVEs.txt +++ b/data/3.16/3.16_CVEs.txt
@@ -1183,6 +1183,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1193,7 +1194,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1211,7 +1212,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2248: Fix not seen in stream @@ -1225,8 +1225,11 @@ CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-31081: Fix unknown CVE-2023-31082: Fix unknown @@ -1238,5 +1241,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt index 8ffa4a1..4abe23a 100644 --- a/data/3.16/3.16_security.txt +++ b/data/3.16/3.16_security.txt
@@ -1289,6 +1289,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1299,7 +1300,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1317,7 +1318,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -1331,8 +1331,11 @@ CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1344,5 +1347,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt index c02e6c2..791d4cd 100644 --- a/data/3.18/3.18_CVEs.txt +++ b/data/3.18/3.18_CVEs.txt
@@ -1168,6 +1168,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1178,7 +1179,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1197,7 +1198,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2248: Fix not seen in stream @@ -1211,8 +1211,11 @@ CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-31081: Fix unknown CVE-2023-31082: Fix unknown @@ -1224,5 +1227,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt index f99cdd1..3c7b2e8 100644 --- a/data/3.18/3.18_security.txt +++ b/data/3.18/3.18_security.txt
@@ -1402,6 +1402,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1412,7 +1413,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1431,7 +1432,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -1445,8 +1445,11 @@ CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1458,5 +1461,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt index 07f19c4..e9e9ac31 100644 --- a/data/3.2/3.2_CVEs.txt +++ b/data/3.2/3.2_CVEs.txt
@@ -1200,6 +1200,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1210,7 +1211,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream CVE-2023-1118: Fix not seen in stream @@ -1223,7 +1224,6 @@ CVE-2023-1989: Fix not seen in stream CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2269: Fix not seen in stream @@ -1236,8 +1236,11 @@ CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-31081: Fix unknown CVE-2023-31082: Fix unknown @@ -1248,5 +1251,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt index db5e4c4..4630ec1 100644 --- a/data/3.2/3.2_security.txt +++ b/data/3.2/3.2_security.txt
@@ -1356,6 +1356,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1366,7 +1367,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() @@ -1379,7 +1380,6 @@ CVE-2023-1989: (unk) Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern @@ -1392,8 +1392,11 @@ CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1404,5 +1407,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt index f2791db..dcb617c 100644 --- a/data/4.1/4.1_CVEs.txt +++ b/data/4.1/4.1_CVEs.txt
@@ -1133,6 +1133,7 @@ CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1143,7 +1144,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1162,7 +1163,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2248: Fix not seen in stream @@ -1177,8 +1177,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1191,5 +1194,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt index de9e632..edc5043 100644 --- a/data/4.1/4.1_security.txt +++ b/data/4.1/4.1_security.txt
@@ -1231,6 +1231,7 @@ CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1241,7 +1242,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1260,7 +1261,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -1275,8 +1275,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1289,5 +1292,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt index 5e9f255..41713f8 100644 --- a/data/4.10/4.10_CVEs.txt +++ b/data/4.10/4.10_CVEs.txt
@@ -1037,6 +1037,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1047,7 +1048,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -1071,7 +1072,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1088,8 +1088,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1103,5 +1106,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt index 91730fe..bfc9299 100644 --- a/data/4.10/4.10_security.txt +++ b/data/4.10/4.10_security.txt
@@ -1071,6 +1071,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1081,7 +1082,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -1105,7 +1106,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1122,8 +1122,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1137,5 +1140,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt index e0c4337..2ed6d5a 100644 --- a/data/4.11/4.11_CVEs.txt +++ b/data/4.11/4.11_CVEs.txt
@@ -1009,6 +1009,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1019,7 +1020,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -1043,7 +1044,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1060,8 +1060,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1075,5 +1078,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt index 6e10132..8a3a489 100644 --- a/data/4.11/4.11_security.txt +++ b/data/4.11/4.11_security.txt
@@ -1031,6 +1031,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1041,7 +1042,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -1065,7 +1066,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1082,8 +1082,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1097,5 +1100,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt index 004cd7c..40af9cb 100644 --- a/data/4.12/4.12_CVEs.txt +++ b/data/4.12/4.12_CVEs.txt
@@ -994,6 +994,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1004,7 +1005,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -1030,7 +1031,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1047,8 +1047,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1062,5 +1065,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt index 410e609..94eb38b 100644 --- a/data/4.12/4.12_security.txt +++ b/data/4.12/4.12_security.txt
@@ -1020,6 +1020,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1030,7 +1031,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -1056,7 +1057,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1073,8 +1073,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1088,5 +1091,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt index 853454a..7c3ef8e 100644 --- a/data/4.13/4.13_CVEs.txt +++ b/data/4.13/4.13_CVEs.txt
@@ -977,6 +977,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -988,7 +989,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -1014,7 +1015,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1031,9 +1031,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1047,5 +1050,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt index bc77e5d..8ad85e7 100644 --- a/data/4.13/4.13_security.txt +++ b/data/4.13/4.13_security.txt
@@ -1005,6 +1005,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1016,7 +1017,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -1042,7 +1043,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1059,9 +1059,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1075,5 +1078,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt index 249bd2a..49a3d85 100644 --- a/data/4.14/4.14_CVEs.txt +++ b/data/4.14/4.14_CVEs.txt
@@ -842,7 +842,7 @@ CVE-2022-25258: Fixed with 4.14.267 CVE-2022-25265: Fix unknown CVE-2022-25375: Fixed with 4.14.267 -CVE-2022-2586: Fix not seen in stream +CVE-2022-2586: Fixed with 4.14.316 CVE-2022-2588: Fixed with 4.14.291 CVE-2022-26365: Fixed with 4.14.287 CVE-2022-26373: Fixed with 4.14.297 @@ -883,7 +883,7 @@ CVE-2022-33744: Fixed with 4.14.287 CVE-2022-33981: Fixed with 4.14.278 CVE-2022-3424: Fixed with 4.14.303 -CVE-2022-34918: Fix not seen in stream +CVE-2022-34918: Fixed with 4.14.316 CVE-2022-3521: Fixed with 4.14.300 CVE-2022-3522: Fix not seen in stream CVE-2022-3523: Fix not seen in stream @@ -946,6 +946,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 4.14.303 +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.14.256 CVE-2023-0160: Fix unknown @@ -957,7 +958,7 @@ CVE-2023-0461: Fixed with 4.14.303 CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 4.14.298 CVE-2023-1073: Fixed with 4.14.305 CVE-2023-1074: Fixed with 4.14.305 CVE-2023-1076: Fix not seen in stream @@ -984,7 +985,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fixed with 4.14.306 CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fixed with 4.14.312 @@ -1002,9 +1002,12 @@ CVE-2023-26545: Fixed with 4.14.306 CVE-2023-26607: Fixed with 4.14.300 CVE-2023-28328: Fixed with 4.14.303 -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fixed with 4.14.240 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 4.14.308 +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fixed with 4.14.312 CVE-2023-31081: Fix unknown @@ -1018,5 +1021,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fixed with 4.14.306 CVE-2023-33203: Fixed with 4.14.312 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 4.14.315
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt index f84f1dd..3ccbe11 100644 --- a/data/4.14/4.14_security.txt +++ b/data/4.14/4.14_security.txt
@@ -1249,6 +1249,7 @@ CVEs fixed in 4.14.298: CVE-2022-20369: 7339b6bdf9e084f9e83c084ccc8879b6ae80b75a media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls + CVE-2023-0615: b0e20af206273e90d47647e7c806ddcc0a401f65 media: vivid: dev->bitmap_cap wasn't freed in all cases CVEs fixed in 4.14.299: CVE-2022-3564: 03af22e23b96fb7ef75fb7885407ef457e8b403d Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu @@ -1300,6 +1301,7 @@ CVE-2023-1079: df0fad94ca3787727b9cdd76797aaacf46fe93ed HID: asus: use spinlock to safely schedule workers CVE-2023-1118: 0987f836bc1a258cb8fb51669a5afb67bb01c31b media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1829: 53af9c793f644d5841d84d8e0ad83bd7ab47f3e0 net/sched: Retire tcindex classifier + CVE-2023-2985: a9433406837c211af58a533d9e6f7a8f865b01f3 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 4.14.311: CVE-2023-1855: c809ed776e190edfc04f8d6b25a62855b1386a0d hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -1327,6 +1329,11 @@ CVE-2023-2002: 73ddc585228db650bd4ff10d5b59c831924fd9ba bluetooth: Perform careful capability checks in hci_sock_ioctl() CVE-2023-2269: c9dfa8ba3b181e67970f06d80de18aa257d1ecda dm ioctl: fix nested locking in table_clear() to remove deadlock concern CVE-2023-32233: 86572872505023e3bb461b271c2f25fdaa3dfcd7 netfilter: nf_tables: deactivate anonymous set from preparation phase + CVE-2023-34256: 64b7487e3769e013fc7edb3804d1a769747f0228 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum + +CVEs fixed in 4.14.316: + CVE-2022-2586: 4e0dbab570defe5b747578cbea8e07f9d0709bec netfilter: nf_tables: do not allow SET_ID to refer to another table + CVE-2022-34918: acd3e18fbcae6c5f9d79d75455569fc132227162 netfilter: nf_tables: stricter validation of element data Outstanding CVEs: CVE-2005-3660: (unk) @@ -1467,7 +1474,6 @@ CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) CVE-2022-25265: (unk) - CVE-2022-2586: (unk) netfilter: nf_tables: do not allow SET_ID to refer to another table CVE-2022-27672: (unk) x86/speculation: Identify processors vulnerable to SMT RSB predictions CVE-2022-2961: (unk) CVE-2022-29900: (unk) x86/kvm/vmx: Make noinstr clean @@ -1478,7 +1484,6 @@ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC CVE-2022-3344: (unk) KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use - CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page CVE-2022-3534: (unk) libbpf: Fix use-after-free in btf_dump_name_dups @@ -1507,12 +1512,12 @@ CVE-2022-45919: (unk) CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0160: (unk) CVE-2023-0386: (unk) ovl: fail on invalid uid/gid mapping at copy up CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note @@ -1524,14 +1529,15 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1540,5 +1546,5 @@ CVE-2023-31085: (unk) CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt index 71a727e..2bfc32f 100644 --- a/data/4.15/4.15_CVEs.txt +++ b/data/4.15/4.15_CVEs.txt
@@ -898,6 +898,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -909,7 +910,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -936,7 +937,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -955,9 +955,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -971,5 +974,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt index c890c35..6cff0e9 100644 --- a/data/4.15/4.15_security.txt +++ b/data/4.15/4.15_security.txt
@@ -930,6 +930,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -941,7 +942,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -968,7 +969,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -987,9 +987,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1003,5 +1006,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt index 7969327..efdac0f 100644 --- a/data/4.16/4.16_CVEs.txt +++ b/data/4.16/4.16_CVEs.txt
@@ -878,6 +878,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -889,7 +890,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -916,7 +917,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -935,9 +935,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -951,5 +954,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt index c2254c7..0d4b917 100644 --- a/data/4.16/4.16_security.txt +++ b/data/4.16/4.16_security.txt
@@ -910,6 +910,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -921,7 +922,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -948,7 +949,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -967,9 +967,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -983,5 +986,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt index 4b0bd0e..f958312 100644 --- a/data/4.17/4.17_CVEs.txt +++ b/data/4.17/4.17_CVEs.txt
@@ -858,6 +858,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -869,7 +870,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -898,7 +899,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -917,9 +917,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -933,5 +936,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt index 14de9ec..a9b68f6 100644 --- a/data/4.17/4.17_security.txt +++ b/data/4.17/4.17_security.txt
@@ -890,6 +890,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -901,7 +902,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -930,7 +931,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -949,9 +949,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -965,5 +968,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt index 9569480..3d0ff14 100644 --- a/data/4.18/4.18_CVEs.txt +++ b/data/4.18/4.18_CVEs.txt
@@ -836,6 +836,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -847,7 +848,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1076: Fix not seen in stream @@ -876,7 +877,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -895,9 +895,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -911,5 +914,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt index 1027c86..94cb995 100644 --- a/data/4.18/4.18_security.txt +++ b/data/4.18/4.18_security.txt
@@ -868,6 +868,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -879,7 +880,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid @@ -908,7 +909,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -927,9 +927,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -943,5 +946,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt index a067858..c8b9aa2 100644 --- a/data/4.19/4.19_CVEs.txt +++ b/data/4.19/4.19_CVEs.txt
@@ -748,7 +748,7 @@ CVE-2022-33744: Fixed with 4.19.251 CVE-2022-33981: Fixed with 4.19.241 CVE-2022-3424: Fixed with 4.19.270 -CVE-2022-34918: Fix not seen in stream +CVE-2022-34918: Fixed with 4.19.284 CVE-2022-3521: Fixed with 4.19.267 CVE-2022-3522: Fix not seen in stream CVE-2022-3523: Fix not seen in stream @@ -815,6 +815,7 @@ CVE-2022-4744: Fixed with 4.19.280 CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 4.19.270 +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.19.218 CVE-2023-0160: Fix unknown @@ -826,7 +827,7 @@ CVE-2023-0461: Fixed with 4.19.270 CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 4.19.264 CVE-2023-1073: Fixed with 4.19.272 CVE-2023-1074: Fixed with 4.19.272 CVE-2023-1076: Fix not seen in stream @@ -855,7 +856,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fixed with 4.19.273 CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -875,9 +875,12 @@ CVE-2023-26545: Fixed with 4.19.273 CVE-2023-26607: Fixed with 4.19.267 CVE-2023-28328: Fixed with 4.19.270 -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fixed with 4.19.198 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 4.19.276 +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fixed with 4.19.281 CVE-2023-30772: Fixed with 4.19.280 CVE-2023-31081: Fix unknown @@ -891,5 +894,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fixed with 4.19.273 CVE-2023-33203: Fixed with 4.19.280 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 4.19.283
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt index b01e426..8881694 100644 --- a/data/4.19/4.19_security.txt +++ b/data/4.19/4.19_security.txt
@@ -1063,6 +1063,7 @@ CVEs fixed in 4.19.264: CVE-2022-20369: 95c4751705f7eef0f16a245e121259857f867c4a media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls + CVE-2023-0615: 29385e601f3420cfe46550271714b6685719eb33 media: vivid: dev->bitmap_cap wasn't freed in all cases CVEs fixed in 4.19.265: CVE-2022-3564: 6c7407bfbeafc80a04e6eaedcf34d378532a04f2 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu @@ -1117,6 +1118,7 @@ CVE-2023-1079: 74b78391a9b6f67de90b13f5a85e329e3b3f5a72 HID: asus: use spinlock to safely schedule workers CVE-2023-1118: 52bde2754d76fc97390f097fba763413607f157a media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1829: 01d0d2b8b4e3cf2110baba9371c0c3d04ad5c77b net/sched: Retire tcindex classifier + CVE-2023-2985: e226f1fdcee1ca6e68233b132718deb578a84e38 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 4.19.279: CVE-2023-1855: e0a37b43cd732038e37b4e7f6c6c0658fe0b6d73 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -1146,6 +1148,10 @@ CVE-2023-2002: 8d59548bae309000442c297bff3e54ab535f0ab7 bluetooth: Perform careful capability checks in hci_sock_ioctl() CVE-2023-2269: b4b94b25c78ed03be0e07fa4e76fe51e64dac533 dm ioctl: fix nested locking in table_clear() to remove deadlock concern CVE-2023-32233: c6989314fd809c5eaf4980d6fa474f19fc653d6c netfilter: nf_tables: deactivate anonymous set from preparation phase + CVE-2023-34256: a733c466cedd1013a41fd8908d5810f2c161072f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum + +CVEs fixed in 4.19.284: + CVE-2022-34918: 835fd72f61c6162f10471df197f0e4b92b1a7b76 netfilter: nf_tables: stricter validation of element data Outstanding CVEs: CVE-2005-3660: (unk) @@ -1279,7 +1285,6 @@ CVE-2022-3169: (unk) nvme: ensure subsystem reset is single threaded CVE-2022-3303: (unk) ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC CVE-2022-3344: (unk) KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use - CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page CVE-2022-3534: (unk) libbpf: Fix use-after-free in btf_dump_name_dups @@ -1309,12 +1314,12 @@ CVE-2022-45887: (unk) CVE-2022-45919: (unk) CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0160: (unk) CVE-2023-0386: (unk) ovl: fail on invalid uid/gid mapping at copy up CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note @@ -1324,7 +1329,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core @@ -1332,8 +1336,10 @@ CVE-2023-23039: (unk) CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) @@ -1341,5 +1347,5 @@ CVE-2023-31085: (unk) CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt index 9bd2dd5..edd5909 100644 --- a/data/4.20/4.20_CVEs.txt +++ b/data/4.20/4.20_CVEs.txt
@@ -806,6 +806,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream @@ -818,7 +819,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -850,7 +851,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -871,9 +871,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -887,5 +890,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt index 2a4ed9e..99f8678 100644 --- a/data/4.20/4.20_security.txt +++ b/data/4.20/4.20_security.txt
@@ -838,6 +838,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF @@ -850,7 +851,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -882,7 +883,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -903,9 +903,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -919,5 +922,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt index 0f44f4b..c1dd398 100644 --- a/data/4.3/4.3_CVEs.txt +++ b/data/4.3/4.3_CVEs.txt
@@ -1132,6 +1132,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1142,7 +1143,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1162,7 +1163,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1178,8 +1178,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1192,5 +1195,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt index c1b72fd..0892e99 100644 --- a/data/4.3/4.3_security.txt +++ b/data/4.3/4.3_security.txt
@@ -1148,6 +1148,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1158,7 +1159,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1178,7 +1179,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1194,8 +1194,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1208,5 +1211,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt index 13a858b..87a7817 100644 --- a/data/4.4/4.4_CVEs.txt +++ b/data/4.4/4.4_CVEs.txt
@@ -1113,6 +1113,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1123,7 +1124,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1143,7 +1144,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1159,8 +1159,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fixed with 4.4.276 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1173,5 +1176,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt index d0ff873..62006df 100644 --- a/data/4.4/4.4_security.txt +++ b/data/4.4/4.4_security.txt
@@ -1598,6 +1598,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1608,7 +1609,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1628,7 +1629,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1644,7 +1644,10 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1657,5 +1660,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt index 2adc146..1c20345 100644 --- a/data/4.5/4.5_CVEs.txt +++ b/data/4.5/4.5_CVEs.txt
@@ -1095,6 +1095,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1105,7 +1106,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1126,7 +1127,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1142,8 +1142,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1156,5 +1159,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt index fc41b41..9abca7b 100644 --- a/data/4.5/4.5_security.txt +++ b/data/4.5/4.5_security.txt
@@ -1111,6 +1111,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1121,7 +1122,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1142,7 +1143,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1158,8 +1158,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1172,5 +1175,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt index 5ca14d0..4a076e8 100644 --- a/data/4.6/4.6_CVEs.txt +++ b/data/4.6/4.6_CVEs.txt
@@ -1068,6 +1068,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1078,7 +1079,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1099,7 +1100,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1115,8 +1115,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1129,5 +1132,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt index 6067ce0..ffde01a 100644 --- a/data/4.6/4.6_security.txt +++ b/data/4.6/4.6_security.txt
@@ -1086,6 +1086,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1096,7 +1097,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1117,7 +1118,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1133,8 +1133,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1147,5 +1150,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt index b0f817b..d9923a1 100644 --- a/data/4.7/4.7_CVEs.txt +++ b/data/4.7/4.7_CVEs.txt
@@ -1051,6 +1051,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1061,7 +1062,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1082,7 +1083,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1098,8 +1098,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1112,5 +1115,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt index 4149ca4..e64712a 100644 --- a/data/4.7/4.7_security.txt +++ b/data/4.7/4.7_security.txt
@@ -1071,6 +1071,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1081,7 +1082,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1102,7 +1103,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1118,8 +1118,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1132,5 +1135,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt index 6dbfadd..c032412 100644 --- a/data/4.8/4.8_CVEs.txt +++ b/data/4.8/4.8_CVEs.txt
@@ -1055,6 +1055,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -1065,7 +1066,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1086,7 +1087,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1102,8 +1102,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1116,5 +1119,6 @@ CVE-2023-32250: Fix not seen in stream CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt index bf5ed1c..ce5684a 100644 --- a/data/4.8/4.8_security.txt +++ b/data/4.8/4.8_security.txt
@@ -1085,6 +1085,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -1095,7 +1096,7 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1116,7 +1117,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1132,8 +1132,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1146,5 +1149,6 @@ CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt index 9cc8405..d0fdb3a 100644 --- a/data/4.9/4.9_CVEs.txt +++ b/data/4.9/4.9_CVEs.txt
@@ -1054,6 +1054,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.9.291 CVE-2023-0160: Fix unknown @@ -1064,7 +1065,7 @@ CVE-2023-0459: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 4.9.332 CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1077: Fix not seen in stream @@ -1087,7 +1088,6 @@ CVE-2023-2007: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fix not seen in stream @@ -1104,8 +1104,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fixed with 4.9.334 CVE-2023-28328: Fixed with 4.9.337 -CVE-2023-28410: Fix not seen in stream CVE-2023-28772: Fixed with 4.9.276 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -1119,5 +1122,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt index b9d6352..f05c109 100644 --- a/data/4.9/4.9_security.txt +++ b/data/4.9/4.9_security.txt
@@ -1355,6 +1355,9 @@ CVE-2022-41850: 84607bd3a8542b84b450d19a3579172f96c2bb47 HID: roccat: Fix use-after-free in roccat_read() CVE-2022-43750: 1b5ad3786a2f2cdbfed34071aa467f80e4903a0b usb: mon: make mmapped memory read only +CVEs fixed in 4.9.332: + CVE-2023-0615: e1b5b061987d56d7b64da962fec3be4ae7e78300 media: vivid: dev->bitmap_cap wasn't freed in all cases + CVEs fixed in 4.9.333: CVE-2022-3564: dc30e05bb18852303084430c03ca76e69257d9ea Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu CVE-2022-3628: b1477d95e967bf626b8c5e3838bb885c47381b24 wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() @@ -1605,6 +1608,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0160: (unk) CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1614,7 +1618,6 @@ CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry @@ -1635,7 +1638,6 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -1649,7 +1651,10 @@ CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -1663,5 +1668,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt index 5c8b969..402334c 100644 --- a/data/5.0/5.0_CVEs.txt +++ b/data/5.0/5.0_CVEs.txt
@@ -786,6 +786,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -797,7 +798,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -829,7 +830,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -850,9 +850,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -866,5 +869,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt index 3ac34b2..dcaceee 100644 --- a/data/5.0/5.0_security.txt +++ b/data/5.0/5.0_security.txt
@@ -834,6 +834,7 @@ CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -845,7 +846,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -877,7 +878,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -898,9 +898,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -914,5 +917,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt index f5fc7ff..1921ae4 100644 --- a/data/5.1/5.1_CVEs.txt +++ b/data/5.1/5.1_CVEs.txt
@@ -763,6 +763,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -775,7 +776,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -807,7 +808,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -828,9 +828,12 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream +CVE-2023-3022: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -844,5 +847,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt index c164f10..f8f869d 100644 --- a/data/5.1/5.1_security.txt +++ b/data/5.1/5.1_security.txt
@@ -799,6 +799,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -811,7 +812,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -843,7 +844,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -864,9 +864,12 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list + CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -880,5 +883,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt index 95a9633..c1f62c8 100644 --- a/data/5.10/5.10_CVEs.txt +++ b/data/5.10/5.10_CVEs.txt
@@ -465,7 +465,7 @@ CVE-2022-41850: Fixed with 5.10.150 CVE-2022-41858: Fixed with 5.10.112 CVE-2022-42432: Fixed with 5.10.146 -CVE-2022-4269: Fix not seen in stream +CVE-2022-4269: Fixed with 5.10.181 CVE-2022-42703: Fixed with 5.10.141 CVE-2022-42719: Fixed with 5.10.149 CVE-2022-42720: Fixed with 5.10.148 @@ -496,6 +496,7 @@ CVE-2022-47521: Fixed with 5.10.157 CVE-2022-47929: Fixed with 5.10.163 CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fixed with 5.10.163 CVE-2023-0047: Fixed with 5.10.80 CVE-2023-0160: Fix unknown @@ -508,7 +509,7 @@ CVE-2023-0461: Fixed with 5.10.163 CVE-2023-0590: Fixed with 5.10.152 CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 5.10.153 CVE-2023-1073: Fixed with 5.10.166 CVE-2023-1074: Fixed with 5.10.166 CVE-2023-1075: Fix not seen in stream @@ -543,7 +544,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fixed with 5.10.179 CVE-2023-2162: Fixed with 5.10.168 CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fixed with 5.10.135 @@ -573,6 +574,9 @@ CVE-2023-28410: Fixed with 5.10.110 CVE-2023-28466: Fixed with 5.10.177 CVE-2023-28772: Fixed with 5.10.51 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 5.10.173 +CVE-2023-3006: Fixed with 5.10.153 CVE-2023-30456: Fixed with 5.10.176 CVE-2023-30772: Fixed with 5.10.177 CVE-2023-31081: Fix unknown @@ -586,5 +590,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fixed with 5.10.168 CVE-2023-33203: Fixed with 5.10.177 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fixed with 5.10.177 +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 5.10.180
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt index dd07e3e..5788fff 100644 --- a/data/5.10/5.10_security.txt +++ b/data/5.10/5.10_security.txt
@@ -589,6 +589,10 @@ CVEs fixed in 5.10.152: CVE-2023-0590: 7aa3d623c11b9ab60f86b7833666e5d55bac4be9 net: sched: fix race condition in qdisc_graft() +CVEs fixed in 5.10.153: + CVE-2023-0615: 147b8f1892aaa474f912ac75babfd316ee0de672 media: vivid: dev->bitmap_cap wasn't freed in all cases + CVE-2023-3006: 52a43b82006dc88f996bd06da5a3fcfef85220c8 arm64: Add AMPERE1 to the Spectre-BHB affected list + CVEs fixed in 5.10.154: CVE-2021-3759: 836686e1a01d7e2fda6a5a18252243ff30a6e196 memcg: enable accounting of ipc resources CVE-2022-3524: 818c36b988b82f31e4be8ad8415e1be902b8e5f8 tcp/udp: Fix memory leak in ipv6_renew_options(). @@ -677,6 +681,7 @@ CVE-2023-1829: 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6 net/sched: Retire tcindex classifier CVE-2023-23004: a5bbea50d622b8f49ab8ee3b0eb283107febcf1a malidp: Fix NULL vs IS_ERR() checking CVE-2023-25012: fddde36316da8acb45a3cca2e5fda102f5215877 HID: bigben: use spinlock to safely schedule workers + CVE-2023-2985: ef7d71d7bd57b8b7fe514e459927696c1c6d1047 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 5.10.176: CVE-2023-1855: 0a73c8b3cc99d214dff83c51805c844240c4f749 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -699,6 +704,7 @@ CVE-2023-1859: 9266e939d76279d8710196d86215ba2be6345041 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition CVEs fixed in 5.10.179: + CVE-2023-2156: c972851d3848647f57cd8d5625c48663410c3f96 net: rpl: fix rpl header size calculation CVE-2023-2248: ddcf35deb8f2a1d9addc74b586cf4c5a1f5d6020 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg CVE-2023-2513: 05cf34a2b6414a1172552d16159b3e17e9da36a3 ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-31436: ddcf35deb8f2a1d9addc74b586cf4c5a1f5d6020 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -709,6 +715,10 @@ CVE-2023-2002: 98cfbad52fc286c2a1a75e04bf47b98d6489db1f bluetooth: Perform careful capability checks in hci_sock_ioctl() CVE-2023-2269: ea827627a9249154b34b646b1e1007013402afea dm ioctl: fix nested locking in table_clear() to remove deadlock concern CVE-2023-32233: e044a24447189419c3a7ccc5fa6da7516036dc55 netfilter: nf_tables: deactivate anonymous set from preparation phase + CVE-2023-34256: 0dde3141c527b09b96bef1e7eeb18b8127810ce9 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum + +CVEs fixed in 5.10.181: + CVE-2022-4269: 53245103786312f21fb9785327a4367cf10f0dbb act_mirred: use the backlog for nested calls to mirred ingress Outstanding CVEs: CVE-2005-3660: (unk) @@ -816,7 +826,6 @@ CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas CVE-2022-40133: (unk) drm/vmwgfx: Remove rcu locks from user resources CVE-2022-41848: (unk) - CVE-2022-4269: (unk) act_mirred: use the backlog for nested calls to mirred ingress CVE-2022-44032: (unk) CVE-2022-44033: (unk) CVE-2022-44034: (unk) @@ -828,17 +837,16 @@ CVE-2022-45919: (unk) CVE-2022-4696: (unk) io_uring: remove any grabbing of context CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0160: (unk) CVE-2023-0386: (unk) ovl: fail on invalid uid/gid mapping at copy up CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1872: (unk) io_uring: propagate issue_flags state down to file assignment CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function @@ -846,6 +854,7 @@ CVE-2023-23586: (unk) io_uring: remove io_identity CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) + CVE-2023-2898: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) @@ -853,4 +862,4 @@ CVE-2023-31085: (unk) CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect - CVE-2023-33250: (unk) + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt index b7579b1..00fae8c 100644 --- a/data/5.11/5.11_CVEs.txt +++ b/data/5.11/5.11_CVEs.txt
@@ -487,6 +487,7 @@ CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -499,7 +500,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -533,7 +534,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -564,6 +565,9 @@ CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -577,5 +581,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt index 42070c1..39f4499 100644 --- a/data/5.11/5.11_security.txt +++ b/data/5.11/5.11_security.txt
@@ -527,6 +527,7 @@ CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -539,7 +540,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -573,7 +574,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -604,6 +605,9 @@ CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -617,5 +621,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt index e1ef56c..afd582c 100644 --- a/data/5.12/5.12_CVEs.txt +++ b/data/5.12/5.12_CVEs.txt
@@ -438,6 +438,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -450,7 +451,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -485,7 +486,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -517,6 +518,9 @@ CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fixed with 5.12.18 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -530,5 +534,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt index ca6329f..904984e 100644 --- a/data/5.12/5.12_security.txt +++ b/data/5.12/5.12_security.txt
@@ -471,6 +471,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -483,7 +484,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -518,7 +519,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -549,6 +550,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -562,5 +566,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt index 17a246d..09a1bd5 100644 --- a/data/5.13/5.13_CVEs.txt +++ b/data/5.13/5.13_CVEs.txt
@@ -406,6 +406,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -418,7 +419,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -453,7 +454,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -486,6 +487,9 @@ CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fixed with 5.13.3 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -499,5 +503,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt index 417e660..f7083c9 100644 --- a/data/5.13/5.13_security.txt +++ b/data/5.13/5.13_security.txt
@@ -439,6 +439,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -451,7 +452,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -486,7 +487,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -518,6 +519,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -531,5 +535,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt index f88a37b..9556276 100644 --- a/data/5.14/5.14_CVEs.txt +++ b/data/5.14/5.14_CVEs.txt
@@ -379,6 +379,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fixed with 5.14.19 CVE-2023-0160: Fix unknown @@ -391,7 +392,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -428,7 +429,7 @@ CVE-2023-20941: Fix unknown CVE-2023-21102: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -460,6 +461,9 @@ CVE-2023-28328: Fix not seen in stream CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -473,5 +477,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt index b1e393c..934659b 100644 --- a/data/5.14/5.14_security.txt +++ b/data/5.14/5.14_security.txt
@@ -415,6 +415,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -426,7 +427,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -462,7 +463,7 @@ CVE-2023-20941: (unk) CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -494,6 +495,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -507,5 +511,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt index 5124166..eda7f66 100644 --- a/data/5.15/5.15_CVEs.txt +++ b/data/5.15/5.15_CVEs.txt
@@ -360,6 +360,7 @@ CVE-2022-48423: Fixed with 5.15.87 CVE-2022-48424: Fixed with 5.15.87 CVE-2022-48425: Fixed with 5.15.113 +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fixed with 5.15.87 CVE-2023-0047: Fixed with 5.15.3 CVE-2023-0160: Fix unknown @@ -373,7 +374,7 @@ CVE-2023-0461: Fixed with 5.15.88 CVE-2023-0590: Fixed with 5.15.76 CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 5.15.77 CVE-2023-1073: Fixed with 5.15.91 CVE-2023-1074: Fixed with 5.15.91 CVE-2023-1075: Fix not seen in stream @@ -413,7 +414,7 @@ CVE-2023-20941: Fix unknown CVE-2023-21102: Fixed with 5.15.90 CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fixed with 5.15.109 CVE-2023-2162: Fixed with 5.15.93 CVE-2023-2166: Fixed with 5.15.83 CVE-2023-2176: Fix not seen in stream @@ -447,6 +448,9 @@ CVE-2023-28328: Fixed with 5.15.86 CVE-2023-28410: Fixed with 5.15.33 CVE-2023-28466: Fixed with 5.15.105 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 5.15.99 +CVE-2023-3006: Fixed with 5.15.77 CVE-2023-30456: Fixed with 5.15.104 CVE-2023-30772: Fixed with 5.15.105 CVE-2023-31081: Fix unknown @@ -460,5 +464,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fixed with 5.15.93 CVE-2023-33203: Fixed with 5.15.105 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fixed with 5.15.105 +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 5.15.112
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt index 7b0fc55..cb12648 100644 --- a/data/5.15/5.15_security.txt +++ b/data/5.15/5.15_security.txt
@@ -375,6 +375,8 @@ CVEs fixed in 5.15.77: CVE-2022-3524: 1401e9336bebaa6dd5a320f83bddc17619d4e3a6 tcp/udp: Fix memory leak in ipv6_renew_options(). + CVE-2023-0615: 0f83edbe4fe95d9c68b32aebe07fe413bcf92afe media: vivid: dev->bitmap_cap wasn't freed in all cases + CVE-2023-3006: 52c2329147cf5d956dcaa3a91c886c550e7bdd39 arm64: Add AMPERE1 to the Spectre-BHB affected list CVEs fixed in 5.15.78: CVE-2022-3543: 3975affcf55f93814a8ae14333d7fc7f183e60a4 af_unix: Fix memory leaks of the whole sk due to OOB skb. @@ -478,6 +480,7 @@ CVE-2023-1079: 3959316f8ceb17866646abc6be4a332655407138 HID: asus: use spinlock to safely schedule workers CVE-2023-1118: 29962c478e8b2e6a6154d8d84b8806dbe36f9c28 media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-25012: 0fd9998052926ed24cfb30ab1a294cfeda4d0a8f HID: bigben: use spinlock to safely schedule workers + CVE-2023-2985: 05103d88482dc3757db108415342fdd86821a79b fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 5.15.100: CVE-2023-1829: 7c183dc0af472dec33d2c0786a5e356baa8cad19 net/sched: Retire tcindex classifier @@ -508,6 +511,7 @@ CVE-2023-1859: e35ae49bc198412c9294115677e5acdef95b1fb5 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition CVEs fixed in 5.15.109: + CVE-2023-2156: 4eee0d9d3c1117aa4a1c9f4c7f29287107e7c084 net: rpl: fix rpl header size calculation CVE-2023-2248: 1ffc0e8105510cb826cb9d27ed1820a1131c82d4 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg CVE-2023-31436: 1ffc0e8105510cb826cb9d27ed1820a1131c82d4 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -519,6 +523,9 @@ CVE-2023-2269: e11765cea2050fa25fc3e03da858e83284c5ce79 dm ioctl: fix nested locking in table_clear() to remove deadlock concern CVE-2023-32233: 21c2a454486d5e9c1517ecca19266b3be3df73ca netfilter: nf_tables: deactivate anonymous set from preparation phase +CVEs fixed in 5.15.112: + CVE-2023-34256: 6d9a705a653eb146b4991dbd198b258f787c70b1 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum + CVEs fixed in 5.15.113: CVE-2022-48425: 2a67f26f70ab344ae6ea78638890eebc1191a501 fs/ntfs3: Validate MFT flags before replaying logs @@ -616,9 +623,9 @@ CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition CVE-2022-45919: (unk) CVE-2022-47940: (unk) ksmbd: validate length in smb2_write() + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0160: (unk) CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1192: (unk) CVE-2023-1193: (unk) @@ -627,13 +634,13 @@ CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) + CVE-2023-2898: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) @@ -641,4 +648,4 @@ CVE-2023-31085: (unk) CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect - CVE-2023-33250: (unk) + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt index e976e8e..d7d7286 100644 --- a/data/5.16/5.16_CVEs.txt +++ b/data/5.16/5.16_CVEs.txt
@@ -328,6 +328,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix unknown CVE-2023-0179: Fix not seen in stream @@ -340,7 +341,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -380,7 +381,7 @@ CVE-2023-20941: Fix unknown CVE-2023-21102: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -414,6 +415,9 @@ CVE-2023-28328: Fix not seen in stream CVE-2023-28410: Fixed with 5.16.19 CVE-2023-28466: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -427,5 +431,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt index f6779fc..77044fe 100644 --- a/data/5.16/5.16_security.txt +++ b/data/5.16/5.16_security.txt
@@ -372,6 +372,7 @@ CVE-2022-48423: (unk) fs/ntfs3: Validate resident attribute name CVE-2022-48424: (unk) fs/ntfs3: Validate attribute name offset CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -384,7 +385,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -421,7 +422,7 @@ CVE-2023-20941: (unk) CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -450,6 +451,9 @@ CVE-2023-28327: (unk) af_unix: Get user_ns from in_skb in unix_diag_get_exact(). CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -463,5 +467,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt index de4314b..07b1c9d 100644 --- a/data/5.17/5.17_CVEs.txt +++ b/data/5.17/5.17_CVEs.txt
@@ -272,6 +272,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix unknown CVE-2023-0179: Fix not seen in stream @@ -285,7 +286,7 @@ CVE-2023-0468: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -325,7 +326,7 @@ CVE-2023-20941: Fix unknown CVE-2023-21102: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -356,6 +357,9 @@ CVE-2023-28410: Fixed with 5.17.2 CVE-2023-28466: Fix not seen in stream CVE-2023-28866: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -369,5 +373,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt index b0b4ee8..d8b8fdd 100644 --- a/data/5.17/5.17_security.txt +++ b/data/5.17/5.17_security.txt
@@ -311,6 +311,7 @@ CVE-2022-48423: (unk) fs/ntfs3: Validate resident attribute name CVE-2022-48424: (unk) fs/ntfs3: Validate attribute name offset CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -324,7 +325,7 @@ CVE-2023-0468: (unk) io_uring: make poll refs more robust CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -359,7 +360,7 @@ CVE-2023-20941: (unk) CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -388,6 +389,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -401,5 +405,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt index 246490b..7a8752d 100644 --- a/data/5.18/5.18_CVEs.txt +++ b/data/5.18/5.18_CVEs.txt
@@ -227,6 +227,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix unknown CVE-2023-0179: Fix not seen in stream @@ -240,7 +241,7 @@ CVE-2023-0468: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -276,7 +277,7 @@ CVE-2023-20941: Fix unknown CVE-2023-21102: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -306,6 +307,9 @@ CVE-2023-28410: Fixed with 5.18-rc1 CVE-2023-28466: Fix not seen in stream CVE-2023-28866: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -319,5 +323,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt index 703f7b6..a68e117 100644 --- a/data/5.18/5.18_security.txt +++ b/data/5.18/5.18_security.txt
@@ -272,6 +272,7 @@ CVE-2022-48423: (unk) fs/ntfs3: Validate resident attribute name CVE-2022-48424: (unk) fs/ntfs3: Validate attribute name offset CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -285,7 +286,7 @@ CVE-2023-0468: (unk) io_uring: make poll refs more robust CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -316,7 +317,7 @@ CVE-2023-20941: (unk) CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -342,6 +343,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -355,5 +359,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt index 9f028e3..2ad25d8 100644 --- a/data/5.19/5.19_CVEs.txt +++ b/data/5.19/5.19_CVEs.txt
@@ -89,7 +89,7 @@ CVE-2022-3524: Fix not seen in stream CVE-2022-3531: Fix not seen in stream CVE-2022-3534: Fix not seen in stream -CVE-2022-3535: Fix not seen in stream +CVE-2022-3535: Fixed with 5.19.17 CVE-2022-3541: Fix not seen in stream CVE-2022-3542: Fixed with 5.19.17 CVE-2022-3543: Fix not seen in stream @@ -181,6 +181,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix unknown CVE-2023-0179: Fix not seen in stream @@ -195,7 +196,7 @@ CVE-2023-0469: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1032: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream @@ -233,7 +234,7 @@ CVE-2023-21102: Fix not seen in stream CVE-2023-21106: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fix not seen in stream CVE-2023-2176: Fix not seen in stream @@ -262,6 +263,9 @@ CVE-2023-28328: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28866: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -275,5 +279,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt index 4e3855b..34a44bd 100644 --- a/data/5.19/5.19_security.txt +++ b/data/5.19/5.19_security.txt
@@ -64,6 +64,7 @@ CVEs fixed in 5.19.17: CVE-2022-2602: b4293c01ee0d0ecdd3cb5801e13f62271144667a io_uring/af_unix: defer registered files gc to io_uring release + CVE-2022-3535: 169aa2664639de359a7c723ba55023ef57c0dc15 net: mvpp2: fix mvpp2 debugfs leak CVE-2022-3542: 96c0c14135f5803f9e94e6da2ee9c4b012fdcb20 bnx2x: fix potential memory leak in bnx2x_tpa_stop() CVE-2022-3565: 1f76323ac43fe0b00677794c930dee9f66ea2999 mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3594: 2e896abccf99fef76691d8e1019bd44105a12e1f r8152: Rate limit overflow messages @@ -146,7 +147,6 @@ CVE-2022-3524: (unk) tcp/udp: Fix memory leak in ipv6_renew_options(). CVE-2022-3531: (unk) selftest/bpf: Fix memory leak in kprobe_multi_test CVE-2022-3534: (unk) libbpf: Fix use-after-free in btf_dump_name_dups - CVE-2022-3535: (unk) net: mvpp2: fix mvpp2 debugfs leak CVE-2022-3541: (unk) eth: sp7021: fix use after free bug in spl2sw_nvmem_get_mac_address CVE-2022-3543: (unk) af_unix: Fix memory leaks of the whole sk due to OOB skb. CVE-2022-3544: (unk) @@ -213,6 +213,7 @@ CVE-2022-48423: (unk) fs/ntfs3: Validate resident attribute name CVE-2022-48424: (unk) fs/ntfs3: Validate attribute name offset CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -227,7 +228,7 @@ CVE-2023-0469: (unk) io_uring/filetable: fix file reference underflow CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1032: (unk) net: avoid double iput when sock_alloc_file fails CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope @@ -264,7 +265,7 @@ CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-21106: (unk) drm/msm/gpu: Fix potential double-free CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2166: (unk) can: af_can: fix NULL pointer dereference in can_rcv_filter CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr @@ -292,6 +293,9 @@ CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -305,5 +309,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt index 3e3db31..11fabfa 100644 --- a/data/5.2/5.2_CVEs.txt +++ b/data/5.2/5.2_CVEs.txt
@@ -726,6 +726,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -738,7 +739,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -770,7 +771,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -791,9 +791,11 @@ CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -807,5 +809,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt index 4d8c88e..9c140d0 100644 --- a/data/5.2/5.2_security.txt +++ b/data/5.2/5.2_security.txt
@@ -764,6 +764,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -776,7 +777,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -808,7 +809,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -829,9 +829,11 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -845,5 +847,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt index 75e64d2..8a9d8cc 100644 --- a/data/5.3/5.3_CVEs.txt +++ b/data/5.3/5.3_CVEs.txt
@@ -699,6 +699,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -711,7 +712,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -743,7 +744,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -765,9 +765,11 @@ CVE-2023-26607: Fix not seen in stream CVE-2023-28327: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -781,5 +783,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt index acab6c2..9987c1f 100644 --- a/data/5.3/5.3_security.txt +++ b/data/5.3/5.3_security.txt
@@ -735,6 +735,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -747,7 +748,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -779,7 +780,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -801,9 +801,11 @@ CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28327: (unk) af_unix: Get user_ns from in_skb in unix_diag_get_exact(). CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -817,5 +819,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt index add6837..5075f8c 100644 --- a/data/5.4/5.4_CVEs.txt +++ b/data/5.4/5.4_CVEs.txt
@@ -549,7 +549,7 @@ CVE-2022-33744: Fixed with 5.4.204 CVE-2022-33981: Fixed with 5.4.192 CVE-2022-3424: Fixed with 5.4.229 -CVE-2022-34918: Fix not seen in stream +CVE-2022-34918: Fixed with 5.4.244 CVE-2022-3521: Fixed with 5.4.225 CVE-2022-3522: Fix not seen in stream CVE-2022-3523: Fix not seen in stream @@ -589,7 +589,7 @@ CVE-2022-38457: Fix not seen in stream CVE-2022-3903: Fix not seen in stream CVE-2022-39188: Fix not seen in stream -CVE-2022-39189: Fix not seen in stream +CVE-2022-39189: Fixed with 5.4.244 CVE-2022-39842: Fixed with 5.4.215 CVE-2022-40133: Fix not seen in stream CVE-2022-40307: Fixed with 5.4.213 @@ -628,6 +628,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 5.4.229 CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fixed with 5.4.229 CVE-2023-0047: Fixed with 5.4.160 CVE-2023-0160: Fix unknown @@ -640,7 +641,7 @@ CVE-2023-0461: Fixed with 5.4.229 CVE-2023-0590: Fixed with 5.4.240 CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 5.4.223 CVE-2023-1073: Fixed with 5.4.231 CVE-2023-1074: Fixed with 5.4.231 CVE-2023-1075: Fix not seen in stream @@ -672,7 +673,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fixed with 5.4.232 CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fixed with 5.4.209 @@ -695,9 +695,11 @@ CVE-2023-26607: Fixed with 5.4.225 CVE-2023-28327: Fixed with 5.4.227 CVE-2023-28328: Fixed with 5.4.229 -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fixed with 5.4.240 CVE-2023-28772: Fixed with 5.4.133 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 5.4.235 +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fixed with 5.4.238 CVE-2023-30772: Fixed with 5.4.240 CVE-2023-31081: Fix unknown @@ -711,5 +713,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fixed with 5.4.232 CVE-2023-33203: Fixed with 5.4.240 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 5.4.243
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt index 7bb32b0..493eab5 100644 --- a/data/5.4/5.4_security.txt +++ b/data/5.4/5.4_security.txt
@@ -815,6 +815,9 @@ CVE-2022-41849: 3742e9fd552e6c4193ebc5eb3d2cd02d429cad9c fbdev: smscufx: Fix use-after-free in ufx_ops_open() CVE-2022-41850: e30c3a9a88818e5cf3df3fda6ab8388bef3bc6cd HID: roccat: Fix use-after-free in roccat_read() +CVEs fixed in 5.4.223: + CVE-2023-0615: d8f479c777b413ba42c63e1a5ce6eee3d25b6714 media: vivid: dev->bitmap_cap wasn't freed in all cases + CVEs fixed in 5.4.224: CVE-2021-3759: bad83d55134e647a739ebef2082541963f2cbc92 memcg: enable accounting of ipc resources CVE-2022-3524: 92aaa5e8fe90a008828a1207e66a30444bcb1cbd tcp/udp: Fix memory leak in ipv6_renew_options(). @@ -880,6 +883,7 @@ CVE-2023-1079: dd08e68d04d08d2f42b09162c939a0b0841216cc HID: asus: use spinlock to safely schedule workers CVE-2023-1118: d120334278b370b6a1623a75ebe53b0c76cb247c media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1829: 7a6fb69bbcb21e9ce13bdf18c008c268874f0480 net/sched: Retire tcindex classifier + CVE-2023-2985: 3776ef785e1005355cdd86c751a8e838bac8e2e8 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 5.4.238: CVE-2023-1855: 26c176ce902861a45f8d699e057245ed7e0bcdf2 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -911,6 +915,11 @@ CVE-2023-2002: 48cdcb40d589d990ccc1a99fb76843484ce732a0 bluetooth: Perform careful capability checks in hci_sock_ioctl() CVE-2023-2269: 29a1ef57c3be1d53ecadb749d45b0636e8245a89 dm ioctl: fix nested locking in table_clear() to remove deadlock concern CVE-2023-32233: c8b6063f13add68f89540aa5030ceee875f48aa2 netfilter: nf_tables: deactivate anonymous set from preparation phase + CVE-2023-34256: 4f4fd982d972a55dee129f7da517b81fa16c408d ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum + +CVEs fixed in 5.4.244: + CVE-2022-34918: 05b4105e6852b584dd115d0a1f0fe96bde9c58c5 netfilter: nf_tables: stricter validation of element data + CVE-2022-39189: 1eb3e32de7b1f6ed927dfff3ab3651ce25f3d516 KVM: x86: do not report a vCPU as preempted outside instruction boundaries Outstanding CVEs: CVE-2005-3660: (unk) @@ -1017,7 +1026,6 @@ CVE-2022-3108: (unk) drm/amdkfd: Check for null pointer after calling kmemdup CVE-2022-3176: (unk) io_uring: fix UAF due to missing POLLFREE handling CVE-2022-3344: (unk) KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use - CVE-2022-34918: (unk) netfilter: nf_tables: stricter validation of element data CVE-2022-3522: (unk) mm/hugetlb: use hugetlb_pte_stable in migration race check CVE-2022-3523: (unk) mm/memory.c: fix race when faulting a device private page CVE-2022-3534: (unk) libbpf: Fix use-after-free in btf_dump_name_dups @@ -1032,7 +1040,6 @@ CVE-2022-38457: (unk) drm/vmwgfx: Remove rcu locks from user resources CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas - CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries CVE-2022-40133: (unk) drm/vmwgfx: Remove rcu locks from user resources CVE-2022-41848: (unk) CVE-2022-4269: (unk) act_mirred: use the backlog for nested calls to mirred ingress @@ -1047,11 +1054,11 @@ CVE-2022-45919: (unk) CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0160: (unk) CVE-2023-0240: (unk) io_uring: COW io_identity on mismatch CVE-2023-0386: (unk) ovl: fail on invalid uid/gid mapping at copy up CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu @@ -1061,7 +1068,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function @@ -1069,7 +1075,8 @@ CVE-2023-23039: (unk) CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access + CVE-2023-2898: (unk) + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) @@ -1077,5 +1084,5 @@ CVE-2023-31085: (unk) CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt index 9c41ed1..839f042 100644 --- a/data/5.5/5.5_CVEs.txt +++ b/data/5.5/5.5_CVEs.txt
@@ -588,6 +588,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -601,7 +602,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -633,7 +634,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -656,9 +656,11 @@ CVE-2023-26607: Fix not seen in stream CVE-2023-28327: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -672,5 +674,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt index 002ecc7..0e20a3d 100644 --- a/data/5.5/5.5_security.txt +++ b/data/5.5/5.5_security.txt
@@ -622,6 +622,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -635,7 +636,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -667,7 +668,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -690,9 +690,11 @@ CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28327: (unk) af_unix: Get user_ns from in_skb in unix_diag_get_exact(). CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -706,5 +708,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt index 2da2689..2b4d5b7 100644 --- a/data/5.6/5.6_CVEs.txt +++ b/data/5.6/5.6_CVEs.txt
@@ -564,6 +564,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -577,7 +578,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -610,7 +611,6 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -634,9 +634,11 @@ CVE-2023-26607: Fix not seen in stream CVE-2023-28327: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -650,5 +652,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt index c8d3d46..874e8b6 100644 --- a/data/5.6/5.6_security.txt +++ b/data/5.6/5.6_security.txt
@@ -598,6 +598,7 @@ CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -611,7 +612,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -644,7 +645,6 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -668,9 +668,11 @@ CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28327: (unk) af_unix: Get user_ns from in_skb in unix_diag_get_exact(). CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -684,5 +686,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt index 186e38d..96f6b3a 100644 --- a/data/5.7/5.7_CVEs.txt +++ b/data/5.7/5.7_CVEs.txt
@@ -558,6 +558,7 @@ CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -571,7 +572,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -605,7 +606,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -631,9 +632,11 @@ CVE-2023-26607: Fix not seen in stream CVE-2023-28327: Fix not seen in stream CVE-2023-28328: Fix not seen in stream -CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -647,5 +650,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt index a72fe85..bd65fd0 100644 --- a/data/5.7/5.7_security.txt +++ b/data/5.7/5.7_security.txt
@@ -592,6 +592,7 @@ CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -605,7 +606,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -639,7 +640,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -665,9 +666,11 @@ CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28327: (unk) af_unix: Get user_ns from in_skb in unix_diag_get_exact(). CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -681,5 +684,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt index 92a7e40..e334c4a 100644 --- a/data/5.8/5.8_CVEs.txt +++ b/data/5.8/5.8_CVEs.txt
@@ -542,6 +542,7 @@ CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -555,7 +556,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -589,7 +590,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -618,6 +619,9 @@ CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -631,5 +635,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt index 7bc67af..16d9ad5 100644 --- a/data/5.8/5.8_security.txt +++ b/data/5.8/5.8_security.txt
@@ -576,6 +576,7 @@ CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -589,7 +590,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -623,7 +624,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -652,6 +653,9 @@ CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -665,5 +669,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt index 99b4ad5..3131028 100644 --- a/data/5.9/5.9_CVEs.txt +++ b/data/5.9/5.9_CVEs.txt
@@ -515,6 +515,7 @@ CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix unknown @@ -528,7 +529,7 @@ CVE-2023-0461: Fix not seen in stream CVE-2023-0590: Fix not seen in stream CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream CVE-2023-1075: Fix not seen in stream @@ -562,7 +563,7 @@ CVE-2023-20928: Fix not seen in stream CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2176: Fix not seen in stream CVE-2023-2177: Fix not seen in stream @@ -591,6 +592,9 @@ CVE-2023-28410: Fix not seen in stream CVE-2023-28466: Fix not seen in stream CVE-2023-28772: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fix not seen in stream CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -604,5 +608,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt index 962b876..30ac803 100644 --- a/data/5.9/5.9_security.txt +++ b/data/5.9/5.9_security.txt
@@ -545,6 +545,7 @@ CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) @@ -558,7 +559,7 @@ CVE-2023-0461: (unk) net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0590: (unk) net: sched: fix race condition in qdisc_graft() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) + CVE-2023-0615: (unk) media: vivid: dev->bitmap_cap wasn't freed in all cases CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry @@ -592,7 +593,7 @@ CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free @@ -621,6 +622,9 @@ CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex() + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super + CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -634,5 +638,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt index 6dfd2f2..b9ce49e 100644 --- a/data/6.0/6.0_CVEs.txt +++ b/data/6.0/6.0_CVEs.txt
@@ -146,6 +146,7 @@ CVE-2022-48423: Fixed with 6.0.17 CVE-2022-48424: Fixed with 6.0.17 CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fixed with 6.0.19 CVE-2023-0160: Fix unknown CVE-2023-0179: Fix not seen in stream @@ -160,7 +161,7 @@ CVE-2023-0469: Fixed with 6.0.11 CVE-2023-0590: Fixed with 6.0.6 CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown +CVE-2023-0615: Fixed with 6.0.7 CVE-2023-1032: Fix not seen in stream CVE-2023-1073: Fix not seen in stream CVE-2023-1074: Fix not seen in stream @@ -194,7 +195,7 @@ CVE-2023-21102: Fix not seen in stream CVE-2023-21106: Fix not seen in stream CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fix not seen in stream CVE-2023-2162: Fix not seen in stream CVE-2023-2166: Fixed with 6.0.13 CVE-2023-2176: Fix not seen in stream @@ -220,6 +221,9 @@ CVE-2023-28328: Fixed with 6.0.16 CVE-2023-28466: Fix not seen in stream CVE-2023-28866: Fix not seen in stream +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fix not seen in stream +CVE-2023-3006: Fixed with 6.0.7 CVE-2023-30456: Fix not seen in stream CVE-2023-30772: Fix not seen in stream CVE-2023-31081: Fix unknown @@ -233,5 +237,6 @@ CVE-2023-32254: Fix not seen in stream CVE-2023-32269: Fix not seen in stream CVE-2023-33203: Fix not seen in stream -CVE-2023-33250: Fix unknown CVE-2023-33288: Fix not seen in stream +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fix not seen in stream
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt index 0d2253f..a850b49 100644 --- a/data/6.0/6.0_security.txt +++ b/data/6.0/6.0_security.txt
@@ -36,6 +36,8 @@ CVEs fixed in 6.0.7: CVE-2022-3524: 0c5d628f1e1d049c33595693fab1b6e9baf25795 tcp/udp: Fix memory leak in ipv6_renew_options(). + CVE-2023-0615: 74e2e978d1e36c3b67e998e779c02cbc8f481527 media: vivid: dev->bitmap_cap wasn't freed in all cases + CVE-2023-3006: 5b962b004afa3c11e651c07232f2402b4678007b arm64: Add AMPERE1 to the Spectre-BHB affected list CVEs fixed in 6.0.8: CVE-2022-3564: 9a04161244603f502c6e453913e51edd59cb70c1 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu @@ -198,6 +200,7 @@ CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-4842: (unk) fs/ntfs3: Fix attr_punch_hole() null pointer derenference CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0160: (unk) CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -206,7 +209,6 @@ CVE-2023-0458: (unk) prlimit: do_prlimit needs to have a speculation check CVE-2023-0459: (unk) uaccess: Add speculation barrier to copy_from_user() CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1032: (unk) net: avoid double iput when sock_alloc_file fails CVE-2023-1073: (unk) HID: check empty report_list in hid_validate_values() CVE-2023-1074: (unk) sctp: fail if no bound addresses can be used for a given scope @@ -238,7 +240,7 @@ CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include CVE-2023-21106: (unk) drm/msm/gpu: Fix potential double-free CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) + CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() @@ -254,6 +256,8 @@ CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds + CVE-2023-2898: (unk) + CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4 CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition CVE-2023-31081: (unk) @@ -267,5 +271,6 @@ CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition - CVE-2023-33250: (unk) CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay + CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt index a508d8b..1033003 100644 --- a/data/6.1/6.1_CVEs.txt +++ b/data/6.1/6.1_CVEs.txt
@@ -99,6 +99,7 @@ CVE-2022-48423: Fixed with 6.1.3 CVE-2022-48424: Fixed with 6.1.3 CVE-2022-48425: Fix not seen in stream +CVE-2022-48502: Fix not seen in stream CVE-2023-0045: Fixed with 6.1.5 CVE-2023-0160: Fix unknown CVE-2023-0179: Fixed with 6.1.7 @@ -110,7 +111,6 @@ CVE-2023-0459: Fixed with 6.1.14 CVE-2023-0461: Fixed with 6.1.5 CVE-2023-0597: Fix not seen in stream -CVE-2023-0615: Fix unknown CVE-2023-1032: Fixed with 6.1.16 CVE-2023-1073: Fixed with 6.1.9 CVE-2023-1074: Fixed with 6.1.9 @@ -141,7 +141,7 @@ CVE-2023-21102: Fixed with 6.1.8 CVE-2023-21106: Fixed with 6.1.9 CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fixed with 6.1.26 CVE-2023-2162: Fixed with 6.1.11 CVE-2023-2166: Fixed with 6.1 CVE-2023-2176: Fix not seen in stream @@ -166,6 +166,8 @@ CVE-2023-28328: Fixed with 6.1.2 CVE-2023-28466: Fixed with 6.1.20 CVE-2023-28866: Fixed with 6.1.22 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 6.1.16 CVE-2023-30456: Fixed with 6.1.21 CVE-2023-30772: Fixed with 6.1.22 CVE-2023-31081: Fix unknown @@ -179,5 +181,6 @@ CVE-2023-32254: Fixed with 6.1.28 CVE-2023-32269: Fixed with 6.1.11 CVE-2023-33203: Fixed with 6.1.22 -CVE-2023-33250: Fix unknown CVE-2023-33288: Fixed with 6.1.22 +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 6.1.29
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt index 9b72df2..2b55cd5 100644 --- a/data/6.1/6.1_security.txt +++ b/data/6.1/6.1_security.txt
@@ -85,6 +85,7 @@ CVE-2023-1118: 029c1410e345ce579db5c007276340d072aac54a media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1998: 08d87c87d6461d16827c9b88d84c48c26b6c994a x86/speculation: Allow enabling STIBP with legacy IBRS CVE-2023-25012: f2bf592ebd5077661e00aa11e12e054c4c8f6dd0 HID: bigben: use spinlock to safely schedule workers + CVE-2023-2985: 0c80bef0b7d297ea86e5408fe79c45479e504a26 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 6.1.18: CVE-2023-1829: 3abebc503a5148072052c229c6b04b329a420ecd net/sched: Retire tcindex classifier @@ -117,6 +118,7 @@ CVE-2023-1859: c4002b9d5e837f152a40d1333c56ccb84975147b 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition CVEs fixed in 6.1.26: + CVE-2023-2156: 9a0b96d03c59ba560b074cdb9b6233493fd5492d net: rpl: fix rpl header size calculation CVE-2023-2248: ce729b06dc33b01f8a6ac84da5ef54154326bf7e net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg CVE-2023-31436: ce729b06dc33b01f8a6ac84da5ef54154326bf7e net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -131,6 +133,7 @@ CVEs fixed in 6.1.29: CVE-2023-32250: f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b ksmbd: fix racy issue from session setup and logoff + CVE-2023-34256: 1fffe4750500148f3e744ed77cf233db8342603f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum Outstanding CVEs: CVE-2005-3660: (unk) @@ -211,23 +214,23 @@ CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition CVE-2022-45919: (unk) CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs + CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading CVE-2023-0160: (unk) CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-0615: (unk) CVE-2023-1192: (unk) CVE-2023-1193: (unk) CVE-2023-1194: (unk) CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-23005: (unk) mm/demotion: fix NULL vs IS_ERR checking in memory_tier_init CVE-2023-23039: (unk) CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) + CVE-2023-2898: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() CVE-2023-31085: (unk) - CVE-2023-33250: (unk) + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt index a5de8b0..d24e560 100644 --- a/data/6.2/6.2_CVEs.txt +++ b/data/6.2/6.2_CVEs.txt
@@ -79,7 +79,6 @@ CVE-2022-48425: Fix not seen in stream CVE-2023-0160: Fix unknown CVE-2023-0459: Fixed with 6.2.1 -CVE-2023-0615: Fix unknown CVE-2023-1032: Fixed with 6.2.3 CVE-2023-1076: Fixed with 6.2.3 CVE-2023-1077: Fixed with 6.2.3 @@ -103,7 +102,7 @@ CVE-2023-2002: Fixed with 6.2.14 CVE-2023-20941: Fix unknown CVE-2023-2124: Fix not seen in stream -CVE-2023-2156: Fix unknown +CVE-2023-2156: Fixed with 6.2.13 CVE-2023-2176: Fix not seen in stream CVE-2023-2194: Fixed with 6.2.9 CVE-2023-2235: Fixed with 6.2.8 @@ -116,6 +115,8 @@ CVE-2023-26545: Fixed with 6.2 CVE-2023-28466: Fixed with 6.2.7 CVE-2023-28866: Fixed with 6.2.9 +CVE-2023-2898: Fix unknown +CVE-2023-2985: Fixed with 6.2.3 CVE-2023-30456: Fixed with 6.2.8 CVE-2023-30772: Fixed with 6.2.9 CVE-2023-31081: Fix unknown @@ -130,3 +131,5 @@ CVE-2023-33203: Fixed with 6.2.9 CVE-2023-33250: Fix unknown CVE-2023-33288: Fixed with 6.2.9 +CVE-2023-34255: Fix not seen in stream +CVE-2023-34256: Fixed with 6.2.16
diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt index 1455438..264774e 100644 --- a/data/6.2/6.2_security.txt +++ b/data/6.2/6.2_security.txt
@@ -16,6 +16,7 @@ CVE-2023-1118: 182ea492aae5b64067277e60a4ea5995c4628555 media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1998: ead3c8e54d28fa1d5454b1f8a21b96b4a969b1cb x86/speculation: Allow enabling STIBP with legacy IBRS CVE-2023-25012: 90289e71514e9533a9c44d694e2b492be9ed2b77 HID: bigben: use spinlock to safely schedule workers + CVE-2023-2985: f348b373cebeaa91bf3552099026951189f14436 fs: hfsplus: fix UAF issue in hfsplus_put_super CVEs fixed in 6.2.5: CVE-2023-1829: 372ae77cf11d11fb118cbe2d37def9dd5f826abd net/sched: Retire tcindex classifier @@ -48,6 +49,7 @@ CVE-2023-1859: e7dcd834af53c79418ca3cd1c42749a314b9f7dc 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition CVEs fixed in 6.2.13: + CVE-2023-2156: 191642f5cfb38c0e44fb4783a37530bae15b8f8e net: rpl: fix rpl header size calculation CVE-2023-2248: 420d014b19ff119e210ecc075ff611fe7844690c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg CVE-2023-31436: 420d014b19ff119e210ecc075ff611fe7844690c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg @@ -62,6 +64,7 @@ CVEs fixed in 6.2.16: CVE-2023-32250: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff + CVE-2023-34256: c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum Outstanding CVEs: CVE-2005-3660: (unk) @@ -142,19 +145,19 @@ CVE-2022-45919: (unk) CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs CVE-2023-0160: (unk) - CVE-2023-0615: (unk) CVE-2023-1192: (unk) CVE-2023-1193: (unk) CVE-2023-1194: (unk) CVE-2023-20941: (unk) CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay - CVE-2023-2156: (unk) CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr CVE-2023-23039: (unk) CVE-2023-26242: (unk) + CVE-2023-2898: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) CVE-2023-31083: (unk) CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() CVE-2023-31085: (unk) CVE-2023-33250: (unk) + CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
diff --git a/data/CVEs.txt b/data/CVEs.txt index 4ed4f5a..ad36368 100644 --- a/data/CVEs.txt +++ b/data/CVEs.txt
@@ -2281,6 +2281,7 @@ CVE-2022-48423: 12dad495eaab95e0bb784c43869073617c513ea4 - 54e45702b648b7c0000e90b3e9b890e367e16ea8 (v5.15-rc1 to v6.2-rc1) CVE-2022-48424: 12dad495eaab95e0bb784c43869073617c513ea4 - 4f1dc7d9756e66f3f876839ea174df2e656b7f79 (v5.15-rc1 to v6.2-rc1) CVE-2022-48425: 12dad495eaab95e0bb784c43869073617c513ea4 - 98bea253aa28ad8be2ce565a9ca21beb4a9419e5 (v5.15-rc1 to v6.4-rc1) +CVE-2022-48502: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b (v2.6.12-rc2 to v6.2-rc1) CVE-2023-0030: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 729eba3355674f2d9524629b73683ba1d1cd3f10 (v2.6.12-rc2 to v5.0-rc1) CVE-2023-0045: 9137bb27e60e554dab694eafa4cca241fa3a694f - a664ec9158eeddd75121d39c9a0758016097fa96 (v4.20-rc5 to v6.2-rc3) CVE-2023-0047: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 60e2793d440a3ec95abb5d6d4fc034a4b480472d (v2.6.12-rc2 to v5.16-rc1) @@ -2299,7 +2300,7 @@ CVE-2023-0469: 61c1b44a21d70d4783db02198fbf68b132f4953c - 9d94c04c0db024922e886c9fd429659f22f48ea4 (v5.19-rc1 to v6.1-rc7) CVE-2023-0590: af356afa010f3cd2c8b8fcc3bce90f7a7b7ec02a - ebda44da44f6f309d302522b049f43d6f829f7aa (v2.6.32-rc1 to v6.1-rc2) CVE-2023-0597: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 97e3d26b5e5f371b3ee223d94dd123e6c442ba80 (v2.6.12-rc2 to v6.2-rc1) -CVE-2023-0615: (n/a) - (n/a) (unk to unk) +CVE-2023-0615: (n/a) - 1f65ea411cc7b6ff128d82a3493d7b5648054e6f (unk to v6.1-rc3) CVE-2023-1032: da214a475f8bd1d3e9e7a19ddfeb4d1617551bab - 649c15c7691e9b13cbe9bf6c65c365350e056067 (v5.19-rc1 to v6.3-rc2) CVE-2023-1073: 1b15d2e5b8077670b1e6a33250a0d9577efff4a5 - b12fece4c64857e5fab4290bf01b2e0317a88456 (v3.16-rc1 to v6.2-rc5) CVE-2023-1074: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 458e279f861d3f61796894cd158b780765a1569f (v2.6.12-rc2 to v6.2-rc6) @@ -2347,7 +2348,7 @@ CVE-2023-21102: cefc7ca46235f01d5233e3abd4b79452af01d9e9 - 18bba1843fc7f264f58c9345d00827d082f9c558 (v5.14-rc1 to v6.2-rc4) CVE-2023-21106: d4726d7700688835f4784d3b94de6fff2cbe16c2 - a66f1efcf748febea7758c4c3c8b5bc5294949ef (v5.19-rc1 to v6.2-rc5) CVE-2023-2124: 50d5c8d8e938e3c4c0d21db9fc7d64282dc7be20 - 22ed903eee23a5b174e240f1cdfa9acf393a5210 (v3.12-rc1 to v6.4-rc1) -CVE-2023-2156: (n/a) - (n/a) (unk to unk) +CVE-2023-2156: 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3 - 4e006c7a6dac0ead4c1bf606000aa90a372fc253 (v5.7-rc1 to v6.3) CVE-2023-2162: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3 (v2.6.12-rc2 to v6.2-rc6) CVE-2023-2166: 4e096a18867a5a989b510f6999d9c6b6622e8f7b - 0acc442309a0a1b01bcdaa135e56e6398a49439c (v5.12-rc1-dontuse to v6.1) CVE-2023-2176: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8d037973d48c026224ab285e6a06985ccac6f7bf (v2.6.12-rc2 to v6.3-rc1) @@ -2387,11 +2388,15 @@ CVE-2023-26607: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 36a4d82dddbbd421d2b8e79e1cab68c8126d5075 (v2.6.12-rc2 to v6.1-rc1) CVE-2023-28327: cae9910e73446cac68a54e3a7b02aaa12b689026 - b3abe42e94900bdd045c472f9c9be620ba5ce553 (v5.3-rc1 to v6.1) CVE-2023-28328: 76f9a820c8672ada12ffa0903652c9e6f2429462 - 0ed554fd769a19ea8464bb83e9ac201002ef74ad (v2.6.34-rc1 to v6.2-rc1) -CVE-2023-28410: (n/a) - 661412e301e2ca86799aa4f400d1cf0bd38c57c6 (unk to v5.19-rc1) +CVE-2023-28410: 9f909e215fea0652023b9ed09d3d7bfe10386423 - 661412e301e2ca86799aa4f400d1cf0bd38c57c6 (v5.8-rc1 to v5.19-rc1) CVE-2023-28464: 0f00cd322d22d4441de51aa80bcce5bb6a8cbb44 - 5dc7d23e167e2882ef118456ceccd57873e876d8 (v6.3-rc1 to v6.3-rc7) CVE-2023-28466: 3c4d7559159bfe1e3b94df3a657b2cda3a34e218 - 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962 (v4.13-rc1 to v6.3-rc2) CVE-2023-28772: 5e3ca0ec76fce92daa4eed0d02de9c79b1fe3920 - d3b16034a24a112bb83aeb669ac5b9b01f744bb7 (v2.6.27-rc1 to v5.14-rc1) CVE-2023-28866: d0b137062b2de75b264b84143d21c98abc5f5ad2 - bce56405201111807cc8e4f47c6de3e10b17c1ac (v5.17-rc1 to v6.3-rc4) +CVE-2023-2898: (n/a) - (n/a) (unk to unk) +CVE-2023-2985: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 07db5e247ab5858439b14dd7cc1fe538b9efcf32 (v2.6.12-rc2 to v6.3-rc1) +CVE-2023-3006: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0e5d5ae837c8ce04d2ddb874ec5f920118bd9d31 (v2.6.12-rc2 to v6.1-rc1) +CVE-2023-3022: effda4dd97e878ab83336bec7411cc41b5cc6d37 - a65120bae4b7425a39c5783aa3d4fc29677eef0e (CVE Caused by Backporting) CVE-2023-30456: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 112e66017bff7f2837030f34c2bc19501e9212d5 (v2.6.12-rc2 to v6.3-rc3) CVE-2023-30772: c1a281e34dae41379af86b95592a5ae8e9e3af67 - 06615d11cc78162dfd5116efb71f29eb29502d37 (v4.1-rc1 to v6.3-rc4) CVE-2023-31081: (n/a) - (n/a) (unk to unk) @@ -2405,5 +2410,7 @@ CVE-2023-32254: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 30210947a343b6b3ca13adc9bfc88e1543e16dd5 (v2.6.12-rc2 to v6.4-rc1) CVE-2023-32269: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 611792920925fb088ddccbe2783c7f92fdfb6b64 (v2.6.12-rc2 to v6.2-rc7) CVE-2023-33203: b9b17debc69d27cd55e21ee51a5ba7fc50a426cf - 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (v4.9-rc1 to v6.3-rc4) -CVE-2023-33250: (n/a) - (n/a) (unk to unk) +CVE-2023-33250: 2ff4bed7fee72ba1abfcff5f11ae8f8e570353f2 - (n/a) (v6.2-rc1 to unk) CVE-2023-33288: 97774672573ac4355bd12cf84b202555c1131b69 - 47c29d69212911f50bdcdd0564b5999a559010d4 (v2.6.39-rc1 to v6.3-rc4) +CVE-2023-34255: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 22ed903eee23a5b174e240f1cdfa9acf393a5210 (v2.6.12-rc2 to v6.4-rc1) +CVE-2023-34256: 717d50e4971b81b96c0199c91cdf0039a8cb181a - 4f04351888a83e595571de672e0a4a8b74f4fb31 (v2.6.24-rc1 to v6.4-rc2)
diff --git a/data/cmts.json b/data/cmts.json index 0aa0d72..a5731bb 100644 --- a/data/cmts.json +++ b/data/cmts.json
@@ -94,6 +94,7 @@ "07b0f00964def8af9321cfd6c4a7e84f6362f728": "v3.16-rc6", "07d86ca93db7e5cdf4743564d98292042ec21af7": "v4.5-rc4", "07d981ad4cf1e78361c6db1c28ee5ba105f96cc1": "v4.19-rc1", + "07db5e247ab5858439b14dd7cc1fe538b9efcf32": "v6.3-rc1", "07e6124a1a46b4b5a9b3cacc0c306b50da87abf5": "v5.6-rc3", "07f12b26e21ab359261bf75cfcb424fdc7daeb6d": "v5.0", "07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c": "v4.16-rc1", @@ -178,7 +179,9 @@ "0e47c99d7fe25e0f3907d9f3401079169d904891": "v3.4-rc1", "0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14": "v3.19-rc3", "0e5d56c64afcd6fd2d132ea972605b66f8a7d3c4": "v6.1-rc7", + "0e5d5ae837c8ce04d2ddb874ec5f920118bd9d31": "v6.1-rc1", "0e62395da2bd5166d7c9e14cbc7503b256a34cb0": "v5.5-rc1", + "0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b": "v6.2-rc1", "0e94682b73bfa6c44c98af7a26771c9c08c055d5": "v5.2-rc1", "0e9a9a1ad619e7e987815d20262d36a2f95717ca": "v3.8-rc2", "0ea1ec713f04bdfac343c9702b21cd3a7c711826": "v3.13-rc1", @@ -414,6 +417,7 @@ "1f3e2e97c003f80c4b087092b225c8787ff91e4d": "v5.15-rc6", "1f461dcdd296eecedaffffc6bae2bfa90bd7eb89": "v4.6-rc1", "1f522509c77a5dea8dc384b735314f03908a6415": "v2.6.35-rc1", + "1f65ea411cc7b6ff128d82a3493d7b5648054e6f": "v6.1-rc3", "1f7c51660034091dc134fcc534b7f1fa86a6e823": "v3.18-rc1", "1f86840f897717f86d523a13e99a447e6a5d2fa5": "v3.6-rc7", "1fa2337a315a2448c5434f41e00d56b01a22283c": "v4.2-rc1", @@ -623,6 +627,7 @@ "2fae9e5a7babada041e2e161699ade2447a01989": "v4.9-rc1", "2fcf4876ada8a293d3b92a1033b8b990a7c613d3": "v5.10-rc1", "2febc839133280d5a5e8e1179c94ea674489dae2": "v3.18-rc2", + "2ff4bed7fee72ba1abfcff5f11ae8f8e570353f2": "v6.2-rc1", "3010a0663fd949d122eca0561b06b0a9453f7866": "v4.16-rc4", "3015f3d2a3cd9614294025849d3ed89fd2f3a7f5": "v3.7-rc5", "30210947a343b6b3ca13adc9bfc88e1543e16dd5": "v6.4-rc1", @@ -1019,6 +1024,7 @@ "4dd2b82d5adfbe0b1587ccad7a8f76d826120f37": "v5.1", "4de930efc23b92ddf88ce91c405ee645fe6e27ea": "v4.0-rc6", "4dff5c7b7093b19c19d3a100f8a3ad87cb7cd9e7": "v4.5-rc4", + "4e006c7a6dac0ead4c1bf606000aa90a372fc253": "v6.3", "4e096a18867a5a989b510f6999d9c6b6622e8f7b": "v5.12-rc1-dontuse", "4e19d6b65fb4fc42e352ce9883649e049da14743": "v5.3-rc1", "4e2024624e678f0ebb916e6192bd23c1f9fdf696": "v3.19-rc3", @@ -1038,6 +1044,7 @@ "4ef1b2869447411ad3ef91ad7d4891a83c1a509a": "v4.11-rc4", "4efbc454ba68def5ef285b26ebfcfdb605b52755": "v3.14-rc4", "4f0414e54e4d1893c6f08260693f8ef84c929293": "v4.5-rc1", + "4f04351888a83e595571de672e0a4a8b74f4fb31": "v6.4-rc2", "4f11ada10d0ad3fd53e2bd67806351de63a4f9c3": "v6.2-rc6", "4f134b89a24b965991e7c345b9a4591821f7c2a6": "v5.10-rc7", "4f16f7ff3bc02f6e1845677235fea157bdc0e59c": "v4.16-rc1", @@ -1481,6 +1488,7 @@ "714b33d15130cbb5ab426456d4e3de842d6c5b8a": "v3.13-rc2", "715230a44310a8cf66fbfb5a46f9a62a9b2de424": "v3.9-rc6", "717adfdaf14704fd3ec7fa2c04520c0723247eac": "v4.18-rc5", + "717d50e4971b81b96c0199c91cdf0039a8cb181a": "v2.6.24-rc1", "71b3c126e61177eb693423f2e18a1914205b165e": "v4.5-rc1", "71bb99a02b32b4cc4265118e85f6035ca72923f0": "v3.19-rc3", "71ebd71921e451f0f942ddfe85d01e31ddc6eb88": "v4.12-rc1", @@ -1746,6 +1754,7 @@ "85dfb745ee40232876663ae206cba35f24ab2a40": "v3.9-rc6", "85e4ea1049c70fb99de5c6057e835d151fb647da": "v5.19-rc6", "85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa": "v4.13-rc5", + "8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3": "v5.7-rc1", "864745d291b5ba80ea0bd0edcbe67273de368836": "v3.6-rc7", "864e5c090749448e879e86bec06ee396aa2c19c5": "v4.20-rc1", "86741ec25462": "v4.10-rc1", @@ -2044,6 +2053,7 @@ "9f7d653b67aed2d92540fbb0a8adaf32fcf352ae": "v3.1-rc1", "9f7fec0ba89108b9385f1b9fb167861224912a4a": "v5.4-rc1", "9f834ec18defc369d73ccf9e87a2790bfa05bf46": "v4.8-rc5", + "9f909e215fea0652023b9ed09d3d7bfe10386423": "v5.8-rc1", "9fa2dd946743ae6f30dc4830da19147bf100a7f2": "v5.9-rc4", "9fa492cdc160cd27ce1046cb36f47d3b2b1efa21": "v2.6.19-rc1", "9fbfabfda25d8774c5a08634fdd2da000a924890": "v5.15-rc7", @@ -2147,6 +2157,7 @@ "a6138db815df5ee542d848318e5dae681590fccd": "v3.17-rc1", "a61ea561c87139992fe32afdee48a6f6b85d824a": "v5.18-rc1", "a642fc305053cc1c6e47e4f4df327895747ab485": "v3.18-rc2", + "a65120bae4b7425a39c5783aa3d4fc29677eef0e": "v5.2-rc1", "a657182a5c5150cdfacb6640aad1d2712571a409": "v6.0-rc4", "a659daf63d16aa883be42f3f34ff84235c302198": "v6.1-rc1", "a664ec9158eeddd75121d39c9a0758016097fa96": "v6.2-rc3", @@ -3044,6 +3055,7 @@ "efc644048ecde54f016011fe10110addd0de348f": "v4.4-rc1", "efe4186e6a1b54bf38b9e05450d43b0da1fd7739": "v5.17-rc6", "eff73de2b1600ad8230692f00bc0ab49b166512a": "v5.3-rc1", + "effda4dd97e878ab83336bec7411cc41b5cc6d37": "v5.2-rc1", "f00432063db1a0db484e85193eccc6845435b80e": "v5.18-rc2", "f00cdc6df7d7cfcabb5b740911e6788cb0802bdb": "v3.16-rc3", "f024ee098476a3e620232e4a78cfac505f121245": "v4.8-rc1",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json index 0ce5a53..6a5fa44 100644 --- a/data/kernel_cves.json +++ b/data/kernel_cves.json
@@ -59919,9 +59919,21 @@ "affected_versions": "v4.15-rc1 to v5.10", "breaks": "80055dab5de0c8677bc148c4717ddfc753a9148e", "cmt_msg": "netfilter: x_tables: Switch synchronization to RCU", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Network", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "None", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "score": 9.8 + }, "fixes": "cc00bcaa589914096edef7fb87ca5cee4a166b5c", "last_affected_version": "5.9", - "last_modified": "2023-05-25", + "last_modified": "2023-06-04", "nvd_text": "An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2020-36694", @@ -73624,7 +73636,7 @@ "cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table", "fixes": "470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2", "last_affected_version": "5.19.1", - "last_modified": "2022-09-22", + "last_modified": "2023-06-04", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2586", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2586", @@ -76153,7 +76165,7 @@ "cwe": "Access of Resource Using Incompatible Type ('Type Confusion')", "fixes": "7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6", "last_affected_version": "5.18.10", - "last_modified": "2022-07-19", + "last_modified": "2023-06-04", "nvd_text": "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-34918", @@ -76385,7 +76397,7 @@ "cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak", "fixes": "0152dfee235e87660f52a117fc9f70dc55956bb4", "last_affected_version": "6.0.2", - "last_modified": "2023-01-02", + "last_modified": "2023-06-04", "nvd_text": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3535", @@ -77579,7 +77591,7 @@ "cwe": "Unspecified", "fixes": "6cd88243c7e03845a450795e134b488fc2afb736", "last_affected_version": "5.18.16", - "last_modified": "2023-05-19", + "last_modified": "2023-06-04", "nvd_text": "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-39189", @@ -78261,7 +78273,7 @@ "cwe": "Deadlock", "fixes": "ca22da2fbd693b54dc8e3b7b54ccc9f7e9ba3640", "last_affected_version": "6.2.8", - "last_modified": "2023-03-31", + "last_modified": "2023-06-04", "nvd_text": "A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action \"mirred\") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-4269", @@ -79539,6 +79551,22 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2022-48425" } }, + "CVE-2022-48502": { + "affected_versions": "v2.6.12-rc2 to v6.2-rc1", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "fs/ntfs3: Check fields while reading", + "fixes": "0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b", + "last_modified": "2023-06-04", + "nvd_text": "An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-48502", + "ExploitDB": "https://www.exploit-db.com/search?cve=2022-48502", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-48502", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-48502", + "SUSE": "https://www.suse.com/security/cve/CVE-2022-48502", + "Ubuntu": "https://ubuntu.com/security/CVE-2022-48502" + } + }, "CVE-2023-0030": { "affected_versions": "v2.6.12-rc2 to v5.0-rc1", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", @@ -79864,9 +79892,22 @@ "affected_versions": "v2.6.12-rc2 to v6.3-rc1", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "uaccess: Add speculation barrier to copy_from_user()", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "None", + "Confidentiality": "High", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "score": 5.5 + }, "fixes": "74e19ef0ff8061ef55957c3abd71614ef0f42f47", "last_affected_version": "6.2.0", - "last_modified": "2023-05-05", + "last_modified": "2023-06-04", + "nvd_text": "Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the \"access_ok\" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit\u00a074e19ef0ff8061ef55957c3abd71614ef0f42f47", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0459", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-0459", @@ -80022,8 +80063,9 @@ } }, "CVE-2023-0615": { - "affected_versions": "unk to unk", + "affected_versions": "unk to v6.1-rc3", "breaks": "", + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Local", @@ -80036,8 +80078,9 @@ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "score": 5.5 }, - "fixes": "", - "last_modified": "2023-02-24", + "fixes": "1f65ea411cc7b6ff128d82a3493d7b5648054e6f", + "last_affected_version": "6.0.6", + "last_modified": "2023-06-04", "nvd_text": "A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0615", @@ -80371,8 +80414,20 @@ "affected_versions": "v5.16-rc1 to v6.1-rc3", "breaks": "7be3248f313930ff3d3436d4e9ddbe9fccc1f541", "cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 5.5 + }, "fixes": "153695d36ead0ccc4d0256953c751cabf673e621", - "last_modified": "2023-05-19", + "last_modified": "2023-06-04", "nvd_text": "A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1195", @@ -80852,9 +80907,21 @@ "affected_versions": "v4.12-rc1 to v6.3-rc7", "breaks": "71ebd71921e451f0f942ddfe85d01e31ddc6eb88", "cmt_msg": "9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 4.7 + }, "fixes": "ea4f1009408efb4989a0f139b70fb338e7f687d0", "last_affected_version": "6.2.11", - "last_modified": "2023-05-19", + "last_modified": "2023-06-04", "nvd_text": "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1859", @@ -80987,7 +81054,8 @@ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()", "fixes": "25c150ac103a4ebeed0319994c742a90634ddf18", "last_affected_version": "6.2.13", - "last_modified": "2023-05-19", + "last_modified": "2023-06-04", + "nvd_text": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2002", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-2002", @@ -81289,8 +81357,20 @@ "affected_versions": "v3.12-rc1 to v6.4-rc1", "breaks": "50d5c8d8e938e3c4c0d21db9fc7d64282dc7be20", "cmt_msg": "xfs: verify buffer contents when we skip log replay", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, "fixes": "22ed903eee23a5b174e240f1cdfa9acf393a5210", - "last_modified": "2023-05-19", + "last_modified": "2023-06-04", "nvd_text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2124", @@ -81302,8 +81382,9 @@ } }, "CVE-2023-2156": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v5.7-rc1 to v6.3", + "breaks": "8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3", + "cmt_msg": "net: rpl: fix rpl header size calculation", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Network", @@ -81316,8 +81397,9 @@ "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "score": 7.5 }, - "fixes": "", - "last_modified": "2023-05-19", + "fixes": "4e006c7a6dac0ead4c1bf606000aa90a372fc253", + "last_affected_version": "6.2.12", + "last_modified": "2023-06-04", "nvd_text": "A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2156", @@ -82161,7 +82243,8 @@ "affected_versions": "v6.3-rc1 to v6.4-rc1", "breaks": "57bebf807e2abcf87d96b9de1266104ee2d8fc2f", "fixes": "776617db78c6d208780e7c69d4d68d1fa82913de", - "last_modified": "2023-05-12", + "last_modified": "2023-06-04", + "nvd_text": "A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2598", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-2598", @@ -82400,8 +82483,8 @@ } }, "CVE-2023-28410": { - "affected_versions": "unk to v5.19-rc1", - "breaks": "", + "affected_versions": "v5.8-rc1 to v5.19-rc1", + "breaks": "9f909e215fea0652023b9ed09d3d7bfe10386423", "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access", "cvss3": { "Attack Complexity": "Low", @@ -82417,7 +82500,7 @@ }, "fixes": "661412e301e2ca86799aa4f400d1cf0bd38c57c6", "last_affected_version": "None", - "last_modified": "2023-05-25", + "last_modified": "2023-06-04", "nvd_text": "Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-28410", @@ -82542,6 +82625,82 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-28866" } }, + "CVE-2023-2898": { + "affected_versions": "unk to unk", + "breaks": "", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 4.7 + }, + "fixes": "", + "last_modified": "2023-06-04", + "nvd_text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2898", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-2898", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-2898", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-2898", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-2898", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-2898" + } + }, + "CVE-2023-2985": { + "affected_versions": "v2.6.12-rc2 to v6.3-rc1", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "fixes": "07db5e247ab5858439b14dd7cc1fe538b9efcf32", + "last_affected_version": "6.2.2", + "last_modified": "2023-06-04", + "nvd_text": "A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2985", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-2985", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-2985", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-2985", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-2985", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-2985" + } + }, + "CVE-2023-3006": { + "affected_versions": "v2.6.12-rc2 to v6.1-rc1", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list", + "fixes": "0e5d5ae837c8ce04d2ddb874ec5f920118bd9d31", + "last_affected_version": "6.0.6", + "last_modified": "2023-06-04", + "nvd_text": "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3006", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3006", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3006", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3006", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-3006", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-3006" + } + }, + "CVE-2023-3022": { + "backport": true, + "breaks": "effda4dd97e878ab83336bec7411cc41b5cc6d37", + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently", + "fixes": "a65120bae4b7425a39c5783aa3d4fc29677eef0e", + "last_modified": "2023-06-04", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3022", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3022", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3022", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-3022", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-3022" + } + }, "CVE-2023-30456": { "affected_versions": "v2.6.12-rc2 to v6.3-rc3", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", @@ -82861,9 +83020,21 @@ "affected_versions": "v4.9-rc1 to v6.3-rc4", "breaks": "b9b17debc69d27cd55e21ee51a5ba7fc50a426cf", "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Physical", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "None", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "score": 6.4 + }, "fixes": "6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75", "last_affected_version": "6.2.8", - "last_modified": "2023-05-25", + "last_modified": "2023-06-04", "nvd_text": "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-33203", @@ -82875,10 +83046,22 @@ } }, "CVE-2023-33250": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v6.2-rc1 to unk", + "breaks": "2ff4bed7fee72ba1abfcff5f11ae8f8e570353f2", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Network", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "None", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "score": 9.8 + }, "fixes": "", - "last_modified": "2023-05-25", + "last_modified": "2023-06-04", "nvd_text": "The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-33250", @@ -82893,9 +83076,21 @@ "affected_versions": "v2.6.39-rc1 to v6.3-rc4", "breaks": "97774672573ac4355bd12cf84b202555c1131b69", "cmt_msg": "power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 4.7 + }, "fixes": "47c29d69212911f50bdcdd0564b5999a559010d4", "last_affected_version": "6.2.8", - "last_modified": "2023-05-25", + "last_modified": "2023-06-04", "nvd_text": "An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-33288", @@ -82905,5 +83100,38 @@ "SUSE": "https://www.suse.com/security/cve/CVE-2023-33288", "Ubuntu": "https://ubuntu.com/security/CVE-2023-33288" } + }, + "CVE-2023-34255": { + "affected_versions": "v2.6.12-rc2 to v6.4-rc1", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "xfs: verify buffer contents when we skip log replay", + "fixes": "22ed903eee23a5b174e240f1cdfa9acf393a5210", + "last_modified": "2023-06-04", + "nvd_text": "An issue was discovered in the Linux kernel through 6.3.5. There is a use-after-free in xfs_btree_lookup_get_block in fs/xfs/libxfs/xfs_btree.c because fs/xfs/xfs_buf_item_recover.c does not perform buffer content verification when log replay is skipped.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-34255", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-34255", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-34255", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-34255", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-34255", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-34255" + } + }, + "CVE-2023-34256": { + "affected_versions": "v2.6.24-rc1 to v6.4-rc2", + "breaks": "717d50e4971b81b96c0199c91cdf0039a8cb181a", + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "fixes": "4f04351888a83e595571de672e0a4a8b74f4fb31", + "last_affected_version": "6.2.15", + "last_modified": "2023-06-04", + "nvd_text": "An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-34256", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-34256", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-34256", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-34256", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-34256", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-34256" + } } } \ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json index 7825996..ebfc06a 100644 --- a/data/stream_data.json +++ b/data/stream_data.json
@@ -2063,6 +2063,9 @@ "CVE-2022-3522": { "cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, @@ -2717,6 +2720,9 @@ "CVE-2020-8649": { "cmt_msg": "vgacon: Fix a UAF in vgacon_invert_region" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2016-2069": { "cmt_msg": "x86/mm: Add barriers and document switch_mm()-vs-flush synchronization" }, @@ -3176,9 +3182,6 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -3186,7 +3189,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -3200,6 +3203,9 @@ "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -3272,9 +3278,6 @@ "CVE-2020-0427": { "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -3506,6 +3509,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -3572,9 +3578,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -3713,6 +3716,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -4238,6 +4244,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2020-27066": { "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" }, @@ -4265,6 +4274,9 @@ "CVE-2017-5972": { "cmt_msg": "tcp: do not lock listener to process SYN packets" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -5612,6 +5624,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -5810,6 +5825,9 @@ "CVE-2020-12771": { "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2018-10853": { "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" }, @@ -6092,6 +6110,9 @@ "CVE-2017-13305": { "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -6140,9 +6161,6 @@ "CVE-2018-5953": { "cmt_msg": "printk: hash addresses printed with %p" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -6153,7 +6171,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -6188,6 +6206,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -6305,9 +6326,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -6449,6 +6467,9 @@ "CVE-2017-9059": { "cmt_msg": "NFSv4: Fix callback server shutdown" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, @@ -6641,6 +6662,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -6896,6 +6920,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -7631,9 +7658,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -9159,6 +9183,9 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-26966": { "cmt_msg": "sr9700: sanity check for packet length" }, @@ -9453,6 +9480,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -9501,9 +9531,6 @@ "CVE-2020-25212": { "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -9514,7 +9541,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -9654,9 +9681,6 @@ "CVE-2018-10883": { "cmt_msg": "jbd2: don't mark block as modified if the handle is out of credits" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -9966,6 +9990,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -10191,6 +10218,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -10371,6 +10401,9 @@ "CVE-2022-3115": { "cmt_msg": "drm: mali-dp: potential dereference of null pointer" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27777": { "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" }, @@ -10614,6 +10647,9 @@ "CVE-2018-11506": { "cmt_msg": "sr: pass down correctly sized SCSI sense buffer" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -10881,9 +10917,6 @@ "CVE-2019-16089": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -10896,6 +10929,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -12640,6 +12676,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -12688,9 +12727,6 @@ "CVE-2020-25212": { "cmt_msg": "nfs: Fix getxattr kernel panic and memory overflow" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -12701,7 +12737,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -12736,6 +12772,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -12844,15 +12883,15 @@ "CVE-2019-9458": { "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2016-8660": { "cmt_msg": "" }, "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -12991,6 +13030,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, @@ -13177,6 +13219,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -13411,6 +13456,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -13849,6 +13897,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -14131,9 +14182,6 @@ "CVE-2019-16089": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -15496,6 +15544,9 @@ "CVE-2018-18445": { "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -15538,6 +15589,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2018-10853": { "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" }, @@ -15763,6 +15817,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -15814,9 +15871,6 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -15827,7 +15881,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -15958,9 +16012,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -16249,6 +16300,9 @@ "CVE-2020-24503": { "cmt_msg": "" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -16330,9 +16384,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -16483,6 +16534,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -16651,6 +16705,9 @@ "CVE-2022-3115": { "cmt_msg": "drm: mali-dp: potential dereference of null pointer" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27777": { "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" }, @@ -17149,6 +17206,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -20750,6 +20810,10 @@ "CVE-2022-20369": { "cmt_msg": "media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls", "cmt_id": "7339b6bdf9e084f9e83c084ccc8879b6ae80b75a" + }, + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "b0e20af206273e90d47647e7c806ddcc0a401f65" } }, "4.14.299": { @@ -20883,6 +20947,10 @@ } }, "4.14.308": { + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "a9433406837c211af58a533d9e6f7a8f865b01f3" + }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "df0fad94ca3787727b9cdd76797aaacf46fe93ed" @@ -20961,6 +21029,10 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()", "cmt_id": "ac5305e5d227b9af3aae25fa83380d3ff0225b73" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "64b7487e3769e013fc7edb3804d1a769747f0228" + }, "CVE-2023-32233": { "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase", "cmt_id": "86572872505023e3bb461b271c2f25fdaa3dfcd7" @@ -20974,6 +21046,16 @@ "cmt_id": "c9dfa8ba3b181e67970f06d80de18aa257d1ecda" } }, + "4.14.316": { + "CVE-2022-2586": { + "cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table", + "cmt_id": "4e0dbab570defe5b747578cbea8e07f9d0709bec" + }, + "CVE-2022-34918": { + "cmt_msg": "netfilter: nf_tables: stricter validation of element data", + "cmt_id": "acd3e18fbcae6c5f9d79d75455569fc132227162" + } + }, "outstanding": { "CVE-2023-0160": { "cmt_msg": "" @@ -20981,6 +21063,9 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2020-26556": { "cmt_msg": "" }, @@ -21011,9 +21096,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -21146,12 +21228,12 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, - "CVE-2022-34918": { - "cmt_msg": "netfilter: nf_tables: stricter validation of element data" - }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -21191,9 +21273,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2019-3874": { "cmt_msg": "sctp: implement memory accounting on tx path" }, @@ -21224,9 +21303,6 @@ "CVE-2017-9986": { "cmt_msg": "sound: Retire OSS" }, - "CVE-2022-2586": { - "cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table" - }, "CVE-2021-34556": { "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" }, @@ -21428,6 +21504,9 @@ "CVE-2020-15780": { "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3566": { "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops." }, @@ -21452,9 +21531,6 @@ "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-21385": { "cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs" }, @@ -21515,9 +21591,6 @@ "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2020-12656": { "cmt_msg": "sunrpc: check that domain table is empty at module unload." }, @@ -21539,6 +21612,9 @@ "CVE-2015-2877": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2023-1611": { "cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls" }, @@ -21608,6 +21684,9 @@ "CVE-2022-4744": { "cmt_msg": "tun: avoid double free in tun_free_netdev" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" }, @@ -22870,6 +22949,9 @@ "CVE-2018-18445": { "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -22915,6 +22997,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -23134,6 +23219,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -23179,9 +23267,6 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -23192,7 +23277,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -23302,9 +23387,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -23581,6 +23663,9 @@ "CVE-2020-24503": { "cmt_msg": "" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -23662,9 +23747,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -23800,6 +23882,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -23965,6 +24050,9 @@ "CVE-2022-3115": { "cmt_msg": "drm: mali-dp: potential dereference of null pointer" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27777": { "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" }, @@ -24436,6 +24524,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -25744,6 +25835,9 @@ "CVE-2018-18445": { "cmt_msg": "bpf: 32-bit RSH verification must truncate input before the ALU op" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -25789,6 +25883,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2018-3620": { "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" }, @@ -26017,6 +26114,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -26071,9 +26171,6 @@ "CVE-2018-14610": { "cmt_msg": "btrfs: Check that each block group has corresponding chunk at mount time" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -26084,7 +26181,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -26197,9 +26294,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -26479,6 +26573,9 @@ "CVE-2020-24503": { "cmt_msg": "" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -26560,9 +26657,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -26704,6 +26798,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -26872,6 +26969,9 @@ "CVE-2022-3115": { "cmt_msg": "drm: mali-dp: potential dereference of null pointer" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27777": { "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" }, @@ -27358,6 +27458,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -30431,6 +30534,10 @@ "CVE-2022-20369": { "cmt_msg": "media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls", "cmt_id": "95c4751705f7eef0f16a245e121259857f867c4a" + }, + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "29385e601f3420cfe46550271714b6685719eb33" } }, "4.19.265": { @@ -30576,6 +30683,10 @@ } }, "4.19.276": { + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "e226f1fdcee1ca6e68233b132718deb578a84e38" + }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "74b78391a9b6f67de90b13f5a85e329e3b3f5a72" @@ -30662,6 +30773,10 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()", "cmt_id": "39f9bd880abac6068bedb24a4e16e7bd26bf92da" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "a733c466cedd1013a41fd8908d5810f2c161072f" + }, "CVE-2023-32233": { "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase", "cmt_id": "c6989314fd809c5eaf4980d6fa474f19fc653d6c" @@ -30675,6 +30790,12 @@ "cmt_id": "b4b94b25c78ed03be0e07fa4e76fe51e64dac533" } }, + "4.19.284": { + "CVE-2022-34918": { + "cmt_msg": "netfilter: nf_tables: stricter validation of element data", + "cmt_id": "835fd72f61c6162f10471df197f0e4b92b1a7b76" + } + }, "outstanding": { "CVE-2023-0160": { "cmt_msg": "" @@ -30682,6 +30803,9 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2020-26556": { "cmt_msg": "" }, @@ -30709,12 +30833,12 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2023-0590": { "cmt_msg": "net: sched: fix race condition in qdisc_graft()" }, @@ -30844,12 +30968,12 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, - "CVE-2022-34918": { - "cmt_msg": "netfilter: nf_tables: stricter validation of element data" - }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -30874,9 +30998,6 @@ "CVE-2022-45919": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -31099,6 +31220,9 @@ "CVE-2020-15780": { "cmt_msg": "ACPI: configfs: Disallow loading ACPI tables when locked down" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3566": { "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops." }, @@ -31123,9 +31247,6 @@ "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-39801": { "cmt_msg": "" }, @@ -31180,9 +31301,6 @@ "CVE-2021-44879": { "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2020-12656": { "cmt_msg": "sunrpc: check that domain table is empty at module unload." }, @@ -31258,6 +31376,9 @@ "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-5489": { "cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages" } @@ -31703,6 +31824,9 @@ "CVE-2018-13097": { "cmt_msg": "f2fs: fix to do sanity check with user_block_count" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -32477,6 +32601,9 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -32528,6 +32655,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -32747,6 +32877,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -32792,9 +32925,6 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -32802,7 +32932,7 @@ "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -32906,9 +33036,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -33014,6 +33141,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, @@ -33170,6 +33300,9 @@ "CVE-2020-24503": { "cmt_msg": "" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -33260,9 +33393,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -33392,6 +33522,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -35747,6 +35880,9 @@ "CVE-2020-15802": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2017-18270": { "cmt_msg": "KEYS: prevent creating a different user's keyrings" }, @@ -36527,6 +36663,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -36995,9 +37134,6 @@ "CVE-2018-5953": { "cmt_msg": "printk: hash addresses printed with %p" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -37008,7 +37144,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -37037,6 +37173,9 @@ "CVE-2014-9419": { "cmt_msg": "x86_64, switch_to(): Load TLS descriptors before switching DS and ES" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -37139,9 +37278,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -37241,6 +37377,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2021-20261": { "cmt_msg": "floppy: fix lock_fdc() signal handling" }, @@ -37418,6 +37557,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -37661,6 +37803,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -38291,6 +38436,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, @@ -38315,9 +38463,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -40449,6 +40594,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -40968,9 +41116,6 @@ "CVE-2016-7097": { "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -40981,7 +41126,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -41010,6 +41155,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -41124,9 +41272,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -41238,6 +41383,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2016-10088": { "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS" }, @@ -41433,6 +41581,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -41700,6 +41851,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -42114,6 +42268,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -42396,6 +42553,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, @@ -42420,9 +42580,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -45328,6 +45485,9 @@ "CVE-2020-15802": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, @@ -45358,9 +45518,6 @@ "CVE-2018-14616": { "cmt_msg": "f2fs: fix to do sanity check with block address in main area v2" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -45787,6 +45944,9 @@ "CVE-2022-1012": { "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2021-26931": { "cmt_msg": "xen-blkback: don't \"handle\" error by BUG()" }, @@ -46111,6 +46271,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, @@ -46124,7 +46287,10 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -46183,9 +46349,6 @@ "CVE-2020-0427": { "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2017-9984": { "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" }, @@ -46354,6 +46517,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -46405,9 +46571,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -46510,6 +46673,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -46957,6 +47123,9 @@ "CVE-2017-5972": { "cmt_msg": "tcp: do not lock listener to process SYN packets" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -49293,6 +49462,9 @@ "CVE-2020-15802": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-3460": { "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" }, @@ -50019,6 +50191,9 @@ "CVE-2021-0941": { "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -50238,6 +50413,9 @@ "CVE-2017-13305": { "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19537": { "cmt_msg": "USB: core: Fix races in character device registration and deregistraion" }, @@ -50277,12 +50455,6 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2019-9213": { "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" }, @@ -50290,7 +50462,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -50373,9 +50545,6 @@ "CVE-2019-9458": { "cmt_msg": "media: v4l: event: Prevent freeing event subscriptions while accessed" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -50595,6 +50764,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -50937,6 +51109,9 @@ "CVE-2022-1462": { "cmt_msg": "tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27777": { "cmt_msg": "powerpc/rtas: Restrict RTAS requests from userspace" }, @@ -51306,6 +51481,9 @@ "CVE-2017-16646": { "cmt_msg": "media: dib0700: fix invalid dvb_detach argument" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2021-44879": { "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection" }, @@ -51348,6 +51526,9 @@ "CVE-2017-5972": { "cmt_msg": "tcp: do not lock listener to process SYN packets" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -51447,6 +51628,10 @@ "cmt_msg": "net: avoid double iput when sock_alloc_file fails", "cmt_id": "cb6aedc1fd9d808d7319db2f953f4886dd46c627" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "f348b373cebeaa91bf3552099026951189f14436" + }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "b08bcfb4c97d7bd41b362cff44b2c537ce9e8540" @@ -51553,6 +51738,10 @@ } }, "6.2.13": { + "CVE-2023-2156": { + "cmt_msg": "net: rpl: fix rpl header size calculation", + "cmt_id": "191642f5cfb38c0e44fb4783a37530bae15b8f8e" + }, "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg", "cmt_id": "420d014b19ff119e210ecc075ff611fe7844690c" @@ -51587,6 +51776,10 @@ } }, "6.2.16": { + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f" + }, "CVE-2023-32250": { "cmt_msg": "ksmbd: fix racy issue from session setup and logoff", "cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f" @@ -51614,9 +51807,6 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -51647,9 +51837,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2020-15802": { "cmt_msg": "" }, @@ -51659,6 +51846,9 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-15239": { "cmt_msg": "unknown" }, @@ -51821,6 +52011,9 @@ "CVE-2021-3542": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2018-12929": { "cmt_msg": "" }, @@ -52121,6 +52314,10 @@ "cmt_msg": "net: avoid double iput when sock_alloc_file fails", "cmt_id": "7c7570791b15c3b78e3229ae97825e7eb869c7da" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "0c80bef0b7d297ea86e5408fe79c45479e504a26" + }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "ee907829b36949c452c6f89485cb2a58e97c048e" @@ -52227,6 +52424,10 @@ } }, "6.1.26": { + "CVE-2023-2156": { + "cmt_msg": "net: rpl: fix rpl header size calculation", + "cmt_id": "9a0b96d03c59ba560b074cdb9b6233493fd5492d" + }, "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg", "cmt_id": "ce729b06dc33b01f8a6ac84da5ef54154326bf7e" @@ -52261,6 +52462,10 @@ } }, "6.1.29": { + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "1fffe4750500148f3e744ed77cf233db8342603f" + }, "CVE-2023-32250": { "cmt_msg": "ksmbd: fix racy issue from session setup and logoff", "cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b" @@ -52288,9 +52493,6 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -52330,9 +52532,6 @@ "CVE-2023-0597": { "cmt_msg": "x86/mm: Randomize per-cpu entry area" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2020-15802": { "cmt_msg": "" }, @@ -52342,6 +52541,9 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-15239": { "cmt_msg": "unknown" }, @@ -52477,9 +52679,6 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-39801": { "cmt_msg": "" }, @@ -52507,6 +52706,9 @@ "CVE-2021-3542": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2018-12929": { "cmt_msg": "" }, @@ -52560,6 +52762,9 @@ }, "CVE-2023-23039": { "cmt_msg": "" + }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" } } }, @@ -52675,9 +52880,17 @@ } }, "6.0.7": { + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list", + "cmt_id": "5b962b004afa3c11e651c07232f2402b4678007b" + }, "CVE-2022-3524": { "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options().", "cmt_id": "0c5d628f1e1d049c33595693fab1b6e9baf25795" + }, + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "74e2e978d1e36c3b67e998e779c02cbc8f481527" } }, "6.0.8": { @@ -52919,9 +53132,6 @@ "CVE-2023-1380": { "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2023-21106": { "cmt_msg": "drm/msm/gpu: Fix potential double-free" }, @@ -52998,7 +53208,7 @@ "cmt_msg": "x86/mm: Randomize per-cpu entry area" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1583": { "cmt_msg": "io_uring/rsrc: fix null-ptr-deref in io_file_bitmap_get()" @@ -53111,6 +53321,9 @@ "CVE-2013-7445": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2005-3660": { "cmt_msg": "" }, @@ -53156,6 +53369,9 @@ "CVE-2020-14304": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2020-0347": { "cmt_msg": "" }, @@ -53186,6 +53402,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1078": { "cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()" }, @@ -53243,9 +53462,6 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-39801": { "cmt_msg": "" }, @@ -53300,6 +53516,9 @@ "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2018-12929": { "cmt_msg": "" }, @@ -53378,6 +53597,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2023-2002": { "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()" } @@ -54406,6 +54628,9 @@ "CVE-2016-7039": { "cmt_msg": "net: add recursion limit to GRO" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-0255": { "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" }, @@ -54694,6 +54919,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -55264,9 +55492,6 @@ "CVE-2016-7097": { "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -55277,7 +55502,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -55312,6 +55537,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -55426,9 +55654,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -55780,6 +56005,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -56077,6 +56305,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -56524,6 +56755,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -56803,6 +57037,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2020-27066": { "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" }, @@ -56827,9 +57064,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -60570,6 +60804,9 @@ "CVE-2020-15802": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, @@ -60585,9 +60822,6 @@ "CVE-2018-3646": { "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -60873,6 +61107,9 @@ "CVE-2022-1012": { "cmt_msg": "secure_seq: use the 64 bits of the siphash for port offset calculation" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2017-1000405": { "cmt_msg": "mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()" }, @@ -61107,14 +61344,14 @@ "CVE-2019-10220": { "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26145": { "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" @@ -61158,9 +61395,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2022-1786": { "cmt_msg": "io_uring: remove io_identity" }, @@ -61272,6 +61506,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2022-3649": { "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root" }, @@ -61383,6 +61620,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -61455,6 +61695,9 @@ "CVE-2022-1462": { "cmt_msg": "tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self" }, @@ -61677,6 +61920,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -62913,6 +63159,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -63402,6 +63651,9 @@ "CVE-2017-13305": { "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -63453,9 +63705,6 @@ "CVE-2016-7097": { "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -63466,7 +63715,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -63501,6 +63750,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -63618,9 +63870,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -63756,6 +64005,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2016-10088": { "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS" }, @@ -63960,6 +64212,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -64242,6 +64497,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -64704,6 +64962,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -65004,9 +65265,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -66356,6 +66614,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -66905,9 +67166,6 @@ "CVE-2016-7097": { "cmt_msg": "posix_acl: Clear SGID bit when setting file permissions" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -66918,7 +67176,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -66953,6 +67211,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -67070,9 +67331,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -67205,6 +67463,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2016-10088": { "cmt_msg": "sg_write()/bsg_write() is not fit to be called under KERNEL_DS" }, @@ -67406,6 +67667,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -67694,6 +67958,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -68156,6 +68423,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -68429,6 +68699,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2020-27066": { "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" }, @@ -68453,9 +68726,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -70041,6 +70311,9 @@ "CVE-2022-3522": { "cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-3460": { "cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt" }, @@ -70908,6 +71181,9 @@ "CVE-2021-0941": { "cmt_msg": "bpf: Remove MTU check in __bpf_skb_max_len" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-26966": { "cmt_msg": "sr9700: sanity check for packet length" }, @@ -71157,6 +71433,9 @@ "CVE-2018-17182": { "cmt_msg": "mm: get rid of vmacache_flush_all() entirely" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -71202,9 +71481,6 @@ "CVE-2018-5953": { "cmt_msg": "printk: hash addresses printed with %p" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -71215,7 +71491,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -71235,6 +71511,9 @@ "CVE-2020-26147": { "cmt_msg": "mac80211: assure all fragments are encrypted" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -71322,9 +71601,6 @@ "CVE-2022-1419": { "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -71592,6 +71868,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -71673,9 +71952,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -71823,6 +72099,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -72462,6 +72741,9 @@ "CVE-2017-5972": { "cmt_msg": "tcp: do not lock listener to process SYN packets" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2017-5970": { "cmt_msg": "ipv4: keep skb->dst around in presence of IP options" }, @@ -72911,9 +73193,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -73538,6 +73817,9 @@ "CVE-2020-12771": { "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2020-16166": { "cmt_msg": "random32: update the net random state on interrupt and activity" }, @@ -73688,6 +73970,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-3600": { "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" }, @@ -73707,7 +73992,10 @@ "cmt_msg": "" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -73775,9 +74063,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" }, @@ -73979,6 +74264,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -74045,9 +74333,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -74522,6 +74807,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -74612,6 +74900,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -75694,6 +75985,9 @@ "CVE-2016-7039": { "cmt_msg": "net: add recursion limit to GRO" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-0255": { "cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()" }, @@ -75970,6 +76264,9 @@ "CVE-2007-3719": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2023-0590": { "cmt_msg": "net: sched: fix race condition in qdisc_graft()" }, @@ -76585,9 +76882,6 @@ "CVE-2016-3713": { "cmt_msg": "KVM: MTRR: remove MSR 0x2f8" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -76598,7 +76892,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -76630,6 +76924,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -76750,9 +77047,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -77113,6 +77407,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -77413,6 +77710,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -77878,6 +78178,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-19332": { "cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)" }, @@ -78166,6 +78469,9 @@ "CVE-2020-0429": { "cmt_msg": "l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2020-27066": { "cmt_msg": "xfrm: policy: Fix doulbe free in xfrm_policy_timer" }, @@ -78190,9 +78496,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -78640,9 +78943,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -79057,6 +79357,9 @@ "CVE-2020-12351": { "cmt_msg": "Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -79234,6 +79537,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -79369,6 +79675,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-3600": { "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" }, @@ -79382,7 +79691,10 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -79448,7 +79760,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -79657,6 +79969,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -79720,9 +80035,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -80185,6 +80497,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -81093,6 +81408,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -81264,6 +81582,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -81390,6 +81711,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -81406,7 +81730,10 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -81466,7 +81793,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -81663,6 +81990,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -81717,9 +82047,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -82173,6 +82500,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -83025,6 +83355,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -83190,6 +83523,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -83316,6 +83652,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -83332,7 +83671,10 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -83389,7 +83731,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -83580,6 +83922,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -83634,9 +83979,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -84063,6 +84405,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -88017,6 +88362,12 @@ "cmt_id": "81fe58e4e7f61a1f5200898e7cd4c9748f83051f" } }, + "4.9.332": { + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "e1b5b061987d56d7b64da962fec3be4ae7e78300" + } + }, "4.9.333": { "CVE-2022-3628": { "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()", @@ -88082,6 +88433,9 @@ "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2020-26556": { "cmt_msg": "" }, @@ -88106,9 +88460,6 @@ "CVE-2022-20422": { "cmt_msg": "arm64: fix oops in concurrently setting insn_emulation sysctls" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2018-20854": { "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" }, @@ -88121,9 +88472,6 @@ "CVE-2023-1670": { "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -88205,6 +88553,9 @@ "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2019-15222": { "cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check" }, @@ -88265,6 +88616,9 @@ "CVE-2019-12378": { "cmt_msg": "ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" }, @@ -88487,9 +88841,6 @@ "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, - "CVE-2023-23559": { - "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" - }, "CVE-2022-44033": { "cmt_msg": "" }, @@ -88511,6 +88862,9 @@ "CVE-2018-12130": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2017-8065": { "cmt_msg": "crypto: ccm - move cbcmac input off the stack" }, @@ -88598,6 +88952,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2019-12615": { "cmt_msg": "mdesc: fix a missing-check bug in get_vdev_port_node_info()" }, @@ -88655,6 +89012,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2022-2327": { "cmt_msg": "io_uring: remove any grabbing of context" }, @@ -88736,9 +89096,6 @@ "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-21385": { "cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs" }, @@ -88814,8 +89171,8 @@ "CVE-2018-12207": { "cmt_msg": "kvm: x86, powerpc: do not allow clearing largepages debugfs entry" }, - "CVE-2023-2156": { - "cmt_msg": "" + "CVE-2023-23559": { + "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid" }, "CVE-2023-1855": { "cmt_msg": "hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition" @@ -88919,6 +89276,9 @@ "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-3903": { "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines" }, @@ -89280,6 +89640,9 @@ "CVE-2020-15802": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2017-18270": { "cmt_msg": "KEYS: prevent creating a different user's keyrings" }, @@ -90186,6 +90549,9 @@ "CVE-2017-10911": { "cmt_msg": "xen-blkback: don't leak stack data via response ring" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-45919": { "cmt_msg": "" }, @@ -90669,6 +91035,9 @@ "CVE-2017-13305": { "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -90717,9 +91086,6 @@ "CVE-2018-5953": { "cmt_msg": "printk: hash addresses printed with %p" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -90730,7 +91096,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2017-7472": { "cmt_msg": "KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings" @@ -90765,6 +91131,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -90882,9 +91251,6 @@ "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -91023,6 +91389,9 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, @@ -91221,6 +91590,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -91497,6 +91869,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -92256,9 +92631,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -93777,6 +94149,9 @@ "CVE-2020-12771": { "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2018-10853": { "cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access" }, @@ -94038,6 +94413,9 @@ "CVE-2017-13305": { "cmt_msg": "KEYS: encrypted: fix buffer overread in valid_master_desc()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -94086,9 +94464,6 @@ "CVE-2018-5953": { "cmt_msg": "printk: hash addresses printed with %p" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, @@ -94099,7 +94474,7 @@ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2020-26557": { "cmt_msg": "" @@ -94134,6 +94509,9 @@ "CVE-2017-16538": { "cmt_msg": "media: dvb-usb-v2: lmedm04: Improve logic checking of warm start" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-27825": { "cmt_msg": "tracing: Fix race in trace_open and buffer resize call" }, @@ -94242,15 +94620,15 @@ "CVE-2021-39714": { "cmt_msg": "staging: android: ion: Drop ion_map_kernel interface" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2016-8660": { "cmt_msg": "" }, "CVE-2020-14314": { "cmt_msg": "ext4: fix potential negative array index in do_split()" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -94401,6 +94779,9 @@ "CVE-2017-9059": { "cmt_msg": "NFSv4: Fix callback server shutdown" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2020-36516": { "cmt_msg": "ipv4: avoid using shared IP generator for connected sockets" }, @@ -94593,6 +94974,9 @@ "CVE-2022-0168": { "cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -94830,6 +95214,9 @@ "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -95553,9 +95940,6 @@ "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-38198": { "cmt_msg": "KVM: X86: MMU: Use the correct inherited permissions to get shadow page" }, @@ -96116,9 +96500,6 @@ "CVE-2019-11478": { "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -96161,6 +96542,9 @@ "CVE-2019-17054": { "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -96893,6 +97277,9 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -96938,6 +97325,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -97124,6 +97514,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -97167,7 +97560,7 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -97280,9 +97673,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -97526,6 +97916,9 @@ "CVE-2019-19525": { "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -97604,9 +97997,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -97739,6 +98129,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -98309,6 +98702,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -98787,9 +99183,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -98832,6 +99225,9 @@ "CVE-2019-17054": { "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -99546,6 +99942,9 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2021-3655": { "cmt_msg": "sctp: validate from_addr_param return" }, @@ -99588,6 +99987,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -99780,6 +100182,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -99820,7 +100225,7 @@ "cmt_msg": "" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -99930,9 +100335,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2023-1073": { "cmt_msg": "HID: check empty report_list in hid_validate_values()" }, @@ -100167,6 +100569,9 @@ "CVE-2019-19525": { "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -100248,9 +100653,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -100380,6 +100782,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -100950,6 +101355,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -101429,9 +101837,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -101468,6 +101873,9 @@ "CVE-2023-1073": { "cmt_msg": "HID: check empty report_list in hid_validate_values()" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -102182,6 +102590,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -102359,6 +102770,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19534": { "cmt_msg": "can: peak_usb: fix slab info leak" }, @@ -102387,7 +102801,7 @@ "cmt_msg": "" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -102488,9 +102902,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" }, @@ -102737,6 +103148,9 @@ "CVE-2019-19525": { "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -102818,9 +103232,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -103382,6 +103793,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3649": { "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root" }, @@ -103478,6 +103892,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -104231,6 +104648,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -104372,6 +104792,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -104468,6 +104891,9 @@ "CVE-2022-44032": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -104483,11 +104909,11 @@ "CVE-2022-3619": { "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -104541,7 +104967,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -104675,6 +105101,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -105095,6 +105524,9 @@ "CVE-2022-21166": { "cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -105837,6 +106269,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -105978,6 +106413,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -106065,6 +106503,9 @@ "CVE-2022-44032": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -106077,11 +106518,11 @@ "CVE-2022-3619": { "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -106138,7 +106579,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -106275,6 +106716,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -106674,6 +107118,9 @@ "CVE-2022-21166": { "cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -108491,6 +108938,16 @@ "cmt_id": "7aa3d623c11b9ab60f86b7833666e5d55bac4be9" } }, + "5.10.153": { + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list", + "cmt_id": "52a43b82006dc88f996bd06da5a3fcfef85220c8" + }, + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "147b8f1892aaa474f912ac75babfd316ee0de672" + } + }, "5.10.154": { "CVE-2022-3628": { "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()", @@ -108730,6 +109187,10 @@ "cmt_msg": "malidp: Fix NULL vs IS_ERR() checking", "cmt_id": "a5bbea50d622b8f49ab8ee3b0eb283107febcf1a" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "ef7d71d7bd57b8b7fe514e459927696c1c6d1047" + }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "21a2eec4a440060a6eb294dc890eaf553101ba09" @@ -108814,6 +109275,10 @@ } }, "5.10.179": { + "CVE-2023-2156": { + "cmt_msg": "net: rpl: fix rpl header size calculation", + "cmt_id": "c972851d3848647f57cd8d5625c48663410c3f96" + }, "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg", "cmt_id": "ddcf35deb8f2a1d9addc74b586cf4c5a1f5d6020" @@ -108832,21 +109297,31 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()", "cmt_id": "549825602e3e6449927ca1ea1a08fd89868439df" }, - "CVE-2023-32233": { - "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase", - "cmt_id": "e044a24447189419c3a7ccc5fa6da7516036dc55" + "CVE-2023-2269": { + "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern", + "cmt_id": "ea827627a9249154b34b646b1e1007013402afea" }, "CVE-2023-2002": { "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()", "cmt_id": "98cfbad52fc286c2a1a75e04bf47b98d6489db1f" }, + "CVE-2023-32233": { + "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase", + "cmt_id": "e044a24447189419c3a7ccc5fa6da7516036dc55" + }, "CVE-2022-39189": { "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries", "cmt_id": "529f41f0eb1ef995bfa83c121c3cfe3a0720119a" }, - "CVE-2023-2269": { - "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern", - "cmt_id": "ea827627a9249154b34b646b1e1007013402afea" + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "0dde3141c527b09b96bef1e7eeb18b8127810ce9" + } + }, + "5.10.181": { + "CVE-2022-4269": { + "cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress", + "cmt_id": "53245103786312f21fb9785327a4367cf10f0dbb" } }, "outstanding": { @@ -108877,9 +109352,6 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -108967,6 +109439,9 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, @@ -109021,9 +109496,6 @@ "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2022-47946": { "cmt_msg": "io_uring: kill sqo_dead and sqo submission halting" }, @@ -109159,6 +109631,9 @@ "CVE-2022-3567": { "cmt_msg": "ipv6: Fix data races around sk->sk_prot." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3566": { "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops." }, @@ -109180,18 +109655,12 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-39801": { "cmt_msg": "" }, "CVE-2021-39800": { "cmt_msg": "" }, - "CVE-2022-4269": { - "cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress" - }, "CVE-2022-45885": { "cmt_msg": "" }, @@ -109278,6 +109747,9 @@ }, "CVE-2023-23039": { "cmt_msg": "" + }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" } } }, @@ -110080,6 +110552,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2021-43976": { "cmt_msg": "mwifiex: Fix skb_over_panic in mwifiex_usb_recv()" }, @@ -110236,6 +110711,9 @@ "CVE-2022-20148": { "cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -110344,6 +110822,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -110356,11 +110837,11 @@ "CVE-2023-28410": { "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -110420,7 +110901,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -110578,6 +111059,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -111004,6 +111488,9 @@ "CVE-2022-21166": { "cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -111594,11 +112081,14 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2022-3061": { "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero" }, @@ -111695,6 +112185,9 @@ "CVE-2022-3521": { "cmt_msg": "kcm: avoid potential race in kcm_tx_work" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-47929": { "cmt_msg": "net: sched: disallow noqueue for qdisc classes" }, @@ -111774,7 +112267,7 @@ "cmt_msg": "ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2022-40133": { "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources" @@ -111977,6 +112470,9 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, + "CVE-2023-1077": { + "cmt_msg": "sched/rt: pick_next_rt_entity(): check list_entry" + }, "CVE-2022-3238": { "cmt_msg": "" }, @@ -112235,6 +112731,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2022-47521": { "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute" }, @@ -112346,9 +112845,6 @@ "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -112442,6 +112938,9 @@ "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2018-12929": { "cmt_msg": "" }, @@ -112538,8 +113037,8 @@ "CVE-2022-21499": { "cmt_msg": "lockdown: also lock down previous kgdb use" }, - "CVE-2023-1077": { - "cmt_msg": "sched/rt: pick_next_rt_entity(): check list_entry" + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" }, "CVE-2023-22998": { "cmt_msg": "drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init" @@ -112550,6 +113049,9 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2023-2002": { "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()" } @@ -112944,11 +113446,14 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2022-3061": { "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero" }, @@ -113033,6 +113538,9 @@ "CVE-2022-3521": { "cmt_msg": "kcm: avoid potential race in kcm_tx_work" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-47929": { "cmt_msg": "net: sched: disallow noqueue for qdisc classes" }, @@ -113097,7 +113605,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-0597": { "cmt_msg": "x86/mm: Randomize per-cpu entry area" @@ -113363,6 +113871,9 @@ "CVE-2023-26242": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2005-3660": { "cmt_msg": "" }, @@ -113501,6 +114012,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-32269": { "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket" }, @@ -113603,9 +114117,6 @@ "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -113690,6 +114201,9 @@ "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-2308": { "cmt_msg": "vduse: prevent uninitialized memory accesses" }, @@ -113774,6 +114288,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-47519": { "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute" }, @@ -114406,6 +114923,9 @@ "CVE-2022-0492": { "cmt_msg": "cgroup-v1: Require capabilities to set release_agent" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-25636": { "cmt_msg": "netfilter: nf_tables_offload: incorrect flow offload action array size" }, @@ -114547,6 +115067,9 @@ "CVE-2022-2905": { "cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-28389": { "cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path" }, @@ -114634,6 +115157,9 @@ "CVE-2022-44032": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -114646,11 +115172,11 @@ "CVE-2022-3619": { "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -114704,7 +115230,7 @@ "cmt_msg": "" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" @@ -114820,6 +115346,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2023-1637": { "cmt_msg": "x86/speculation: Restore speculation related MSRs during S3 resume" }, @@ -115171,6 +115700,9 @@ "CVE-2022-21166": { "cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -116425,9 +116957,17 @@ } }, "5.15.77": { + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list", + "cmt_id": "52c2329147cf5d956dcaa3a91c886c550e7bdd39" + }, "CVE-2022-3524": { "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options().", "cmt_id": "1401e9336bebaa6dd5a320f83bddc17619d4e3a6" + }, + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "0f83edbe4fe95d9c68b32aebe07fe413bcf92afe" } }, "5.15.78": { @@ -116713,6 +117253,18 @@ } }, "5.15.99": { + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "05103d88482dc3757db108415342fdd86821a79b" + }, + "CVE-2023-1079": { + "cmt_msg": "HID: asus: use spinlock to safely schedule workers", + "cmt_id": "3959316f8ceb17866646abc6be4a332655407138" + }, + "CVE-2023-25012": { + "cmt_msg": "HID: bigben: use spinlock to safely schedule workers", + "cmt_id": "0fd9998052926ed24cfb30ab1a294cfeda4d0a8f" + }, "CVE-2023-1076": { "cmt_msg": "tun: tun_chr_open(): correctly initialize socket uid", "cmt_id": "67f9f02928a34aad0a2c11dab5eea269f5ecf427" @@ -116721,14 +117273,6 @@ "cmt_msg": "sched/rt: pick_next_rt_entity(): check list_entry", "cmt_id": "2c36c390a74981d03f04f01fe7ee9c3ac3ea11f7" }, - "CVE-2023-25012": { - "cmt_msg": "HID: bigben: use spinlock to safely schedule workers", - "cmt_id": "0fd9998052926ed24cfb30ab1a294cfeda4d0a8f" - }, - "CVE-2023-1079": { - "cmt_msg": "HID: asus: use spinlock to safely schedule workers", - "cmt_id": "3959316f8ceb17866646abc6be4a332655407138" - }, "CVE-2023-1118": { "cmt_msg": "media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()", "cmt_id": "29962c478e8b2e6a6154d8d84b8806dbe36f9c28" @@ -116817,6 +117361,10 @@ } }, "5.15.109": { + "CVE-2023-2156": { + "cmt_msg": "net: rpl: fix rpl header size calculation", + "cmt_id": "4eee0d9d3c1117aa4a1c9f4c7f29287107e7c084" + }, "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg", "cmt_id": "1ffc0e8105510cb826cb9d27ed1820a1131c82d4" @@ -116846,6 +117394,12 @@ "cmt_id": "e11765cea2050fa25fc3e03da858e83284c5ce79" } }, + "5.15.112": { + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "6d9a705a653eb146b4991dbd198b258f787c70b1" + } + }, "5.15.113": { "CVE-2022-48425": { "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs", @@ -116877,9 +117431,6 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, @@ -116934,9 +117485,6 @@ "CVE-2023-0597": { "cmt_msg": "x86/mm: Randomize per-cpu entry area" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2020-15802": { "cmt_msg": "" }, @@ -116946,6 +117494,9 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, @@ -117111,9 +117662,6 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2021-39801": { "cmt_msg": "" }, @@ -117147,6 +117695,9 @@ "CVE-2021-3542": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, @@ -117209,6 +117760,9 @@ }, "CVE-2023-23039": { "cmt_msg": "" + }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" } } }, @@ -117574,9 +118128,6 @@ "CVE-2019-11478": { "cmt_msg": "tcp: tcp_fragment() should apply sane memory limits" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -117619,6 +118170,9 @@ "CVE-2019-17054": { "cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -118393,6 +118947,9 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2019-13233": { "cmt_msg": "x86/insn-eval: Fix use-after-free access to LDT entry" }, @@ -118438,6 +118995,9 @@ "CVE-2021-37159": { "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2021-29154": { "cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64" }, @@ -118645,6 +119205,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2019-19536": { "cmt_msg": "can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices" }, @@ -118691,7 +119254,7 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -118807,9 +119370,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -119062,6 +119622,9 @@ "CVE-2019-19525": { "cmt_msg": "ieee802154: atusb: fix use-after-free at disconnect" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -119152,9 +119715,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -119290,6 +119850,9 @@ "CVE-2023-0160": { "cmt_msg": "" }, + "CVE-2023-3022": { + "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" + }, "CVE-2022-2663": { "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic" }, @@ -119887,6 +120450,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -122218,6 +122784,12 @@ "cmt_id": "04df9719df1865f6770af9bc7880874af0e594b2" } }, + "5.4.223": { + "CVE-2023-0615": { + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases", + "cmt_id": "d8f479c777b413ba42c63e1a5ce6eee3d25b6714" + } + }, "5.4.224": { "CVE-2022-3628": { "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()", @@ -122395,6 +122967,18 @@ } }, "5.4.235": { + "CVE-2023-1829": { + "cmt_msg": "net/sched: Retire tcindex classifier", + "cmt_id": "7a6fb69bbcb21e9ce13bdf18c008c268874f0480" + }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", + "cmt_id": "3776ef785e1005355cdd86c751a8e838bac8e2e8" + }, + "CVE-2023-1079": { + "cmt_msg": "HID: asus: use spinlock to safely schedule workers", + "cmt_id": "dd08e68d04d08d2f42b09162c939a0b0841216cc" + }, "CVE-2023-1076": { "cmt_msg": "tun: tun_chr_open(): correctly initialize socket uid", "cmt_id": "d92d87000eda9884d49f1acec1c1fccd63cd9b11" @@ -122403,14 +122987,6 @@ "cmt_msg": "sched/rt: pick_next_rt_entity(): check list_entry", "cmt_id": "084cd75643b61fb924f70cba98a71dea14942938" }, - "CVE-2023-1079": { - "cmt_msg": "HID: asus: use spinlock to safely schedule workers", - "cmt_id": "dd08e68d04d08d2f42b09162c939a0b0841216cc" - }, - "CVE-2023-1829": { - "cmt_msg": "net/sched: Retire tcindex classifier", - "cmt_id": "7a6fb69bbcb21e9ce13bdf18c008c268874f0480" - }, "CVE-2023-1118": { "cmt_msg": "media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()", "cmt_id": "d120334278b370b6a1623a75ebe53b0c76cb247c" @@ -122497,6 +123073,10 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()", "cmt_id": "425eea395f1f5ae349fb55f7fe51d833a5324bfe" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum", + "cmt_id": "4f4fd982d972a55dee129f7da517b81fa16c408d" + }, "CVE-2023-32233": { "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase", "cmt_id": "c8b6063f13add68f89540aa5030ceee875f48aa2" @@ -122510,6 +123090,16 @@ "cmt_id": "29a1ef57c3be1d53ecadb749d45b0636e8245a89" } }, + "5.4.244": { + "CVE-2022-39189": { + "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries", + "cmt_id": "1eb3e32de7b1f6ed927dfff3ab3651ce25f3d516" + }, + "CVE-2022-34918": { + "cmt_msg": "netfilter: nf_tables: stricter validation of element data", + "cmt_id": "05b4105e6852b584dd115d0a1f0fe96bde9c58c5" + } + }, "outstanding": { "CVE-2023-0160": { "cmt_msg": "" @@ -122544,12 +123134,12 @@ "CVE-2018-1121": { "cmt_msg": "" }, - "CVE-2023-0615": { - "cmt_msg": "" - }, "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2022-3061": { "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero" }, @@ -122658,12 +123248,12 @@ "CVE-2008-2544": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-3636": { "cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()" }, - "CVE-2022-34918": { - "cmt_msg": "netfilter: nf_tables: stricter validation of element data" - }, "CVE-2019-15239": { "cmt_msg": "unknown" }, @@ -122679,9 +123269,6 @@ "CVE-2022-45919": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -122718,9 +123305,6 @@ "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2022-47946": { "cmt_msg": "io_uring: kill sqo_dead and sqo submission halting" }, @@ -122757,9 +123341,6 @@ "CVE-2013-7445": { "cmt_msg": "" }, - "CVE-2022-39189": { - "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries" - }, "CVE-2022-39188": { "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas" }, @@ -122868,6 +123449,9 @@ "CVE-2022-3567": { "cmt_msg": "ipv6: Fix data races around sk->sk_prot." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3566": { "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops." }, @@ -122892,9 +123476,6 @@ "CVE-2020-29534": { "cmt_msg": "io_uring: don't rely on weak ->files references" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2012-4542": { "cmt_msg": "" }, @@ -123008,6 +123589,9 @@ }, "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" + }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" } } }, @@ -123368,7 +123952,7 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-19378": { "cmt_msg": "" @@ -123503,7 +124087,7 @@ "cmt_msg": "ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-0597": { "cmt_msg": "x86/mm: Randomize per-cpu entry area" @@ -123724,6 +124308,9 @@ "CVE-2023-26242": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -123793,6 +124380,9 @@ "CVE-2020-14304": { "cmt_msg": "" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-42719": { "cmt_msg": "wifi: mac80211: fix MBSSID parsing use-after-free" }, @@ -123841,6 +124431,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2022-3649": { "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root" }, @@ -123865,6 +124458,9 @@ "CVE-2011-4917": { "cmt_msg": "" }, + "CVE-2023-30772": { + "cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition" + }, "CVE-2019-15902": { "cmt_msg": "unknown" }, @@ -123916,9 +124512,6 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -123988,6 +124581,9 @@ "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2022-2308": { "cmt_msg": "vduse: prevent uninitialized memory accesses" }, @@ -124003,8 +124599,8 @@ "CVE-2015-2877": { "cmt_msg": "" }, - "CVE-2023-30772": { - "cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition" + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2023-1611": { "cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls" @@ -124072,6 +124668,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-3977": { "cmt_msg": "mctp: prevent double key removal and unref" }, @@ -124266,6 +124865,10 @@ "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR", "cmt_id": "c2a878095b5c6f04f90553a3c45872f990dab14e" }, + "CVE-2022-3535": { + "cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak", + "cmt_id": "169aa2664639de359a7c723ba55023ef57c0dc15" + }, "CVE-2022-3594": { "cmt_msg": "r8152: Rate limit overflow messages", "cmt_id": "2e896abccf99fef76691d8e1019bd44105a12e1f" @@ -124328,7 +124931,7 @@ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2023-21106": { "cmt_msg": "drm/msm/gpu: Fix potential double-free" @@ -124336,6 +124939,9 @@ "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, @@ -124439,7 +125045,7 @@ "cmt_msg": "ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob" }, "CVE-2023-2156": { - "cmt_msg": "" + "cmt_msg": "net: rpl: fix rpl header size calculation" }, "CVE-2023-31084": { "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" @@ -124549,9 +125155,6 @@ "CVE-2022-3534": { "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups" }, - "CVE-2022-3535": { - "cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak" - }, "CVE-2022-1247": { "cmt_msg": "" }, @@ -124633,6 +125236,9 @@ "CVE-2023-26242": { "cmt_msg": "" }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2005-3660": { "cmt_msg": "" }, @@ -124672,6 +125278,9 @@ "CVE-2022-3523": { "cmt_msg": "mm/memory.c: fix race when faulting a device private page" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2022-36402": { "cmt_msg": "" }, @@ -124756,6 +125365,9 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2022-3649": { "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root" }, @@ -124831,9 +125443,6 @@ "CVE-2018-12931": { "cmt_msg": "" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -124906,6 +125515,9 @@ "CVE-2023-32254": { "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2018-12929": { "cmt_msg": "" }, @@ -124984,6 +125596,9 @@ "CVE-2023-23039": { "cmt_msg": "" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2022-3977": { "cmt_msg": "mctp: prevent double key removal and unref" }, @@ -125527,9 +126142,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -125566,6 +126178,9 @@ "CVE-2023-1073": { "cmt_msg": "HID: check empty report_list in hid_validate_values()" }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" + }, "CVE-2020-29661": { "cmt_msg": "tty: Fix ->pgrp locking in tiocspgrp()" }, @@ -126235,6 +126850,9 @@ "CVE-2020-12771": { "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2020-16166": { "cmt_msg": "random32: update the net random state on interrupt and activity" }, @@ -126397,6 +127015,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-3600": { "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" }, @@ -126422,7 +127043,7 @@ "cmt_msg": "" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, "CVE-2019-14896": { "cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor" @@ -126517,9 +127138,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" }, @@ -126748,6 +127366,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -126820,9 +127441,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-26490": { "cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION" }, @@ -127345,6 +127963,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -127435,6 +128056,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" }, @@ -127811,9 +128435,6 @@ "CVE-2022-1247": { "cmt_msg": "" }, - "CVE-2023-28410": { - "cmt_msg": "drm/i915/gem: add missing boundary check in vm_access" - }, "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, @@ -128417,6 +129038,9 @@ "CVE-2020-12771": { "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce" }, + "CVE-2023-2898": { + "cmt_msg": "" + }, "CVE-2020-16166": { "cmt_msg": "random32: update the net random state on interrupt and activity" }, @@ -128555,6 +129179,9 @@ "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, + "CVE-2022-48502": { + "cmt_msg": "fs/ntfs3: Check fields while reading" + }, "CVE-2021-3600": { "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod" }, @@ -128571,7 +129198,10 @@ "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, "CVE-2023-0615": { - "cmt_msg": "" + "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" + }, + "CVE-2023-3006": { + "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list" }, "CVE-2022-3586": { "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child" @@ -128639,9 +129269,6 @@ "CVE-2016-8660": { "cmt_msg": "" }, - "CVE-2023-2156": { - "cmt_msg": "" - }, "CVE-2023-1582": { "cmt_msg": "fs/proc: task_mmu.c: don't read mapcount for migration entry" }, @@ -128843,6 +129470,9 @@ "CVE-2022-41850": { "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()" }, + "CVE-2023-2985": { + "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super" + }, "CVE-2020-14390": { "cmt_msg": "fbcon: remove soft scrollback code" }, @@ -128909,9 +129539,6 @@ "CVE-2021-20321": { "cmt_msg": "ovl: fix missing negative dentry check in ovl_rename()" }, - "CVE-2023-33250": { - "cmt_msg": "" - }, "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, @@ -129380,6 +130007,9 @@ "CVE-2021-29650": { "cmt_msg": "netfilter: x_tables: Use correct memory barriers." }, + "CVE-2023-34255": { + "cmt_msg": "xfs: verify buffer contents when we skip log replay" + }, "CVE-2022-41849": { "cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()" }, @@ -129470,6 +130100,9 @@ "CVE-2022-1679": { "cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb" }, + "CVE-2023-34256": { + "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum" + }, "CVE-2023-1513": { "cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace" },
diff --git a/data/stream_fixes.json b/data/stream_fixes.json index e8cc474..3e8c567 100644 --- a/data/stream_fixes.json +++ b/data/stream_fixes.json
@@ -32888,6 +32888,10 @@ } }, "CVE-2022-2586": { + "4.14": { + "cmt_id": "4e0dbab570defe5b747578cbea8e07f9d0709bec", + "fixed_version": "4.14.316" + }, "4.19": { "cmt_id": "77d3b5038b7462318f5183e2ad704b01d57215a2", "fixed_version": "4.19.256" @@ -34396,6 +34400,14 @@ } }, "CVE-2022-34918": { + "4.14": { + "cmt_id": "acd3e18fbcae6c5f9d79d75455569fc132227162", + "fixed_version": "4.14.316" + }, + "4.19": { + "cmt_id": "835fd72f61c6162f10471df197f0e4b92b1a7b76", + "fixed_version": "4.19.284" + }, "5.10": { "cmt_id": "0a5e36dbcb448a7a8ba63d1d4b6ade2c9d3cc8bf", "fixed_version": "5.10.130" @@ -34407,6 +34419,10 @@ "5.18": { "cmt_id": "6b7488071ea8ed6265a39afebd5a5920f6975d02", "fixed_version": "5.18.11" + }, + "5.4": { + "cmt_id": "05b4105e6852b584dd115d0a1f0fe96bde9c58c5", + "fixed_version": "5.4.244" } }, "CVE-2022-3521": { @@ -34526,6 +34542,10 @@ "cmt_id": "a624161ebe0c678c10c4c82b574fed6c04d552d8", "fixed_version": "5.15.75" }, + "5.19": { + "cmt_id": "169aa2664639de359a7c723ba55023ef57c0dc15", + "fixed_version": "5.19.17" + }, "5.4": { "cmt_id": "72c0d361940aec02d114d6f8f351147b85190464", "fixed_version": "5.4.220" @@ -35225,6 +35245,10 @@ "5.18": { "cmt_id": "719492d2bc3b99c067076bddc62e63cda8ad16e2", "fixed_version": "5.18.17" + }, + "5.4": { + "cmt_id": "1eb3e32de7b1f6ed927dfff3ab3651ce25f3d516", + "fixed_version": "5.4.244" } }, "CVE-2022-39190": { @@ -35590,6 +35614,10 @@ } }, "CVE-2022-4269": { + "5.10": { + "cmt_id": "53245103786312f21fb9785327a4367cf10f0dbb", + "fixed_version": "5.10.181" + }, "5.15": { "cmt_id": "169a41073993add6b0cfdc44e168e75f92f4834d", "fixed_version": "5.15.105" @@ -36415,6 +36443,36 @@ "fixed_version": "6.0.6" } }, + "CVE-2023-0615": { + "4.14": { + "cmt_id": "b0e20af206273e90d47647e7c806ddcc0a401f65", + "fixed_version": "4.14.298" + }, + "4.19": { + "cmt_id": "29385e601f3420cfe46550271714b6685719eb33", + "fixed_version": "4.19.264" + }, + "4.9": { + "cmt_id": "e1b5b061987d56d7b64da962fec3be4ae7e78300", + "fixed_version": "4.9.332" + }, + "5.10": { + "cmt_id": "147b8f1892aaa474f912ac75babfd316ee0de672", + "fixed_version": "5.10.153" + }, + "5.15": { + "cmt_id": "0f83edbe4fe95d9c68b32aebe07fe413bcf92afe", + "fixed_version": "5.15.77" + }, + "5.4": { + "cmt_id": "d8f479c777b413ba42c63e1a5ce6eee3d25b6714", + "fixed_version": "5.4.223" + }, + "6.0": { + "cmt_id": "74e2e978d1e36c3b67e998e779c02cbc8f481527", + "fixed_version": "6.0.7" + } + }, "CVE-2023-1032": { "6.1": { "cmt_id": "7c7570791b15c3b78e3229ae97825e7eb869c7da", @@ -37221,6 +37279,24 @@ "fixed_version": "6.1.9" } }, + "CVE-2023-2156": { + "5.10": { + "cmt_id": "c972851d3848647f57cd8d5625c48663410c3f96", + "fixed_version": "5.10.179" + }, + "5.15": { + "cmt_id": "4eee0d9d3c1117aa4a1c9f4c7f29287107e7c084", + "fixed_version": "5.15.109" + }, + "6.1": { + "cmt_id": "9a0b96d03c59ba560b074cdb9b6233493fd5492d", + "fixed_version": "6.1.26" + }, + "6.2": { + "cmt_id": "191642f5cfb38c0e44fb4783a37530bae15b8f8e", + "fixed_version": "6.2.13" + } + }, "CVE-2023-2162": { "4.14": { "cmt_id": "496af9d3682ed4c28fb734342a09e6cc0c056ea4", @@ -37881,6 +37957,50 @@ "fixed_version": "6.2.9" } }, + "CVE-2023-2985": { + "4.14": { + "cmt_id": "a9433406837c211af58a533d9e6f7a8f865b01f3", + "fixed_version": "4.14.308" + }, + "4.19": { + "cmt_id": "e226f1fdcee1ca6e68233b132718deb578a84e38", + "fixed_version": "4.19.276" + }, + "5.10": { + "cmt_id": "ef7d71d7bd57b8b7fe514e459927696c1c6d1047", + "fixed_version": "5.10.173" + }, + "5.15": { + "cmt_id": "05103d88482dc3757db108415342fdd86821a79b", + "fixed_version": "5.15.99" + }, + "5.4": { + "cmt_id": "3776ef785e1005355cdd86c751a8e838bac8e2e8", + "fixed_version": "5.4.235" + }, + "6.1": { + "cmt_id": "0c80bef0b7d297ea86e5408fe79c45479e504a26", + "fixed_version": "6.1.16" + }, + "6.2": { + "cmt_id": "f348b373cebeaa91bf3552099026951189f14436", + "fixed_version": "6.2.3" + } + }, + "CVE-2023-3006": { + "5.10": { + "cmt_id": "52a43b82006dc88f996bd06da5a3fcfef85220c8", + "fixed_version": "5.10.153" + }, + "5.15": { + "cmt_id": "52c2329147cf5d956dcaa3a91c886c550e7bdd39", + "fixed_version": "5.15.77" + }, + "6.0": { + "cmt_id": "5b962b004afa3c11e651c07232f2402b4678007b", + "fixed_version": "6.0.7" + } + }, "CVE-2023-30456": { "4.19": { "cmt_id": "495adb06518bb10f50e1aa1a1dbd5daa47d118f2", @@ -38090,5 +38210,35 @@ "cmt_id": "2da4b860f3055ae40a809c020398778e6c27b856", "fixed_version": "6.2.9" } + }, + "CVE-2023-34256": { + "4.14": { + "cmt_id": "64b7487e3769e013fc7edb3804d1a769747f0228", + "fixed_version": "4.14.315" + }, + "4.19": { + "cmt_id": "a733c466cedd1013a41fd8908d5810f2c161072f", + "fixed_version": "4.19.283" + }, + "5.10": { + "cmt_id": "0dde3141c527b09b96bef1e7eeb18b8127810ce9", + "fixed_version": "5.10.180" + }, + "5.15": { + "cmt_id": "6d9a705a653eb146b4991dbd198b258f787c70b1", + "fixed_version": "5.15.112" + }, + "5.4": { + "cmt_id": "4f4fd982d972a55dee129f7da517b81fa16c408d", + "fixed_version": "5.4.243" + }, + "6.1": { + "cmt_id": "1fffe4750500148f3e744ed77cf233db8342603f", + "fixed_version": "6.1.29" + }, + "6.2": { + "cmt_id": "c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f", + "fixed_version": "6.2.16" + } } } \ No newline at end of file