Update 19Jul23
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index e9a8d06..938f81f 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,36 +1,59 @@
# **Linux Kernel CVE Changes**
-## Last Update - 06Jul23 11:28
+## Last Update - 19Jul23 12:53
### **New CVEs Added:**
-[CVE-2023-1295](cves/CVE-2023-1295)
-[CVE-2023-31248](cves/CVE-2023-31248)
-[CVE-2023-3269](cves/CVE-2023-3269)
-[CVE-2023-35001](cves/CVE-2023-35001)
+[CVE-2023-21255](cves/CVE-2023-21255)
+[CVE-2023-3106](cves/CVE-2023-3106)
+[CVE-2023-3108](cves/CVE-2023-3108)
+[CVE-2023-32247](cves/CVE-2023-32247)
+[CVE-2023-32248](cves/CVE-2023-32248)
+[CVE-2023-32252](cves/CVE-2023-32252)
+[CVE-2023-32257](cves/CVE-2023-32257)
+[CVE-2023-32258](cves/CVE-2023-32258)
+[CVE-2023-3567](cves/CVE-2023-3567)
+[CVE-2023-35693](cves/CVE-2023-35693)
+[CVE-2023-3640](cves/CVE-2023-3640)
+[CVE-2023-37453](cves/CVE-2023-37453)
+[CVE-2023-37454](cves/CVE-2023-37454)
+[CVE-2023-38409](cves/CVE-2023-38409)
+[CVE-2023-38426](cves/CVE-2023-38426)
+[CVE-2023-38427](cves/CVE-2023-38427)
+[CVE-2023-38428](cves/CVE-2023-38428)
+[CVE-2023-38429](cves/CVE-2023-38429)
+[CVE-2023-38430](cves/CVE-2023-38430)
+[CVE-2023-38431](cves/CVE-2023-38431)
+[CVE-2023-38432](cves/CVE-2023-38432)
### **New Versions Checked:**
-[5.15.120](streams/5.15)
-[6.1.38](streams/6.1)
-[6.3.12](streams/6.3)
+[6.3.13](streams/6.3)
### **Updated CVEs:**
-[CVE-2017-1000405](cves/CVE-2017-1000405)
-[CVE-2023-2513](cves/CVE-2023-2513)
-[CVE-2023-2860](cves/CVE-2023-2860)
+[CVE-2015-8966](cves/CVE-2015-8966)
+[CVE-2022-3646](cves/CVE-2022-3646)
+[CVE-2023-1192](cves/CVE-2023-1192)
+[CVE-2023-2163](cves/CVE-2023-2163)
+[CVE-2023-2898](cves/CVE-2023-2898)
+[CVE-2023-31248](cves/CVE-2023-31248)
+[CVE-2023-3269](cves/CVE-2023-3269)
+[CVE-2023-3338](cves/CVE-2023-3338)
+[CVE-2023-3355](cves/CVE-2023-3355)
+[CVE-2023-35001](cves/CVE-2023-35001)
+[CVE-2023-0160](cves/CVE-2023-0160)
+[CVE-2023-1206](cves/CVE-2023-1206)
+[CVE-2023-1295](cves/CVE-2023-1295)
[CVE-2023-3090](cves/CVE-2023-3090)
+[CVE-2023-32250](cves/CVE-2023-32250)
+[CVE-2023-32254](cves/CVE-2023-32254)
+[CVE-2023-3357](cves/CVE-2023-3357)
+[CVE-2023-3358](cves/CVE-2023-3358)
+[CVE-2023-3359](cves/CVE-2023-3359)
[CVE-2023-3389](cves/CVE-2023-3389)
[CVE-2023-3390](cves/CVE-2023-3390)
-[CVE-2023-33951](cves/CVE-2023-33951)
-[CVE-2023-33952](cves/CVE-2023-33952)
[CVE-2023-3439](cves/CVE-2023-3439)
-[CVE-2023-1206](cves/CVE-2023-1206)
-[CVE-2023-3022](cves/CVE-2023-3022)
-[CVE-2023-3212](cves/CVE-2023-3212)
-[CVE-2023-3317](cves/CVE-2023-3317)
-[CVE-2023-3338](cves/CVE-2023-3338)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 30e3e69..ca6a2f1 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1256,7 +1256,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
@@ -1270,35 +1269,48 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
+CVE-2023-3108: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index cb4460d..fe6bcaa 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1394,7 +1394,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
@@ -1408,35 +1407,48 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
+ CVE-2023-3108: (unk) crypto: fix af_alg_make_sg() conversion to iov_iter
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 622e11e..bbbd463 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1225,7 +1225,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
@@ -1239,35 +1238,49 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
+CVE-2023-3108: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index 2d2e9b2..b14f91f 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1359,7 +1359,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
@@ -1373,35 +1372,49 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
+ CVE-2023-3108: (unk) crypto: fix af_alg_make_sg() conversion to iov_iter
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index a2148dc..9e87460 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1213,7 +1213,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
@@ -1227,36 +1226,51 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
+CVE-2023-3106: Fixed with 3.16.39
+CVE-2023-3108: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index a44d66e..297bce9 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -249,6 +249,7 @@
CVE-2016-8658: df523e7adf0595cf509f6382af7ed801ab0bd108 brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()
CVE-2016-9083: 6593fe0cbdc77241f58e75d049296d1fba37d484 vfio/pci: Fix integer overflows, bitmask check
CVE-2016-9084: 6593fe0cbdc77241f58e75d049296d1fba37d484 vfio/pci: Fix integer overflows, bitmask check
+ CVE-2023-3106: 2dcb72918e387fd1d0af40c1c351822bfe1acf63 xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVEs fixed in 3.16.40:
CVE-2015-8962: 79cfd63480a7c4b48c6c329fab1bde569e0a4ac2 sg: Fix double-free when drives detach during SG_IO
@@ -1319,7 +1320,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
@@ -1333,36 +1333,50 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
+ CVE-2023-3108: (unk) crypto: fix af_alg_make_sg() conversion to iov_iter
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index 23e899d..27143ea 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -120,7 +120,7 @@
CVE-2015-8962: Fixed with 3.18.54
CVE-2015-8963: Fixed with 3.18.54
CVE-2015-8964: Fixed with 3.18.55
-CVE-2015-8966: Fix not seen in stream
+CVE-2015-8966: Fixed with 3.18.42
CVE-2015-8967: Fixed with 3.18.54
CVE-2015-8970: Fixed with 3.18.31
CVE-2015-9004: Fixed with 3.18.52
@@ -1200,7 +1200,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
@@ -1214,36 +1213,51 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
+CVE-2023-3108: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index 8171211..47609d3 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -213,6 +213,9 @@
CVE-2016-5696: 0efba8d124de904db7766645561a6f39c501f2c1 tcp: make challenge acks less predictable
CVE-2016-6480: 30c2bbd8a7b7ff3b6849d6ce1a69d4db9e40183b aacraid: Check size values after double-fetch from user
+CVEs fixed in 3.18.42:
+ CVE-2015-8966: db9e37a1c5f21cec095da9ed53a2c0cbeeb24ee6 [PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()
+
CVEs fixed in 3.18.43:
CVE-2016-9178: e58d9a8251584d92976d4cc7f46ab30963c9e99a fix minor infoleak in get_user_ex()
@@ -686,7 +689,6 @@
CVE-2015-8845: (unk) powerpc/tm: Check for already reclaimed tasks
CVE-2015-8952: (unk) ext2: convert to mbcache2
CVE-2015-8953: (unk) ovl: fix dentry reference leak
- CVE-2015-8966: (unk) [PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()
CVE-2016-10044: (unk) aio: mark AIO pseudo-fs noexec
CVE-2016-10147: (unk) crypto: mcryptd - Check mcryptd algorithm compatibility
CVE-2016-10723: (unk) mm, oom: remove sleep from under oom_lock
@@ -1434,7 +1436,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
@@ -1448,36 +1449,51 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
+ CVE-2023-3108: (unk) crypto: fix af_alg_make_sg() conversion to iov_iter
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index 1a0e11b..f32d021 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1225,7 +1225,6 @@
CVE-2023-2007: Fix not seen in stream
CVE-2023-20941: Fix unknown
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
CVE-2023-22995: Fix not seen in stream
@@ -1238,34 +1237,47 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
+CVE-2023-3108: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index fe4d0a4..de8d5f8 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1383,7 +1383,6 @@
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
@@ -1396,34 +1395,47 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
+ CVE-2023-3108: (unk) crypto: fix af_alg_make_sg() conversion to iov_iter
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 7ae2a41..c5fc24a 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1165,7 +1165,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
CVE-2023-2269: Fix not seen in stream
@@ -1180,38 +1179,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index 1f35370..3dc390e 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1263,7 +1263,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
@@ -1278,38 +1277,52 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index 26f9235..c25073b 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -1074,7 +1074,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1092,7 +1091,6 @@
CVE-2023-28328: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1105,27 +1103,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index 033874f..a811be2 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -1108,7 +1108,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1126,7 +1125,6 @@
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1139,27 +1137,41 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index 76cd188..cd609fd 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -1046,7 +1046,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1064,7 +1063,6 @@
CVE-2023-28328: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1077,27 +1075,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index 3d0a35f..8245422 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -1068,7 +1068,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1086,7 +1085,6 @@
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1099,27 +1097,41 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index 9545eb5..eebc022 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -1033,7 +1033,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1051,7 +1050,6 @@
CVE-2023-28328: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1064,27 +1062,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 3bc5258..42674df 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -1059,7 +1059,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1077,7 +1076,6 @@
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1090,27 +1088,41 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index a285ca9..cbcc695 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -1017,7 +1017,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1036,7 +1035,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1049,27 +1047,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 402eedf..2934cd7 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -1045,7 +1045,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1064,7 +1063,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1077,27 +1075,41 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index 09c3511..ed9a6a5 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -987,7 +987,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fixed with 4.14.306
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fixed with 4.14.312
CVE-2023-2248: Fixed with 4.14.314
@@ -1007,7 +1006,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fixed with 4.14.293
CVE-2023-28772: Fixed with 4.14.240
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fixed with 4.14.308
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1020,27 +1018,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fixed with 4.14.318
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fixed with 4.14.316
CVE-2023-31436: Fixed with 4.14.314
CVE-2023-3159: Fixed with 4.14.278
CVE-2023-3161: Fixed with 4.14.306
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fixed with 4.14.315
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fixed with 4.14.306
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fixed with 4.14.312
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fixed with 4.14.319
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fixed with 4.14.305
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fixed with 4.14.315
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fixed with 4.14.315
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index a5021c9..befab47 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1545,14 +1545,12 @@
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
CVE-2023-23039: (unk)
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
- CVE-2023-2898: (unk)
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -1561,16 +1559,30 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index c75d516..2fa6ff8 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -939,7 +939,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -960,7 +959,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -973,28 +971,42 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index b613b1b..94d7f33 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -971,7 +971,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -992,7 +991,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1005,28 +1003,42 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index 1bb995b..ace315b 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -919,7 +919,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -940,7 +939,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -953,28 +951,42 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 3dcddeb..8eafdcd 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -951,7 +951,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -972,7 +971,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -985,28 +983,42 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 7d58d77..a559ce1 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -901,7 +901,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -922,7 +921,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -935,28 +933,42 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 119373c..83a242b 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -933,7 +933,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -954,7 +953,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -967,28 +965,42 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index a1e044c..28d26f8 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -879,7 +879,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -900,7 +899,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -913,28 +911,42 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index b299441..5277382 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -911,7 +911,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -932,7 +931,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -945,28 +943,42 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 4930390..9e5ce47 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -858,7 +858,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fixed with 4.19.273
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fixed with 4.19.280
@@ -880,7 +879,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fixed with 4.19.258
CVE-2023-28772: Fixed with 4.19.198
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fixed with 4.19.276
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -893,7 +891,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fixed with 4.19.286
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fixed with 4.19.284
CVE-2023-31436: Fixed with 4.19.282
CVE-2023-3159: Fixed with 4.19.242
@@ -901,23 +898,38 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fixed with 4.19.276
CVE-2023-32233: Fixed with 4.19.283
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fixed with 4.19.273
CVE-2023-3268: Fixed with 4.19.283
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fixed with 4.19.280
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fixed with 4.19.287
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fixed with 4.19.272
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fixed with 4.19.283
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fixed with 4.19.273
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 4.19.285
CVE-2023-35823: Fixed with 4.19.283
CVE-2023-35824: Fixed with 4.19.283
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 4.19.283
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 3c5cf7a..550ed93 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -1113,6 +1113,7 @@
CVE-2023-26545: aa07c86e43ed8780d610ecfb2ce13da326729201 net: mpls: fix stale pointer if allocation fails during device rename
CVE-2023-3161: 1c3d4901fad1db6a4e2dcdd6b13ed0ea22f227a1 fbcon: Check font dimension limits
CVE-2023-32269: 2c1984d101978e979783bdb2376eb6eca9f8f627 netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-3567: 6332f52f44b9776568bf3c0b714ddfb0bb175e78 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVEs fixed in 4.19.274:
CVE-2022-3707: c5245a6cf83ca5c4b68d643f8b31ed0eb127126e drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
@@ -1350,7 +1351,6 @@
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
@@ -1359,7 +1359,6 @@
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-26242: (unk)
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
- CVE-2023-2898: (unk)
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-31081: (unk)
@@ -1367,15 +1366,28 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index df92d69..292ca29 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -853,7 +853,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -876,7 +875,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -889,7 +887,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -897,23 +894,38 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index d7bc4b6..2e03c24 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -885,7 +885,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -908,7 +907,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -921,7 +919,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -929,23 +926,38 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index 3e41695..465f71c 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1165,7 +1165,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1181,38 +1180,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index c17773d..03559b1 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1181,7 +1181,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1197,38 +1196,52 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index c4551b9..2bbb33e 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1146,7 +1146,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1162,38 +1161,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fixed with 4.4.276
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fixed with 4.4.223
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index 8b49f66..b2f2b9b 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -951,6 +951,9 @@
CVE-2020-0255: 92b5848736395f4ea56738895acdd09cdc2a93da selinux: properly handle multiple messages in selinux_netlink_send()
CVE-2020-10751: 92b5848736395f4ea56738895acdd09cdc2a93da selinux: properly handle multiple messages in selinux_netlink_send()
+CVEs fixed in 4.4.223:
+ CVE-2023-3106: 0cbb0084fa2b444b7316a0967a0d93f5ae520216 xfrm: fix crash in XFRM_MSG_GETSA netlink handler
+
CVEs fixed in 4.4.224:
CVE-2019-19768: 3d5d64aea941a45efda1bd02c0ec8dd57e8ce4ca blktrace: Protect q->blk_trace with RCU
CVE-2020-0433: fa9355afd5b07707e15a5f75b854f04a9c14a798 blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
@@ -1631,7 +1634,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1646,7 +1648,6 @@
CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1659,25 +1660,39 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index 8711288..9904822 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1129,7 +1129,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1145,38 +1144,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 9cfbffd..4d927f4 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1145,7 +1145,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1161,38 +1160,52 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 0c25324..b51a481 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -1102,7 +1102,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1118,38 +1117,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index 649b63e..c57c05b 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -1120,7 +1120,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1136,38 +1135,52 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index 5ab1755..438e6af 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -1085,7 +1085,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1101,38 +1100,52 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
CVE-2023-30772: Fix not seen in stream
CVE-2023-3090: Fix not seen in stream
+CVE-2023-3106: Fix not seen in stream
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index f38ab10..0b3d023 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -1105,7 +1105,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1121,38 +1120,52 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
+ CVE-2023-3106: (unk) xfrm: fix crash in XFRM_MSG_GETSA netlink handler
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 5d17d5a..e3e20ac 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -1089,7 +1089,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1105,7 +1104,6 @@
CVE-2023-26607: Fix not seen in stream
CVE-2023-28328: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1118,25 +1116,39 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index b962083..9ceb466 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -1119,7 +1119,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1135,7 +1134,6 @@
CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find()
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1148,25 +1146,39 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index b531a35..a2594d1 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -1090,7 +1090,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
CVE-2023-2248: Fix not seen in stream
@@ -1107,7 +1106,6 @@
CVE-2023-26607: Fixed with 4.9.334
CVE-2023-28328: Fixed with 4.9.337
CVE-2023-28772: Fixed with 4.9.276
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -1120,27 +1118,41 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fixed with 4.9.313
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index 2b29b0d..88beea7 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1641,7 +1641,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2248: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
@@ -1654,7 +1653,6 @@
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -1667,26 +1665,40 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index a1fedff..6d37d81 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -832,7 +832,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -855,7 +854,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -868,7 +866,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -876,23 +873,38 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index d25427f..c0d55b8 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -880,7 +880,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -903,7 +902,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -916,7 +914,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -924,23 +921,38 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index 35afe6a..aebcc8f 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -810,7 +810,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -833,7 +832,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-3022: Fix not seen in stream
@@ -846,7 +844,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -854,24 +851,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index bc53586..0b8ccb8 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -846,7 +846,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -869,7 +868,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently
@@ -882,7 +880,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -890,24 +887,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index 9835635..9965965 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -578,7 +578,7 @@
CVE-2023-28466: Fixed with 5.10.177
CVE-2023-2860: Fixed with 5.10.143
CVE-2023-28772: Fixed with 5.10.51
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fixed with 5.10.173
CVE-2023-3006: Fixed with 5.10.153
CVE-2023-30456: Fixed with 5.10.176
@@ -590,7 +590,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fixed with 5.10.184
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fixed with 5.10.181
CVE-2023-31436: Fixed with 5.10.179
CVE-2023-3159: Fixed with 5.10.115
@@ -598,25 +598,40 @@
CVE-2023-3212: Fixed with 5.10.183
CVE-2023-3220: Fixed with 5.10.173
CVE-2023-32233: Fixed with 5.10.180
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fixed with 5.10.168
CVE-2023-3268: Fixed with 5.10.180
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fixed with 5.10.177
CVE-2023-33288: Fixed with 5.10.177
CVE-2023-3338: Fixed with 5.10.185
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fixed with 5.10.166
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fixed with 5.10.184
CVE-2023-34256: Fixed with 5.10.180
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fixed with 5.10.168
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 5.10.183
CVE-2023-35823: Fixed with 5.10.180
CVE-2023-35824: Fixed with 5.10.180
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 5.10.180
CVE-2023-35829: Fixed with 5.10.180
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index 18fdf00..aefdcb7 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -663,6 +663,7 @@
CVE-2023-2162: 9758ffe1c07b86aefd7ca8e40d9a461293427ca0 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-3161: 28d190882ba55cbcee1db8e4ae90c149178dcf64 fbcon: Check font dimension limits
CVE-2023-32269: dd6991251a1382a9b4984962a0c7a467e9d71812 netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-3567: 55515d7d8743b71b80bfe68e89eb9d92630626ab vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVEs fixed in 5.10.169:
CVE-2023-1281: eb8e9d8572d1d9df17272783ad8a84843ce559d4 net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -880,19 +881,33 @@
CVE-2023-23586: (unk) io_uring: remove io_identity
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index b1853d9..0c4d1d5 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -569,7 +569,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -581,7 +581,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -589,11 +589,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -605,10 +609,22 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 493e664..4e96e7a 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -611,7 +611,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -623,7 +623,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -631,11 +631,15 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -647,10 +651,22 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 32dbbd5..83ea004 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -521,7 +521,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fixed with 5.12.18
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -533,7 +533,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -541,11 +541,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -557,10 +561,22 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index 88075aa..5264a16 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -553,7 +553,7 @@
CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -565,7 +565,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -573,11 +573,15 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -589,10 +593,22 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 5b65e48..cdf895a 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -490,7 +490,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fixed with 5.13.3
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -502,7 +502,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -510,11 +510,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -526,10 +530,22 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index f3d1964..a7026e7 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -522,7 +522,7 @@
CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -534,7 +534,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -542,11 +542,15 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -558,10 +562,22 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index 89725ca..11ddf0e 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -464,7 +464,7 @@
CVE-2023-28410: Fix not seen in stream
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -476,7 +476,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -484,11 +484,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -500,10 +504,22 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 509d1e0..5facf6e 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -498,7 +498,7 @@
CVE-2023-28410: (unk) drm/i915/gem: add missing boundary check in vm_access
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -510,7 +510,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -518,11 +518,15 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -534,10 +538,22 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index db24d56..1f3ee92 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -384,7 +384,7 @@
CVE-2023-1079: Fixed with 5.15.99
CVE-2023-1095: Fixed with 5.15.61
CVE-2023-1118: Fixed with 5.15.99
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fixed with 5.15.113
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1206: Fix unknown
@@ -451,7 +451,7 @@
CVE-2023-28410: Fixed with 5.15.33
CVE-2023-28466: Fixed with 5.15.105
CVE-2023-2860: Fixed with 5.15.68
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fixed with 5.15.99
CVE-2023-3006: Fixed with 5.15.77
CVE-2023-30456: Fixed with 5.15.104
@@ -463,7 +463,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fixed with 5.15.63
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fixed with 5.15.113
CVE-2023-31436: Fixed with 5.15.109
CVE-2023-3159: Fixed with 5.15.39
@@ -471,11 +471,15 @@
CVE-2023-3212: Fixed with 5.15.116
CVE-2023-3220: Fixed with 5.15.99
CVE-2023-32233: Fixed with 5.15.111
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fixed with 5.15.111
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fixed with 5.15.93
CVE-2023-3268: Fixed with 5.15.111
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fixed with 5.15.105
CVE-2023-33288: Fixed with 5.15.105
CVE-2023-3338: Fixed with 5.15.118
@@ -488,10 +492,22 @@
CVE-2023-34255: Fixed with 5.15.117
CVE-2023-34256: Fixed with 5.15.112
CVE-2023-3439: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fixed with 5.15.93
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 5.15.116
CVE-2023-35823: Fixed with 5.15.111
CVE-2023-35824: Fixed with 5.15.111
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 5.15.111
CVE-2023-35829: Fixed with 5.15.111
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fixed with 5.15.113
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fixed with 5.15.113
+CVE-2023-38429: Fixed with 5.15.113
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index 3b259e1..7df2ea0 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -465,6 +465,7 @@
CVE-2023-2162: 0aaabdb900c7415caa2006ef580322f7eac5f6b6 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-3161: dccbd062d71657648efc32fdc9919b33763cc68b fbcon: Check font dimension limits
CVE-2023-32269: c27e0eac568a008cdf04ae7e4ea2d3c18717e627 netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-3567: fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVEs fixed in 5.15.94:
CVE-2022-27672: 8f12dcab90e886d0169a9cd372a8bb35339cfc19 x86/speculation: Identify processors vulnerable to SMT RSB predictions
@@ -531,6 +532,7 @@
CVEs fixed in 5.15.111:
CVE-2023-2269: e11765cea2050fa25fc3e03da858e83284c5ce79 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-32233: 21c2a454486d5e9c1517ecca19266b3be3df73ca netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32248: 227eb2689b44d0d60da3839b146983e73435924c ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-3268: 0b46ee654a9dcd330e8183856b88505a9f633f7d relayfs: fix out-of-bounds access in relay_file_read
CVE-2023-35823: 2f48c0a463a37ac76ac089ec7936f673b9a0a448 media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: c94388b5b9098db82d6ba4627ef6e41a35870818 media: dm1105: Fix use after free bug in dm1105_remove due to race condition
@@ -542,8 +544,12 @@
CVEs fixed in 5.15.113:
CVE-2022-48425: 2a67f26f70ab344ae6ea78638890eebc1191a501 fs/ntfs3: Validate MFT flags before replaying logs
+ CVE-2023-1192: 2a67f26f70ab344ae6ea78638890eebc1191a501 fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-3090: 7c8be27727fe194b4625da442ee2b854db76b200 ipvlan:Fix out-of-bounds caused by unclear skb->cb
CVE-2023-3141: 162a9b321538972a260c7b178638c2368c071f77 memstick: r592: Fix UAF bug in r592_remove due to race condition
+ CVE-2023-38426: 865be1cff2c038984fe55c9deae5461a498cfdf9 ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38428: 7657321b2624197840ef2cfa4f29ccf873d7aa9b ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: 61e043326e72b5abb02b5bc9132f2620a7faf8c5 ksmbd: allocate one more byte for implied bcc[0]
CVEs fixed in 5.15.116:
CVE-2023-3212: fd8b4e28f400a067e6ef84569816967be1f0642b gfs2: Don't deref jdesc in evict
@@ -655,7 +661,6 @@
CVE-2023-0160: (unk)
CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area
CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry
- CVE-2023-1192: (unk)
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1206: (unk)
@@ -668,18 +673,29 @@
CVE-2023-23039: (unk)
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3397: (unk)
CVE-2023-3439: (unk) mctp: defer the kfree of object mdev->addrs
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index fcc7498..f1d1611 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -351,7 +351,7 @@
CVE-2023-1079: Fix not seen in stream
CVE-2023-1095: Fix not seen in stream
CVE-2023-1118: Fix not seen in stream
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1195: Fix not seen in stream
@@ -382,6 +382,7 @@
CVE-2023-20941: Fix unknown
CVE-2023-21102: Fix not seen in stream
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
CVE-2023-2163: Fix not seen in stream
@@ -418,7 +419,7 @@
CVE-2023-28410: Fixed with 5.16.19
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -430,7 +431,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -438,11 +439,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -455,10 +460,22 @@
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
CVE-2023-3439: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 0348ecc..c919a67 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -395,7 +395,7 @@
CVE-2023-1079: (unk) HID: asus: use spinlock to safely schedule workers
CVE-2023-1095: (unk) netfilter: nf_tables: fix null deref due to zeroed list head
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
@@ -423,6 +423,7 @@
CVE-2023-20941: (unk)
CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
@@ -454,7 +455,7 @@
CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -466,7 +467,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -474,11 +475,15 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -491,10 +496,22 @@
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
CVE-2023-3439: (unk) mctp: defer the kfree of object mdev->addrs
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index f386e03..237f10f 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -296,7 +296,7 @@
CVE-2023-1079: Fix not seen in stream
CVE-2023-1095: Fix not seen in stream
CVE-2023-1118: Fix not seen in stream
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1195: Fix not seen in stream
@@ -327,6 +327,7 @@
CVE-2023-20941: Fix unknown
CVE-2023-21102: Fix not seen in stream
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
CVE-2023-2163: Fix not seen in stream
@@ -360,7 +361,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28866: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -372,7 +373,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fixed with 5.17.7
@@ -380,11 +381,15 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -399,10 +404,22 @@
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
CVE-2023-3439: Fixed with 5.17.6
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index e6d8bb5..79a753a 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -337,7 +337,7 @@
CVE-2023-1079: (unk) HID: asus: use spinlock to safely schedule workers
CVE-2023-1095: (unk) netfilter: nf_tables: fix null deref due to zeroed list head
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
@@ -363,6 +363,7 @@
CVE-2023-20941: (unk)
CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
@@ -394,7 +395,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -406,18 +407,22 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -431,10 +436,22 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index 1a29dbe..d1efb84 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -251,7 +251,7 @@
CVE-2023-1079: Fix not seen in stream
CVE-2023-1095: Fixed with 5.18.18
CVE-2023-1118: Fix not seen in stream
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1195: Fix not seen in stream
@@ -278,6 +278,7 @@
CVE-2023-20941: Fix unknown
CVE-2023-21102: Fix not seen in stream
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
CVE-2023-2163: Fix not seen in stream
@@ -310,7 +311,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28866: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -322,18 +323,22 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -348,7 +353,9 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
@@ -356,3 +363,13 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index ead0371..51a0d2f 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -295,7 +295,7 @@
CVE-2023-1078: (unk) rds: rds_rm_zerocopy_callback() use list_first_entry()
CVE-2023-1079: (unk) HID: asus: use spinlock to safely schedule workers
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
@@ -318,6 +318,7 @@
CVE-2023-20941: (unk)
CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
@@ -346,7 +347,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -358,18 +359,22 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -384,7 +389,9 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
@@ -392,3 +399,13 @@
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index b64c887..d13c2d8 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -117,7 +117,7 @@
CVE-2022-36402: Fix unknown
CVE-2022-3642: Fix unknown
CVE-2022-3643: Fix not seen in stream
-CVE-2022-3646: Fix not seen in stream
+CVE-2022-3646: Fixed with 5.19.16
CVE-2022-3649: Fix not seen in stream
CVE-2022-36946: Fixed with 5.19
CVE-2022-3707: Fix not seen in stream
@@ -207,7 +207,7 @@
CVE-2023-1079: Fix not seen in stream
CVE-2023-1095: Fix not seen in stream
CVE-2023-1118: Fix not seen in stream
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1195: Fix not seen in stream
@@ -235,6 +235,7 @@
CVE-2023-21102: Fix not seen in stream
CVE-2023-21106: Fix not seen in stream
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
CVE-2023-2163: Fix not seen in stream
@@ -266,7 +267,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28866: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -278,18 +279,22 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -304,7 +309,9 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
@@ -312,3 +319,14 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38409: Fix not seen in stream
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index 024f202..97192e8 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -57,6 +57,7 @@
CVEs fixed in 5.19.16:
CVE-2022-3621: caf2c6b580433b3d3e413a3d54b8414a94725dcd nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
+ CVE-2022-3646: 4755fcd844240857b525f6e8d8b65ee140fe9570 nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-40768: 6ae8aa5dcf0d7ada07964c8638e55d3af5896a86 scsi: stex: Properly zero out the passthrough command structure
CVE-2022-41674: 42ea11a81ac853c3e870c70d61ab435d0b09b851 wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
CVE-2022-42719: e6d77ac0132da7e73fdcc4a38dd4c40ac0226466 wifi: mac80211: fix MBSSID parsing use-after-free
@@ -168,7 +169,6 @@
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-3643: (unk) xen/netback: Ensure protocol headers don't fall in the non-linear area
- CVE-2022-3646: (unk) nilfs2: fix leak of nilfs_root in case of writer thread creation failure
CVE-2022-3649: (unk) nilfs2: fix use-after-free bug of struct nilfs_root
CVE-2022-3707: (unk) drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
CVE-2022-38096: (unk)
@@ -240,7 +240,7 @@
CVE-2023-1079: (unk) HID: asus: use spinlock to safely schedule workers
CVE-2023-1095: (unk) netfilter: nf_tables: fix null deref due to zeroed list head
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
@@ -267,6 +267,7 @@
CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include
CVE-2023-21106: (unk) drm/msm/gpu: Fix potential double-free
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
@@ -296,7 +297,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -308,18 +309,22 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -334,7 +339,9 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
@@ -342,3 +349,14 @@
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38409: (unk) fbcon: set_con2fb_map needs to set con2fb_map!
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index d77c335..41946db 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -773,7 +773,6 @@
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
-CVE-2023-2163: Fix not seen in stream
CVE-2023-2176: Fix not seen in stream
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fix not seen in stream
@@ -796,7 +795,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -808,7 +806,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -816,24 +813,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index 033a49e..3f13423 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -811,7 +811,6 @@
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
CVE-2023-2194: (unk) i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
@@ -834,7 +833,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -846,7 +844,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -854,24 +851,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index 9895fd1..6c79401 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -770,7 +770,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -782,7 +781,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -790,24 +788,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 164502b..fdb245f 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -806,7 +806,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -818,7 +817,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -826,24 +824,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index e4c100a..623d96d 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -700,7 +700,6 @@
CVE-2023-28466: Fixed with 5.4.240
CVE-2023-2860: Fixed with 5.4.213
CVE-2023-28772: Fixed with 5.4.133
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fixed with 5.4.235
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fixed with 5.4.238
@@ -712,7 +711,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fixed with 5.4.247
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fixed with 5.4.244
CVE-2023-31436: Fixed with 5.4.242
CVE-2023-3159: Fixed with 5.4.193
@@ -720,24 +718,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fixed with 5.4.235
CVE-2023-32233: Fixed with 5.4.243
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fixed with 5.4.232
CVE-2023-3268: Fixed with 5.4.243
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fixed with 5.4.240
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fixed with 5.4.248
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fixed with 5.4.231
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fixed with 5.4.249
CVE-2023-34256: Fixed with 5.4.243
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fixed with 5.4.232
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 5.4.246
CVE-2023-35823: Fixed with 5.4.243
CVE-2023-35824: Fixed with 5.4.243
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 5.4.243
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index 0f81f4d..5d808bd 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -876,6 +876,7 @@
CVE-2023-26545: df099e65564aa47478eb1cacf81ba69024fb5c69 net: mpls: fix stale pointer if allocation fails during device rename
CVE-2023-3161: 4abcd352a0222cc807f6f87d2f58d59aeeb70340 fbcon: Check font dimension limits
CVE-2023-32269: 20355b9569bd1fd5a236898524b6dd4117e660d0 netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-3567: d0332cbf53dad06a22189cc341391237f4ea6d9f vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVEs fixed in 5.4.233:
CVE-2022-3707: 787ef0db014085df8691e5aeb58ab0bb081e5ff0 drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
@@ -1100,22 +1101,34 @@
CVE-2023-23039: (unk)
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 352f87b..04bd1b1 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -661,7 +661,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -673,7 +672,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -681,24 +679,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index e8b5892..5cbff39 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -695,7 +695,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -707,7 +706,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -715,24 +713,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index 95c1fd0..453a1e8 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -640,7 +640,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -652,7 +651,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -660,24 +658,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 5f898d0..15dc186 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -674,7 +674,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -686,7 +685,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -694,24 +692,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index b62ae61..28e594f 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -638,7 +638,6 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -650,7 +649,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -658,24 +656,39 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 79e4afd..aec9118 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -672,7 +672,6 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -684,7 +683,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -692,24 +690,39 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index 36cef98..f65053f 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -623,7 +623,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -635,7 +635,6 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -643,25 +642,40 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index 80dd0fc..2c057fc 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -657,7 +657,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -669,7 +669,6 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -677,25 +676,40 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index f953de8..953e0b8 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -596,7 +596,7 @@
CVE-2023-28466: Fix not seen in stream
CVE-2023-2860: Fix not seen in stream
CVE-2023-28772: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fix not seen in stream
CVE-2023-30456: Fix not seen in stream
@@ -608,7 +608,7 @@
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
CVE-2023-3111: Fix not seen in stream
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3159: Fix not seen in stream
@@ -616,25 +616,40 @@
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
-CVE-2023-3355: Fix not seen in stream
CVE-2023-3358: Fix not seen in stream
CVE-2023-3389: Fix not seen in stream
CVE-2023-3390: Fix not seen in stream
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index bf95290..f1ac6a2 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -626,7 +626,7 @@
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-2860: (unk) ipv6: sr: fix out-of-bounds read when setting HMAC data.
CVE-2023-28772: (unk) seq_buf: Fix overflow in seq_buf_putmem_hex()
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
@@ -638,7 +638,7 @@
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
CVE-2023-3111: (unk) btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3159: (unk) firewire: fix potential uaf in outbound_phy_packet_callback()
@@ -646,25 +646,40 @@
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
- CVE-2023-3355: (unk) drm/msm/gem: Add check for kmalloc
CVE-2023-3358: (unk) HID: intel_ish-hid: Add check for ishtp_dma_tx_map
CVE-2023-3389: (unk) io_uring: mutex locked poll hashing
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt
index 932cede..b9e5d17 100644
--- a/data/6.0/6.0_CVEs.txt
+++ b/data/6.0/6.0_CVEs.txt
@@ -171,7 +171,7 @@
CVE-2023-1078: Fix not seen in stream
CVE-2023-1079: Fix not seen in stream
CVE-2023-1118: Fix not seen in stream
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1195: Fix not seen in stream
@@ -196,6 +196,7 @@
CVE-2023-21102: Fix not seen in stream
CVE-2023-21106: Fix not seen in stream
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fix not seen in stream
CVE-2023-2162: Fix not seen in stream
CVE-2023-2163: Fix not seen in stream
@@ -223,7 +224,7 @@
CVE-2023-28328: Fixed with 6.0.16
CVE-2023-28466: Fix not seen in stream
CVE-2023-28866: Fix not seen in stream
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fix not seen in stream
CVE-2023-3006: Fixed with 6.0.7
CVE-2023-30456: Fix not seen in stream
@@ -234,18 +235,22 @@
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fix not seen in stream
CVE-2023-3161: Fix not seen in stream
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
+CVE-2023-32247: Fix not seen in stream
+CVE-2023-32248: Fix not seen in stream
CVE-2023-32250: Fix not seen in stream
+CVE-2023-32252: Fix not seen in stream
CVE-2023-32254: Fix not seen in stream
+CVE-2023-32257: Fix not seen in stream
+CVE-2023-32258: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
CVE-2023-3268: Fix not seen in stream
-CVE-2023-3269: Fix not seen in stream
CVE-2023-33203: Fix not seen in stream
CVE-2023-33288: Fix not seen in stream
CVE-2023-3338: Fix not seen in stream
@@ -259,7 +264,9 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fix not seen in stream
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fix not seen in stream
CVE-2023-35824: Fix not seen in stream
@@ -267,3 +274,14 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fix not seen in stream
CVE-2023-35829: Fix not seen in stream
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38409: Fix not seen in stream
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt
index 0070176..bd97a09 100644
--- a/data/6.0/6.0_security.txt
+++ b/data/6.0/6.0_security.txt
@@ -219,7 +219,7 @@
CVE-2023-1078: (unk) rds: rds_rm_zerocopy_callback() use list_first_entry()
CVE-2023-1079: (unk) HID: asus: use spinlock to safely schedule workers
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
@@ -242,6 +242,7 @@
CVE-2023-21102: (unk) efi: rt-wrapper: Add missing include
CVE-2023-21106: (unk) drm/msm/gpu: Fix potential double-free
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2156: (unk) net: rpl: fix rpl header size calculation
CVE-2023-2162: (unk) scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
CVE-2023-2163: (unk) bpf: Fix incorrect verifier pruning due to missing register precision taints
@@ -259,7 +260,7 @@
CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename
CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-28866: (unk) Bluetooth: HCI: Fix global-out-of-bounds
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-30456: (unk) KVM: nVMX: add missing consistency checks for CR0 and CR4
CVE-2023-30772: (unk) power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
@@ -269,18 +270,22 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-3161: (unk) fbcon: Check font dimension limits
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3220: (unk) drm/msm/dpu: Add check for pstates
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: (unk) ksmbd: destroy expired sessions
+ CVE-2023-32248: (unk) ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: (unk) ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: (unk) ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: (unk) ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: (unk) ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3268: (unk) relayfs: fix out-of-bounds access in relay_file_read
- CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: (unk) power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVE-2023-3338: (unk) Remove DECnet support from kernel
@@ -293,7 +298,9 @@
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34256: (unk) ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-3567: (unk) vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35823: (unk) media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: (unk) media: dm1105: Fix use after free bug in dm1105_remove due to race condition
@@ -301,3 +308,14 @@
CVE-2023-35827: (unk)
CVE-2023-35828: (unk) usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: (unk) media: rkvdec: fix use after free bug in rkvdec_remove
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38409: (unk) fbcon: set_con2fb_map needs to set con2fb_map!
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt
index 2abe96f..279a7bc 100644
--- a/data/6.1/6.1_CVEs.txt
+++ b/data/6.1/6.1_CVEs.txt
@@ -120,7 +120,7 @@
CVE-2023-1078: Fixed with 6.1.12
CVE-2023-1079: Fixed with 6.1.16
CVE-2023-1118: Fixed with 6.1.16
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fixed with 6.1.33
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1206: Fix unknown
@@ -142,6 +142,7 @@
CVE-2023-21102: Fixed with 6.1.8
CVE-2023-21106: Fixed with 6.1.9
CVE-2023-2124: Fixed with 6.1.33
+CVE-2023-21255: Fixed with 6.1.31
CVE-2023-2156: Fixed with 6.1.26
CVE-2023-2162: Fixed with 6.1.11
CVE-2023-2163: Fixed with 6.1.26
@@ -168,7 +169,7 @@
CVE-2023-28328: Fixed with 6.1.2
CVE-2023-28466: Fixed with 6.1.20
CVE-2023-28866: Fixed with 6.1.22
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fixed with 6.1.16
CVE-2023-30456: Fixed with 6.1.21
CVE-2023-30772: Fixed with 6.1.22
@@ -178,15 +179,20 @@
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fixed with 6.1.30
CVE-2023-31436: Fixed with 6.1.26
CVE-2023-3161: Fixed with 6.1.11
CVE-2023-3212: Fixed with 6.1.33
CVE-2023-3220: Fixed with 6.1.16
CVE-2023-32233: Fixed with 6.1.28
+CVE-2023-32247: Fixed with 6.1.29
+CVE-2023-32248: Fixed with 6.1.28
CVE-2023-32250: Fixed with 6.1.29
+CVE-2023-32252: Fixed with 6.1.29
CVE-2023-32254: Fixed with 6.1.28
+CVE-2023-32257: Fixed with 6.1.29
+CVE-2023-32258: Fixed with 6.1.29
CVE-2023-32269: Fixed with 6.1.11
CVE-2023-3268: Fixed with 6.1.28
CVE-2023-3269: Fixed with 6.1.37
@@ -202,7 +208,9 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fixed with 6.1.33
CVE-2023-34256: Fixed with 6.1.29
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-3567: Fixed with 6.1.11
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 6.1.33
CVE-2023-35823: Fixed with 6.1.28
CVE-2023-35824: Fixed with 6.1.28
@@ -210,3 +218,14 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 6.1.28
CVE-2023-35829: Fixed with 6.1.28
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38409: Fixed with 6.1.25
+CVE-2023-38426: Fixed with 6.1.30
+CVE-2023-38427: Fixed with 6.1.34
+CVE-2023-38428: Fixed with 6.1.30
+CVE-2023-38429: Fixed with 6.1.30
+CVE-2023-38430: Fixed with 6.1.35
+CVE-2023-38431: Fixed with 6.1.34
+CVE-2023-38432: Fixed with 6.1.36
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt
index 26066d3..f44b0f1 100644
--- a/data/6.1/6.1_security.txt
+++ b/data/6.1/6.1_security.txt
@@ -67,6 +67,7 @@
CVE-2023-3161: 5e7f6e2ade57dfd6d133ff7c643abd2079248943 fbcon: Check font dimension limits
CVE-2023-32269: 5c2227f3f17782d5262ee0979ad30609b3e01f6e netrom: Fix use-after-free caused by accept on already connected socket
CVE-2023-3359: f5249bbae0e736d612d2095ad79dc1389b3e89b5 nvmem: brcm_nvram: Add check for kzalloc
+ CVE-2023-3567: 8506f16aae9daf354e3732bcfd447e2a97f023df vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVEs fixed in 6.1.12:
CVE-2022-27672: cc95b5d240b631e42e2863e1dcb6ad83920cc449 x86/speculation: Identify processors vulnerable to SMT RSB predictions
@@ -124,6 +125,7 @@
CVEs fixed in 6.1.25:
CVE-2023-1859: c4002b9d5e837f152a40d1333c56ccb84975147b 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
+ CVE-2023-38409: b15df140fe092c3ac28dab32c6b3acdda1a93c63 fbcon: set_con2fb_map needs to set con2fb_map!
CVEs fixed in 6.1.26:
CVE-2023-2156: 9a0b96d03c59ba560b074cdb9b6233493fd5492d net: rpl: fix rpl header size calculation
@@ -138,6 +140,7 @@
CVEs fixed in 6.1.28:
CVE-2023-2269: 9a94ebc74c3540aba5aa2c7b05032da4610a08c9 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-32233: 4507918cd1f8b80f21a396fa0531d53e372bed66 netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32248: a70751dd7b60eab025e97e19b6b2477c6eaf2bbb ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32254: bd80d35725a0cf4df9307bfe2f1a3b2cb983d8e6 ksmbd: fix racy issue under cocurrent smb2 tree disconnect
CVE-2023-3268: f6ee841ff2169d7a7d045340ee72b2b9de9f06c5 relayfs: fix out-of-bounds access in relay_file_read
CVE-2023-35823: 5a72aea9acfe945353fb3a2f141f4e526a5f3684 media: saa7134: fix use after free bug in saa7134_finidev due to race condition
@@ -147,22 +150,41 @@
CVE-2023-35829: 6a17add9c61030683b9c1fc86878f00a2d318a95 media: rkvdec: fix use after free bug in rkvdec_remove
CVEs fixed in 6.1.29:
+ CVE-2023-32247: 1fc8a2b14ef5223f8e0b95faba2ee0a6e4d0f99d ksmbd: destroy expired sessions
CVE-2023-32250: f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32257: f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: 4aba9ab6a007e41182454f84f95c0bddf7d6d7e1 ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-34256: 1fffe4750500148f3e744ed77cf233db8342603f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
CVEs fixed in 6.1.30:
CVE-2023-3090: 610a433810b277b3b77389733c07d22e8af68de2 ipvlan:Fix out-of-bounds caused by unclear skb->cb
CVE-2023-3141: 9a342d4eb9fb8e52f7d1afe088a79513f3f9a9a5 memstick: r592: Fix UAF bug in r592_remove due to race condition
+ CVE-2023-38426: 75378b03a90d75b1349bb03577ac8465194c883e ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38428: 40d90ee0275a1bfcd26fa7690adc4330b4227a69 ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: af7335a4b946f9f6f9d98398cbcea15cd9850409 ksmbd: allocate one more byte for implied bcc[0]
+
+CVEs fixed in 6.1.31:
+ CVE-2023-21255: e1e198eff1fbaf56fd8022c4fbbf59c5324ea320 binder: fix UAF caused by faulty buffer cleanup
CVEs fixed in 6.1.33:
CVE-2022-48425: a8eaa9a06addbd9cb0238cb1c729921ecbb6504c fs/ntfs3: Validate MFT flags before replaying logs
+ CVE-2023-1192: a8eaa9a06addbd9cb0238cb1c729921ecbb6504c fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-2124: a2961463d74f5c86a8dda3b41c484c28ccc4c289 xfs: verify buffer contents when we skip log replay
CVE-2023-3212: 5ae4a618a1558d2b536fdd5d42e53d3e2d73870c gfs2: Don't deref jdesc in evict
CVE-2023-34255: a2961463d74f5c86a8dda3b41c484c28ccc4c289 xfs: verify buffer contents when we skip log replay
CVE-2023-35788: eac615ed3c6d91f1196f16f0a0599fff479cb220 net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
+CVEs fixed in 6.1.34:
+ CVE-2023-38427: bf12d7fb63b365fb766655cedcb5d5f292b0c35e ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38431: 543c12c2644e772caa6880662c2a852cfdc5a10c ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+
CVEs fixed in 6.1.35:
CVE-2023-3390: 4aaa3b730d16c13cc3feaa127bfca1af201d969d netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
+ CVE-2023-38430: e01fc7caac9ce9ad76df9f42f7f61ef4bf1d27c9 ksmbd: validate smb request protocol id
+
+CVEs fixed in 6.1.36:
+ CVE-2023-38432: 9650cf70ec9d94ff34daa088b643229231723c26 ksmbd: validate command payload size
CVEs fixed in 6.1.37:
CVE-2023-3269: d6a5c7a1a6e52d4c46fe181237ca96cd46a42386 mm: introduce new 'lock_mm_and_find_vma()' page fault helper
@@ -248,7 +270,6 @@
CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading
CVE-2023-0160: (unk)
CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area
- CVE-2023-1192: (unk)
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1206: (unk)
@@ -258,13 +279,17 @@
CVE-2023-23039: (unk)
CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3397: (unk)
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt
index 27217ed..4922ecf 100644
--- a/data/6.2/6.2_CVEs.txt
+++ b/data/6.2/6.2_CVEs.txt
@@ -84,7 +84,7 @@
CVE-2023-1077: Fixed with 6.2.3
CVE-2023-1079: Fixed with 6.2.3
CVE-2023-1118: Fixed with 6.2.3
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1206: Fix unknown
@@ -103,6 +103,7 @@
CVE-2023-2002: Fixed with 6.2.14
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
+CVE-2023-21255: Fix not seen in stream
CVE-2023-2156: Fixed with 6.2.13
CVE-2023-2163: Fixed with 6.2.13
CVE-2023-2176: Fix not seen in stream
@@ -117,7 +118,7 @@
CVE-2023-26545: Fixed with 6.2
CVE-2023-28466: Fixed with 6.2.7
CVE-2023-28866: Fixed with 6.2.9
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-2985: Fixed with 6.2.3
CVE-2023-30456: Fixed with 6.2.8
CVE-2023-30772: Fixed with 6.2.9
@@ -127,14 +128,19 @@
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fix not seen in stream
CVE-2023-31436: Fixed with 6.2.13
CVE-2023-3212: Fix not seen in stream
CVE-2023-3220: Fixed with 6.2.3
CVE-2023-32233: Fixed with 6.2.15
+CVE-2023-32247: Fixed with 6.2.16
+CVE-2023-32248: Fixed with 6.2.15
CVE-2023-32250: Fixed with 6.2.16
+CVE-2023-32252: Fixed with 6.2.16
CVE-2023-32254: Fixed with 6.2.15
+CVE-2023-32257: Fixed with 6.2.16
+CVE-2023-32258: Fixed with 6.2.16
CVE-2023-3268: Fixed with 6.2.15
CVE-2023-3269: Fix not seen in stream
CVE-2023-3312: Fixed with 6.2.15
@@ -149,7 +155,8 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fix not seen in stream
CVE-2023-34256: Fixed with 6.2.16
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fix not seen in stream
CVE-2023-35823: Fixed with 6.2.15
CVE-2023-35824: Fixed with 6.2.15
@@ -157,3 +164,14 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 6.2.15
CVE-2023-35829: Fixed with 6.2.15
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38409: Fixed with 6.2.12
+CVE-2023-38426: Fix not seen in stream
+CVE-2023-38427: Fix not seen in stream
+CVE-2023-38428: Fix not seen in stream
+CVE-2023-38429: Fix not seen in stream
+CVE-2023-38430: Fix not seen in stream
+CVE-2023-38431: Fix not seen in stream
+CVE-2023-38432: Fix not seen in stream
diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt
index 3b8c5b8..6c78f2a 100644
--- a/data/6.2/6.2_security.txt
+++ b/data/6.2/6.2_security.txt
@@ -51,6 +51,7 @@
CVEs fixed in 6.2.12:
CVE-2023-1859: e7dcd834af53c79418ca3cd1c42749a314b9f7dc 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
+ CVE-2023-38409: 62055fa6fbf8f1f1457f5d6a7d17ce1a45972613 fbcon: set_con2fb_map needs to set con2fb_map!
CVEs fixed in 6.2.13:
CVE-2023-2156: 191642f5cfb38c0e44fb4783a37530bae15b8f8e net: rpl: fix rpl header size calculation
@@ -65,6 +66,7 @@
CVEs fixed in 6.2.15:
CVE-2023-2269: 243093d536fe3cc78b450f1beb8d584505ea3193 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-32233: 6b0801dcc1aa4373d28ac8ee396788d2e715c495 netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32248: b35f6c031b87d9e51f141ff6de0ea59756a8e313 ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32254: dc1c17716c099c90948ebb83e2170dd75a3be6b6 ksmbd: fix racy issue under cocurrent smb2 tree disconnect
CVE-2023-3268: c86ec32b864d5247602c71986e0494d12f6c4d70 relayfs: fix out-of-bounds access in relay_file_read
CVE-2023-3312: 0dac12ab5780e293b8dc24e513f5c2bf9f93c524 cpufreq: qcom-cpufreq-hw: fix double IO unmap and resource release on exit
@@ -76,7 +78,11 @@
CVE-2023-35829: 26f55569eeb045db9fceda0a5523521c2e76d8aa media: rkvdec: fix use after free bug in rkvdec_remove
CVEs fixed in 6.2.16:
+ CVE-2023-32247: 750a2d772e9d9ff377fd32e3b6797bf2cd847a7a ksmbd: destroy expired sessions
CVE-2023-32250: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32257: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: de428966b40c8b8abe35592ded2e9f4d366ffc38 ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-34256: c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
Outstanding CVEs:
@@ -158,23 +164,24 @@
CVE-2022-45919: (unk)
CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-0160: (unk)
- CVE-2023-1192: (unk)
+ CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1206: (unk)
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
+ CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-23039: (unk)
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
@@ -182,6 +189,17 @@
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
+ CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
+ CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
+ CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ CVE-2023-38432: (unk) ksmbd: validate command payload size
diff --git a/data/6.3/6.3_CVEs.txt b/data/6.3/6.3_CVEs.txt
index 08bb7c3..5577f8f 100644
--- a/data/6.3/6.3_CVEs.txt
+++ b/data/6.3/6.3_CVEs.txt
@@ -76,7 +76,7 @@
CVE-2022-45919: Fix unknown
CVE-2022-48425: Fixed with 6.3.4
CVE-2023-0160: Fix unknown
-CVE-2023-1192: Fix unknown
+CVE-2023-1192: Fixed with 6.3.4
CVE-2023-1193: Fix unknown
CVE-2023-1194: Fix unknown
CVE-2023-1206: Fix unknown
@@ -84,6 +84,7 @@
CVE-2023-2002: Fixed with 6.3.1
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fixed with 6.3.7
+CVE-2023-21255: Fixed with 6.3.5
CVE-2023-2156: Fixed with 6.3
CVE-2023-2163: Fixed with 6.3
CVE-2023-2248: Fixed with 6.3
@@ -91,20 +92,25 @@
CVE-2023-23039: Fix unknown
CVE-2023-2598: Fixed with 6.3.2
CVE-2023-26242: Fix unknown
-CVE-2023-2898: Fix unknown
+CVE-2023-2898: Fix not seen in stream
CVE-2023-3090: Fixed with 6.3.4
CVE-2023-31081: Fix unknown
CVE-2023-31082: Fix unknown
CVE-2023-31083: Fix unknown
CVE-2023-31084: Fix not seen in stream
CVE-2023-31085: Fix unknown
-CVE-2023-31248: Fix unknown
+CVE-2023-31248: Fix not seen in stream
CVE-2023-3141: Fixed with 6.3.4
CVE-2023-31436: Fixed with 6.3
CVE-2023-3212: Fixed with 6.3.7
CVE-2023-32233: Fixed with 6.3.2
+CVE-2023-32247: Fixed with 6.3.2
+CVE-2023-32248: Fixed with 6.3.2
CVE-2023-32250: Fixed with 6.3.2
+CVE-2023-32252: Fixed with 6.3.2
CVE-2023-32254: Fixed with 6.3.2
+CVE-2023-32257: Fixed with 6.3.2
+CVE-2023-32258: Fixed with 6.3.2
CVE-2023-3268: Fixed with 6.3.2
CVE-2023-3269: Fixed with 6.3.11
CVE-2023-3312: Fixed with 6.3.2
@@ -115,7 +121,8 @@
CVE-2023-3397: Fix unknown
CVE-2023-34255: Fixed with 6.3.7
CVE-2023-34256: Fixed with 6.3.3
-CVE-2023-35001: Fix unknown
+CVE-2023-35001: Fix not seen in stream
+CVE-2023-35693: Fix unknown
CVE-2023-35788: Fixed with 6.3.7
CVE-2023-35823: Fixed with 6.3.2
CVE-2023-35824: Fixed with 6.3.2
@@ -123,3 +130,13 @@
CVE-2023-35827: Fix unknown
CVE-2023-35828: Fixed with 6.3.2
CVE-2023-35829: Fixed with 6.3.2
+CVE-2023-3640: Fix unknown
+CVE-2023-37453: Fix unknown
+CVE-2023-37454: Fix unknown
+CVE-2023-38426: Fixed with 6.3.4
+CVE-2023-38427: Fixed with 6.3.8
+CVE-2023-38428: Fixed with 6.3.4
+CVE-2023-38429: Fixed with 6.3.4
+CVE-2023-38430: Fixed with 6.3.9
+CVE-2023-38431: Fixed with 6.3.8
+CVE-2023-38432: Fixed with 6.3.10
diff --git a/data/6.3/6.3_security.txt b/data/6.3/6.3_security.txt
index 41ca5c3..1980a0d 100644
--- a/data/6.3/6.3_security.txt
+++ b/data/6.3/6.3_security.txt
@@ -17,8 +17,13 @@
CVE-2023-2269: a554e6ec3626d4c11f55d7eef8d6aa93fb211c24 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-2598: 3a0a9211d7d0138d55aecd209b05e6d4a9eec383 io_uring/rsrc: check for nonconsecutive pages
CVE-2023-32233: f8486683ffa30456e0be4290282a44c4459a3287 netfilter: nf_tables: deactivate anonymous set from preparation phase
+ CVE-2023-32247: 6775ee7ef4b37c521aa4cf3730f54554c4875542 ksmbd: destroy expired sessions
+ CVE-2023-32248: 1636e09779f83e10e6ed57d91ef94abcefdd206b ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32250: 02f41d88f15d6b7d523e52cc3f87488f57e9265b ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32252: 02f41d88f15d6b7d523e52cc3f87488f57e9265b ksmbd: fix racy issue from session setup and logoff
CVE-2023-32254: 39366b47a59d46af15ac57beb0996268bf911f6a ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ CVE-2023-32257: 02f41d88f15d6b7d523e52cc3f87488f57e9265b ksmbd: fix racy issue from session setup and logoff
+ CVE-2023-32258: 920d5dd2d041484bf001c9713c2e3bcc6de79726 ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-3268: 35ca4fb494c0c9f226fbcfa1c1688e6cc1e5062e relayfs: fix out-of-bounds access in relay_file_read
CVE-2023-3312: d9bad836cf156ee87d577f0bd1ed01501b31a253 cpufreq: qcom-cpufreq-hw: fix double IO unmap and resource release on exit
CVE-2023-35823: 3a60e51489a3ec61565f5bc53f726ac9ccc6083c media: saa7134: fix use after free bug in saa7134_finidev due to race condition
@@ -32,8 +37,15 @@
CVEs fixed in 6.3.4:
CVE-2022-48425: e6f4b1c32d6d6047958d7700d12fed6d91f441e7 fs/ntfs3: Validate MFT flags before replaying logs
+ CVE-2023-1192: e6f4b1c32d6d6047958d7700d12fed6d91f441e7 fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-3090: 3cd16c6a6a6b68bba02fbbc54b9906f44640ffde ipvlan:Fix out-of-bounds caused by unclear skb->cb
CVE-2023-3141: 76fec5f01c9c70e11b85fdeb3f2707589c9238ca memstick: r592: Fix UAF bug in r592_remove due to race condition
+ CVE-2023-38426: 0adcdc220fa555935bb37a273f08956616f8601a ksmbd: fix global-out-of-bounds in smb2_find_context_vals
+ CVE-2023-38428: 3df195fbddfae60ca24a9bbc209402d9fccdef68 ksmbd: fix wrong UserName check in session_user
+ CVE-2023-38429: 778aae5a513ea09aa5addfa352bd70a5b71dda85 ksmbd: allocate one more byte for implied bcc[0]
+
+CVEs fixed in 6.3.5:
+ CVE-2023-21255: c9e6aae1f26758f3e87b93cff18d79dfd80f2f25 binder: fix UAF caused by faulty buffer cleanup
CVEs fixed in 6.3.7:
CVE-2023-2124: 69ebe82c73f4f9f4b49ed3b35ce347af20716d0a xfs: verify buffer contents when we skip log replay
@@ -41,8 +53,16 @@
CVE-2023-34255: 69ebe82c73f4f9f4b49ed3b35ce347af20716d0a xfs: verify buffer contents when we skip log replay
CVE-2023-35788: 900fab73a9cd3dd6a3a69f89980f8f3c9a738d5a net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
+CVEs fixed in 6.3.8:
+ CVE-2023-38427: 205279b96b5c40c60c6de4f9342416e02ee279f1 ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ CVE-2023-38431: e9cb7be2fcbaee9e808b729e92948d38d52e5add ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+
CVEs fixed in 6.3.9:
CVE-2023-3390: bdace3b1a51887211d3e49417a18fdbd315a313b netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
+ CVE-2023-38430: 75e7d81679ef7995422adc84ef597fded99c24a6 ksmbd: validate smb request protocol id
+
+CVEs fixed in 6.3.10:
+ CVE-2023-38432: 768caf4019f0391c0b6452afe34cea1704133f7b ksmbd: validate command payload size
CVEs fixed in 6.3.11:
CVE-2023-3269: bce721f87edd54379120ffb85111357923f4f326 mm: introduce new 'lock_mm_and_find_vma()' page fault helper
@@ -125,21 +145,24 @@
CVE-2022-45887: (unk)
CVE-2022-45919: (unk)
CVE-2023-0160: (unk)
- CVE-2023-1192: (unk)
CVE-2023-1193: (unk)
CVE-2023-1194: (unk)
CVE-2023-1206: (unk)
CVE-2023-20941: (unk)
CVE-2023-23039: (unk)
CVE-2023-26242: (unk)
- CVE-2023-2898: (unk)
+ CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk)
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk)
- CVE-2023-31248: (unk)
+ CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-33250: (unk)
CVE-2023-3397: (unk)
- CVE-2023-35001: (unk)
+ CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
+ CVE-2023-35693: (unk)
CVE-2023-35827: (unk)
+ CVE-2023-3640: (unk)
+ CVE-2023-37453: (unk)
+ CVE-2023-37454: (unk)
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 037be69..156ece3 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2311,7 +2311,7 @@
CVE-2023-1079: af22a610bc38508d5ea760507d31be6b6983dfa8 - 4ab3a086d10eeec1424f2e8a968827a6336203df (v4.12-rc1 to v6.3-rc1)
CVE-2023-1095: 55dd6f93076bb82aa8911191125418dcfcbf2c9b - 580077855a40741cf511766129702d97ff02f4d9 (v3.16-rc1 to v6.0-rc1)
CVE-2023-1118: 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6 - 29b0589a865b6f66d141d79b2dd1373e4e50fe17 (v2.6.36-rc1 to v6.3-rc1)
-CVE-2023-1192: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - (n/a) (v5.15-rc1 to unk)
+CVE-2023-1192: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - 98bea253aa28ad8be2ce565a9ca21beb4a9419e5 (v5.15-rc1 to v6.4-rc1)
CVE-2023-1193: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - (n/a) (v5.15-rc1 to unk)
CVE-2023-1194: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - (n/a) (v5.15-rc1 to unk)
CVE-2023-1195: 7be3248f313930ff3d3436d4e9ddbe9fccc1f541 - 153695d36ead0ccc4d0256953c751cabf673e621 (v5.16-rc1 to v6.1-rc3)
@@ -2350,9 +2350,10 @@
CVE-2023-21102: cefc7ca46235f01d5233e3abd4b79452af01d9e9 - 18bba1843fc7f264f58c9345d00827d082f9c558 (v5.14-rc1 to v6.2-rc4)
CVE-2023-21106: d4726d7700688835f4784d3b94de6fff2cbe16c2 - a66f1efcf748febea7758c4c3c8b5bc5294949ef (v5.19-rc1 to v6.2-rc5)
CVE-2023-2124: 50d5c8d8e938e3c4c0d21db9fc7d64282dc7be20 - 22ed903eee23a5b174e240f1cdfa9acf393a5210 (v3.12-rc1 to v6.4-rc1)
+CVE-2023-21255: 32e9f56a96d8d0f23cb2aeb2a3cd18d40393e787 - bdc1c5fac982845a58d28690cdb56db8c88a530d (v5.16-rc1 to v6.4-rc4)
CVE-2023-2156: 8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3 - 4e006c7a6dac0ead4c1bf606000aa90a372fc253 (v5.7-rc1 to v6.3)
CVE-2023-2162: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3 (v2.6.12-rc2 to v6.2-rc6)
-CVE-2023-2163: (n/a) - 71b547f561247897a0a14f3082730156c0533fed (unk to v6.3)
+CVE-2023-2163: b5dc0163d8fd78e64a7e21f309cf932fda34353e - 71b547f561247897a0a14f3082730156c0533fed (v5.3-rc1 to v6.3)
CVE-2023-2166: 4e096a18867a5a989b510f6999d9c6b6622e8f7b - 0acc442309a0a1b01bcdaa135e56e6398a49439c (v5.12-rc1-dontuse to v6.1)
CVE-2023-2176: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8d037973d48c026224ab285e6a06985ccac6f7bf (v2.6.12-rc2 to v6.3-rc1)
CVE-2023-2177: 5bbbbe32a43199c2b9ea5ea66fab6241c64beb51 - 181d8d2066c000ba0a0e6940a7ad80f1a0e68e9d (v4.15-rc1 to v5.19)
@@ -2397,20 +2398,22 @@
CVE-2023-2860: 4f4853dc1c9c1994f6f756eabdcc25374ff271d9 - 84a53580c5d2138c7361c7c3eea5b31827e63b35 (v4.10-rc1 to v6.0-rc5)
CVE-2023-28772: 5e3ca0ec76fce92daa4eed0d02de9c79b1fe3920 - d3b16034a24a112bb83aeb669ac5b9b01f744bb7 (v2.6.27-rc1 to v5.14-rc1)
CVE-2023-28866: d0b137062b2de75b264b84143d21c98abc5f5ad2 - bce56405201111807cc8e4f47c6de3e10b17c1ac (v5.17-rc1 to v6.3-rc4)
-CVE-2023-2898: (n/a) - (n/a) (unk to unk)
+CVE-2023-2898: b4b10061ef98c583bcf82a4200703fbaa98c18dc - d8189834d4348ae608083e1f1f53792cfcc2a9bc (v5.8-rc1 to v6.5-rc1)
CVE-2023-2985: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 07db5e247ab5858439b14dd7cc1fe538b9efcf32 (v2.6.12-rc2 to v6.3-rc1)
CVE-2023-3006: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0e5d5ae837c8ce04d2ddb874ec5f920118bd9d31 (v2.6.12-rc2 to v6.1-rc1)
CVE-2023-3022: effda4dd97e878ab83336bec7411cc41b5cc6d37 - a65120bae4b7425a39c5783aa3d4fc29677eef0e (CVE Caused by Backporting)
CVE-2023-30456: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 112e66017bff7f2837030f34c2bc19501e9212d5 (v2.6.12-rc2 to v6.3-rc3)
CVE-2023-30772: c1a281e34dae41379af86b95592a5ae8e9e3af67 - 06615d11cc78162dfd5116efb71f29eb29502d37 (v4.1-rc1 to v6.3-rc4)
CVE-2023-3090: 2ad7bf3638411cb547f2823df08166c13ab04269 - 90cbed5247439a966b645b34eb0a2e037836ea8e (v3.19-rc1 to v6.4-rc2)
+CVE-2023-3106: d3623099d3509fa68fa28235366049dd3156c63a - 1ba5bf993c6a3142e18e68ea6452b347f9cb5635 (v3.15-rc1 to v4.8-rc7)
+CVE-2023-3108: 1d10eb2f156f5fc83cf6c7ce60441592e66eadb3 - 9399f0c51489ae8c16d6559b82a452fdc1895e91 (CVE Caused by Backporting)
CVE-2023-31081: (n/a) - (n/a) (unk to unk)
CVE-2023-31082: (n/a) - (n/a) (unk to unk)
CVE-2023-31083: (n/a) - (n/a) (unk to unk)
CVE-2023-31084: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b8c75e4a1b325ea0a9433fa8834be97b5836b946 (v2.6.12-rc2 to v6.4-rc3)
CVE-2023-31085: (n/a) - (n/a) (unk to unk)
CVE-2023-3111: 5d4f98a28c7d334091c1b7744f48a1acdd2a4ae0 - 85f02d6c856b9f3a0acf5219de6e32f58b9778eb (v2.6.31-rc1 to v6.0-rc2)
-CVE-2023-31248: (n/a) - (n/a) (unk to unk)
+CVE-2023-31248: 837830a4b439bfeb86c70b0115c280377c84714b - 515ad530795c118f012539ed76d02bacfd426d89 (v5.9-rc1 to v6.5-rc2)
CVE-2023-3141: 9263412501022fecef844907129ee2513b5a89de - 63264422785021704c39b38f65a78ab9e4a186d7 (v2.6.39-rc1 to v6.4-rc1)
CVE-2023-31436: 3015f3d2a3cd9614294025849d3ed89fd2f3a7f5 - 3037933448f60f9acb705997eae62013ecb81e0d (v3.7-rc5 to v6.3)
CVE-2023-3159: 850bb6f23b93c04ce1e4509a87fa607dc17d97c1 - b7c81f80246fac44077166f3e07103affe6db8ff (v2.6.36-rc1 to v5.18-rc6)
@@ -2418,18 +2421,23 @@
CVE-2023-3212: 16615be18cadf53ee6f8a4f0bdd647f0753421b1 - 504a10d9e46bc37b23d0a1ae2f28973c8516e636 (v2.6.24-rc1 to v6.4-rc2)
CVE-2023-3220: 25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef - 93340e10b9c5fc86730d149636e0aa8b47bb5a34 (v4.19-rc1 to v6.3-rc1)
CVE-2023-32233: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c1592a89942e9678f7d9c8030efa777c0d57edab (v2.6.12-rc2 to v6.4-rc1)
+CVE-2023-32247: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ea174a91893956450510945a0c5d1a10b5323656 (v2.6.12-rc2 to v6.4-rc1)
+CVE-2023-32248: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 3ac00a2ab69b34189942afa9e862d5170cdcb018 (v2.6.12-rc2 to v6.4-rc1)
CVE-2023-32250: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f5c779b7ddbda30866cf2a27c63e34158f858c73 (v2.6.12-rc2 to v6.4-rc1)
+CVE-2023-32252: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f5c779b7ddbda30866cf2a27c63e34158f858c73 (v2.6.12-rc2 to v6.4-rc1)
CVE-2023-32254: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 30210947a343b6b3ca13adc9bfc88e1543e16dd5 (v2.6.12-rc2 to v6.4-rc1)
+CVE-2023-32257: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f5c779b7ddbda30866cf2a27c63e34158f858c73 (v2.6.12-rc2 to v6.4-rc1)
+CVE-2023-32258: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - abcc506a9a71976a8b4c9bf3ee6efd13229c1e19 (v2.6.12-rc2 to v6.4-rc1)
CVE-2023-32269: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 611792920925fb088ddccbe2783c7f92fdfb6b64 (v2.6.12-rc2 to v6.2-rc7)
CVE-2023-3268: 8d62fdebdaf9b866c7e236a8f5cfe90e6dba5773 - 43ec16f1450f4936025a9bdf1a273affdb9732c1 (v2.6.22-rc7 to v6.4-rc1)
-CVE-2023-3269: (n/a) - c2508ec5a58db67093f4fb8bf89a9a7c53a109e9 (unk to unk)
+CVE-2023-3269: 54a611b605901c7d5d05b6b8f5d04a6ceb0962aa - c2508ec5a58db67093f4fb8bf89a9a7c53a109e9 (v6.1-rc1 to v6.5-rc1)
CVE-2023-3312: 054a3ef683a176a509cc9b37f762029aae942495 - ba5e770c9698782bc203bbf5cf3b36a77720bdbe (v6.2-rc1 to v6.4-rc1)
CVE-2023-3317: 034ae28b56f13dc1f2beb3fa294b455f57ede9cb - 2ceb76f734e37833824b7fab6af17c999eb48d2b (v6.2-rc1 to v6.3-rc6)
CVE-2023-33203: b9b17debc69d27cd55e21ee51a5ba7fc50a426cf - 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (v4.9-rc1 to v6.3-rc4)
CVE-2023-33250: 2ff4bed7fee72ba1abfcff5f11ae8f8e570353f2 - (n/a) (v6.2-rc1 to unk)
CVE-2023-33288: 97774672573ac4355bd12cf84b202555c1131b69 - 47c29d69212911f50bdcdd0564b5999a559010d4 (v2.6.39-rc1 to v6.3-rc4)
-CVE-2023-3338: (n/a) - 1202cdd665315c525b5237e96e0bedc76d7e754f (unk to v6.1-rc1)
-CVE-2023-3355: (n/a) - d839f0811a31322c087a859c2b181e2383daa7be (unk to v6.3-rc1)
+CVE-2023-3338: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 1202cdd665315c525b5237e96e0bedc76d7e754f (v2.6.12-rc2 to v6.1-rc1)
+CVE-2023-3355: 20224d715a882210428ea62bba93f1bc4a0afe23 - d839f0811a31322c087a859c2b181e2383daa7be (v5.11-rc1 to v6.3-rc1)
CVE-2023-3357: 4b2c53d93a4bc9d52cc0ec354629cfc9dc217f93 - 53ffa6a9f83b2170c60591da1ead8791d5a42e81 (v5.11-rc1 to v6.2-rc1)
CVE-2023-3358: 3703f53b99e4a7c373ce3568dd3f91f175ebb626 - b3d40c3ec3dc4ad78017de6c3a38979f57aaaab8 (v4.9-rc1 to v6.2-rc5)
CVE-2023-3359: 6e977eaa8280e957b87904b536661550f2a6b3e8 - b0576ade3aaf24b376ea1a4406ae138e2a22b0c0 (v5.18-rc1 to v6.2-rc7)
@@ -2441,7 +2449,9 @@
CVE-2023-34255: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 22ed903eee23a5b174e240f1cdfa9acf393a5210 (v2.6.12-rc2 to v6.4-rc1)
CVE-2023-34256: 717d50e4971b81b96c0199c91cdf0039a8cb181a - 4f04351888a83e595571de672e0a4a8b74f4fb31 (v2.6.24-rc1 to v6.4-rc2)
CVE-2023-3439: 583be982d93479ea3d85091b0fd0b01201ede87d - b561275d633bcd8e0e8055ab86f1a13df75a0269 (v5.15-rc1 to v5.18-rc5)
-CVE-2023-35001: (n/a) - (n/a) (unk to unk)
+CVE-2023-35001: 96518518cc417bb0a8c80b9fb736202e28acdf96 - caf3ef7468f7534771b5c44cd8dbd6f7f87c2cbd (v3.13-rc1 to v6.5-rc2)
+CVE-2023-3567: ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff - 226fae124b2dac217ea5436060d623ff3385bc34 (v2.6.38-rc3 to v6.2-rc7)
+CVE-2023-35693: (n/a) - (n/a) (unk to unk)
CVE-2023-35788: 0a6e77784f490912d81b92cfd48424541c04691e - 4d56304e5827c8cc8cc18c75343d283af7c4825c (v4.19-rc1 to v6.4-rc5)
CVE-2023-35823: 1e7126b4a86ad69e870099fb6b922a3b6e29598b - 30cf57da176cca80f11df0d9b7f71581fe601389 (v4.15-rc1 to v6.4-rc1)
CVE-2023-35824: 34d2f9bf189c36ef8642cf6b64e80dfb756d888f - 5abda7a16698d4d1f47af1168d8fa2c640116b4a (v2.6.34-rc1 to v6.4-rc1)
@@ -2449,3 +2459,14 @@
CVE-2023-35827: (n/a) - (n/a) (unk to unk)
CVE-2023-35828: 39facfa01c9fc64f90233d1734882f0a0cafe36a - 2b947f8769be8b8181dc795fd292d3e7120f5204 (v4.19-rc1 to v6.4-rc1)
CVE-2023-35829: cd33c830448baf7b1e94da72eca069e3e1d050c9 - 3228cec23b8b29215e18090c6ba635840190993d (v5.8-rc1 to v6.4-rc1)
+CVE-2023-3640: (n/a) - (n/a) (unk to unk)
+CVE-2023-37453: (n/a) - (n/a) (unk to unk)
+CVE-2023-37454: (n/a) - (n/a) (unk to unk)
+CVE-2023-38409: d443d93864726ad68c0a741d1e7b03934a9af143 - fffb0b52d5258554c645c966c6cbef7de50b851d (v5.19-rc1 to v6.3-rc7)
+CVE-2023-38426: (n/a) - 02f76c401d17e409ed45bf7887148fcc22c93c85 (unk to v6.4-rc3)
+CVE-2023-38427: (n/a) - f1a411873c85b642f13b01f21b534c2bab81fc1b (unk to v6.4-rc6)
+CVE-2023-38428: (n/a) - f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f (unk to v6.4-rc3)
+CVE-2023-38429: (n/a) - 443d61d1fa9faa60ef925513d83742902390100f (unk to v6.4-rc3)
+CVE-2023-38430: (n/a) - 1c1bcf2d3ea061613119b534f57507c377df20f9 (unk to v6.4-rc6)
+CVE-2023-38431: (n/a) - 368ba06881c395f1c9a7ba22203cf8d78b4addc0 (unk to v6.4-rc6)
+CVE-2023-38432: (n/a) - 2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d (unk to v6.4)
diff --git a/data/cmts.json b/data/cmts.json
index 5b5021c..2b35ea0 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -25,6 +25,7 @@
"029f7f3b8701cc7aca8bdb31f0c7edd6a479e357": "v4.5-rc1",
"02a4d923e4400a36d340ea12d8058f69ebf3a383": "v6.3-rc4",
"02e1a114fdb71e59ee6770294166c30d437bf86a": "v6.0-rc1",
+ "02f76c401d17e409ed45bf7887148fcc22c93c85": "v6.4-rc3",
"0305cd5f7fca85dae392b9ba85b116896eb7c1c7": "v4.4-rc1",
"030b533c4fd4d2ec3402363323de4bb2983c9cee": "v4.9-rc1",
"030e2c78d3a91dd0d27fef37e91950dde333eba1": "v4.5-rc1",
@@ -373,6 +374,7 @@
"1b66e94e6b9995323190f31c51d8e1a6f516627e": "v3.16-rc1",
"1b93a88431470ea0b943157999084d9c7e6e3bd3": "v5.7-rc1",
"1b976fc6d684e3282914cdbe7a8d68fdce19095c": "v5.5-rc1",
+ "1ba5bf993c6a3142e18e68ea6452b347f9cb5635": "v4.8-rc7",
"1bb57e940e1958e40d51f2078f50c3a96a9b2d75": "v3.4-rc6",
"1bdc76aea1159a750846c2fc98e404403eb7d51c": "v4.8-rc1",
"1be7107fbe18eed3e319a6c3e83c78254b693acb": "v4.12-rc6",
@@ -382,6 +384,7 @@
"1bff51ea59a9afb67d2dd78518ab0582a54a472c": "v5.16-rc1",
"1c0edc3633b56000e18d82fc241e3995ca18a69e": "v4.14-rc6",
"1c109fabbd51863475cd12ac206bdd249aee35af": "v4.8-rc7",
+ "1c1bcf2d3ea061613119b534f57507c377df20f9": "v6.4-rc6",
"1c668e1c0a0f74472469cd514f40c9012b324c31": "v5.12-rc4",
"1c728719a4da6e654afb9cc047164755072ed7c9": "v5.11-rc1",
"1c885808e45601b2b6f68b30ac1d999e10b6f606": "v4.10-rc1",
@@ -391,6 +394,7 @@
"1cf1cae963c2e6032aebe1637e995bc2f5d330f4": "v4.12-rc1",
"1d011c4803c72f3907eccfc1ec63caefb852fcbf": "v5.14",
"1d0f3ce83200edc5d43723c77c62b09ad6560294": "v2.6.33-rc1",
+ "1d10eb2f156f5fc83cf6c7ce60441592e66eadb3": "v4.0-rc1",
"1d147bfa64293b2723c4fec50922168658e613ba": "v3.14-rc6",
"1d24eb4815d1e0e8b451ecc546645f8ef1176d4f": "v2.6.38-rc1",
"1d3ff0950e2b40dc861b1739029649d03f591820": "v5.1-rc4",
@@ -433,6 +437,7 @@
"1fd819ecb90cc9b822cd84d3056ddba315d3340f": "v3.14-rc7",
"1ffb3c40ffb5c51bc39736409b11816c4260218e": "v4.9-rc7",
"201f99f170df14ba52ea4c52847779042b7a623b": "v3.12",
+ "20224d715a882210428ea62bba93f1bc4a0afe23": "v5.11-rc1",
"20401d1058f3f841f35a594ac2fc1293710e55b9": "v5.15-rc1",
"2056a782f8e7e65fd4bfd027506b4ce1c5e9ccd4": "v2.6.17-rc1",
"206204a1162b995e2185275167b22468c00d6b36": "v3.16-rc3",
@@ -460,6 +465,7 @@
"2225e79b9b0370bc179f44756bee809b5e7b4d06": "v4.1-rc1",
"223b02d923ecd7c84cf9780bb3686f455d279279": "v3.15-rc1",
"2256c1c51e98d4eb2063a7f84f9ea783fda95f7f": "v3.12-rc1",
+ "226fae124b2dac217ea5436060d623ff3385bc34": "v6.2-rc7",
"2287a51ba822384834dafc1c798453375d1107c7": "v5.15-rc1",
"2289adbfa559050d2a38bcd9caac1c18b800e928": "v5.5-rc1",
"22c7652cdaa8cd33ce78bacceb4e826a3f795873": "v5.2-rc1",
@@ -586,6 +592,7 @@
"2b82032c34ec40515d3c45c36cd1961f37977de8": "v2.6.29-rc1",
"2b8a1fee3488c602aca8bea004a087e60806a5cf": "v5.13-rc4",
"2b947f8769be8b8181dc795fd292d3e7120f5204": "v6.4-rc1",
+ "2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d": "v6.4",
"2ba1b163c9d5d716fb1061f3fb76832cc6eea37f": "v3.18-rc1",
"2ba1fe7a06d3624f9a7586d672b55f08f7c670f3": "v4.5-rc1",
"2c02d41d71f90a5168391b6a5f2954112ba2307c": "v6.2-rc3",
@@ -684,6 +691,7 @@
"32a4f5ecd7381f30ae3bb36dea77a150ba68af2e": "v4.19-rc1",
"32c231164b762dddefa13af5a0101032c70b50ef": "v4.9-rc7",
"32d43cd391bacb5f0814c2624399a5dad3501d09": "v4.16-rc7",
+ "32e9f56a96d8d0f23cb2aeb2a3cd18d40393e787": "v5.16-rc1",
"32ecc75ded72e0425713a7ffe2050fef6e54e564": "v4.12-rc1",
"3347acc6fcd4ee71ad18a9ff9d9dac176b517329": "v5.10-rc4",
"335178d5429c4cee61b58f4ac80688f556630818": "v5.5-rc7",
@@ -732,6 +740,7 @@
"363b02dab09b3226f3bd1420dad9c72b79a42a76": "v4.14-rc6",
"364dbdf3b6c31a4a5fb7a6d479e7aafb4a7a10b6": "v2.6.38-rc1",
"364f997b5cfe1db0d63a390fe7c801fa2b3115f6": "v6.1-rc1",
+ "368ba06881c395f1c9a7ba22203cf8d78b4addc0": "v6.4-rc6",
"36947254e5f981aeeedab1c7dfa35fc34d330e80": "v5.7-rc1",
"36a4d82dddbbd421d2b8e79e1cab68c8126d5075": "v6.1-rc1",
"36a6503feddadbbad415fb3891e80f94c10a9b21": "v4.9-rc1",
@@ -792,6 +801,7 @@
"3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb": "v4.14-rc1",
"3a9b153c5591548612c3955c9600a98150c81875": "v5.6-rc1",
"3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4": "v4.7-rc1",
+ "3ac00a2ab69b34189942afa9e862d5170cdcb018": "v6.4-rc1",
"3ac6487e584a1eb54071dbe1212e05b884136704": "v5.18",
"3ac6d8c787b835b997eb23e43e09aa0895ef7d58": "v4.16-rc2",
"3afc9621f15701c557e60f61eba9242bac2771dd": "v3.5-rc1",
@@ -918,6 +928,7 @@
"44234adcdce38f83c56e05f808ce656175b4beeb": "v2.6.33-rc1",
"443064cb0b1fb4569fe0a71209da7625129fb760": "v4.15-rc8",
"443c1228d50518f3c550e1fef490a2c9d9246ce7": "v2.6.32-rc1",
+ "443d61d1fa9faa60ef925513d83742902390100f": "v6.4-rc3",
"4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc": "v3.14-rc1",
"4447bb33f09444920a8f1d89e1540137429351b6": "v2.6.33-rc1",
"44526bedc2ff8fcd58552e3c5bae928524b6f13c": "v5.12-rc1-dontuse",
@@ -1101,6 +1112,7 @@
"513dc792d6060d5ef572e43852683097a8420f56": "v5.6-rc5",
"5146f95df782b0ac61abde36567e718692725c89": "v4.20",
"514c7dca85a0bf40be984dab0b477403a6db901f": "v4.19-rc1",
+ "515ad530795c118f012539ed76d02bacfd426d89": "v6.5-rc2",
"5191955d6fc65e6d4efe8f4f10a6028298f57281": "v5.11-rc1",
"51aa68e7d57e3217192d88ce90fd5b8ef29ec94f": "v4.14-rc1",
"51ac8893a7a51b196501164e645583bf78138699": "v3.8-rc7",
@@ -1137,6 +1149,7 @@
"548acf19234dbda5a52d5a8e7e205af46e9da840": "v4.6-rc1",
"54a20552e1eae07aa240fa370a0293e006b5faed": "v4.4-rc1",
"54a217887a7b658e2650c3feff22756ab80c7339": "v3.15",
+ "54a611b605901c7d5d05b6b8f5d04a6ceb0962aa": "v6.1-rc1",
"54d198d5019dd98b9bcb9099a389608d7e2cccad": "v5.2-rc1",
"54d5ca871e72f2bb172ec9323497f01cd5091ec7": "v4.6",
"54d83fc74aa9ec72794373cb47432c5f7fb1a309": "v4.6-rc2",
@@ -1750,6 +1763,7 @@
"834328a8493079d15f30866ace42489463f52571": "v3.7-rc3",
"834e772c8db0c6a275d75315d90aba4ebbb1e249": "v4.20-rc6",
"8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7": "v4.6-rc6",
+ "837830a4b439bfeb86c70b0115c280377c84714b": "v5.9-rc1",
"837f08fdecbe4b2ffc7725624342e73b886665a8": "v4.17-rc1",
"83912d6d55be10d65b5268d1871168b9ebe1ec4b": "v5.16-rc7",
"839db3d10a5ba792d6533b8bb3380f52ac877344": "v3.8-rc1",
@@ -1933,6 +1947,7 @@
"9344a972961d1a6d2c04d9008b13617bcb6ec2ef": "v3.6-rc3",
"935d8aabd4331f47a89c3e1daa5779d23cf244ee": "v3.9-rc7",
"9380afd6df70e24eacbdbde33afc6a3950965d22": "v5.12-rc3",
+ "9399f0c51489ae8c16d6559b82a452fdc1895e91": "v4.0-rc1",
"93a2001bdfd5376c3dc2158653034c20392d15c5": "v4.7-rc5",
"93c303d2045b30572d8d5e74d3ad80692acfebbe": "v4.18-rc1",
"93c647643b48f0131f02e45da3bd367d80443291": "v4.15-rc4",
@@ -2253,6 +2268,7 @@
"ab79efab0a0ba01a74df782eb7fa44b044dae8b5": "v4.3",
"ab7ac4eb9832e32a09f4e8042705484d2fb0aad3": "v4.6-rc1",
"abafbc551fddede3e0a08dee1dcde08fc0eb8476": "v5.8-rc1",
+ "abcc506a9a71976a8b4c9bf3ee6efd13229c1e19": "v6.4-rc1",
"abd39c6ded9db53aa44c2540092bdd5fb6590fa8": "v4.18-rc1",
"abf492e7b3ae74873688cf9960283853a3054471": "v2.6.34-rc1",
"abfaf0eee97925905e742aa3b0b72e04a918fa9e": "v5.17-rc1",
@@ -2261,6 +2277,7 @@
"ac60778b87e45576d7bfdbd6f53df902654e6f09": "v6.0-rc1",
"ac64115a66c18c01745bbd3c47a36b124e5fd8c0": "v4.14-rc7",
"ac6e780070e30e4c35bd395acfe9191e6268bdd3": "v4.9-rc6",
+ "ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff": "v2.6.38-rc3",
"ac795161c93699d600db16c1a8cc23a65a1eceaf": "v5.17-rc2",
"ac902c112d90a89e59916f751c2745f4dbdbb4bd": "v3.16-rc2",
"ace7f46ba5fde7273207c7122b0650ceb72510e0": "v4.10-rc1",
@@ -2375,6 +2392,7 @@
"b4789b8e6be3151a955ade74872822f30e8cd914": "v3.13-rc1",
"b49a0e69a7b1a68c8d3f64097d06dabb770fec96": "v5.15-rc1",
"b4a1b4f5047e4f54e194681125c74c0aa64d637d": "v4.4-rc8",
+ "b4b10061ef98c583bcf82a4200703fbaa98c18dc": "v5.8-rc1",
"b4b814fec1a5a849383f7b3886b654a13abbda7d": "v5.4-rc4",
"b4e00444cab4c3f3fec876dc0cccc8cbb0d1a948": "v5.10-rc3",
"b4f34d8d9d26b2428fa7cf7c8f97690a297978e6": "v3.10-rc1",
@@ -2387,6 +2405,7 @@
"b5a663aa426f4884c71cd8580adae73f33570f0d": "v4.5-rc1",
"b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a": "v4.16-rc1",
"b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb": "v5.6-rc1",
+ "b5dc0163d8fd78e64a7e21f309cf932fda34353e": "v5.3-rc1",
"b5e2f339865fb443107e5b10603e53bbc92dc054": "v3.12",
"b5fdf5c6e6bee35837e160c00ac89327bdad031b": "v5.14-rc3",
"b60fe990c6b07ef6d4df67bc0530c7c90a62623a": "v5.4-rc1",
@@ -2495,6 +2514,7 @@
"bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb": "v4.14-rc4",
"bd97120fc3d1a11f3124c7c9ba1d91f51829eb85": "v3.7-rc8",
"bdabad3e363d825ddf9679dd431cca0b2c30f881": "v4.7-rc1",
+ "bdc1c5fac982845a58d28690cdb56db8c88a530d": "v6.4-rc4",
"bdcd81707973cf8aa9305337166f8ee842a050d4": "v3.2-rc1",
"bdcf0a423ea1c40bbb40e7ee483b50fc8aa3d758": "v4.15-rc4",
"bddc0c411a45d3718ac535a070f349be8eca8d48": "v5.13-rc7",
@@ -2568,6 +2588,7 @@
"c215e9397b00b3045a668120ed7dbd89f2866e74": "v4.19-rc1",
"c2349758acf1874e4c2b93fe41d072336f1a31d0": "v3.13-rc7",
"c24968734abfed81c8f93dc5f44a7b7a9aecadfa": "v6.0-rc1",
+ "c2508ec5a58db67093f4fb8bf89a9a7c53a109e9": "v6.5-rc1",
"c25b2ae136039ffa820c26138ed4a5e5f3ab3841": "v5.17-rc1",
"c25c210f590e7a37eecd865d84f97d1f40e39786": "v5.12-rc1-dontuse",
"c278c253f3d992c6994d08aa0efb2b6806ca396f": "v4.5-rc6",
@@ -2682,6 +2703,7 @@
"cacdb14b1c8d3804a3a7d31773bc7569837b71a4": "v6.1-rc1",
"cadfad870154e14f745ec845708bc17d166065f2": "v5.8-rc6",
"cae9910e73446cac68a54e3a7b02aaa12b689026": "v5.3-rc1",
+ "caf3ef7468f7534771b5c44cd8dbd6f7f87c2cbd": "v6.5-rc2",
"cb090e64cf25602b9adaf32d5dfc9c8bec493cd1": "v6.3-rc3",
"cb17ed29a7a5fea8c9bf70e8a05757d71650e025": "v5.9-rc1",
"cb1ce2ef387b01686469487edd45994872d52d73": "v3.17-rc1",
@@ -2808,6 +2830,7 @@
"d3b6372c5881cb54925212abb62c521df8ba4809": "v5.17-rc8",
"d3bd7413e0ca40b60cf60d4003246d067cafdeda": "v5.0-rc3",
"d4122754442799187d5d537a9c039a49a67e57f1": "v5.10-rc5",
+ "d443d93864726ad68c0a741d1e7b03934a9af143": "v5.19-rc1",
"d45476d9832409371537013ebdd8dc1a7781f97a": "v5.17-rc8",
"d4726d7700688835f4784d3b94de6fff2cbe16c2": "v5.19-rc1",
"d475f942b1dd6a897dac3ad4ed98d6994b275378": "v3.11-rc1",
@@ -2843,6 +2866,7 @@
"d785a773bed966a75ca1f11d108ae1897189975b": "v5.19-rc6",
"d7cce01504a0ccb95b5007d846560cfccbc1947f": "v4.8-rc1",
"d80b64ff297e40c2b6f7d7abc1b3eba70d22a068": "v5.6-rc4",
+ "d8189834d4348ae608083e1f1f53792cfcc2a9bc": "v6.5-rc1",
"d8316f3991d207fe32881a9ac20241be8fa2bad0": "v3.14",
"d839f0811a31322c087a859c2b181e2383daa7be": "v6.3-rc1",
"d84f4f992cbd76e8f39c488cf0c5d123843923b1": "v2.6.29-rc1",
@@ -3015,6 +3039,7 @@
"e9f57ebcba563e0cd532926cab83c92bb4d79360": "v4.5-rc1",
"ea010070d0a7497253d5a6f919f6dd107450b31a": "v4.20",
"ea04efee7635c9120d015dcdeeeb6988130cb67a": "v4.14-rc6",
+ "ea174a91893956450510945a0c5d1a10b5323656": "v6.4-rc1",
"ea25f914dc164c8d56b36147ecc86bc65f83c469": "v4.15-rc5",
"ea2dea9dacc256fe927857feb423872051642ae7": "v2.6.35-rc1",
"ea3d7209ca01da209cda6f0dea8be9cc4b7a933b": "v4.5-rc1",
@@ -3118,6 +3143,7 @@
"f08812d5eb8f8cd1a5bd5f5c26a96eb93d97ab69": "v2.6.24-rc4",
"f09444639099584bc4784dfcd85ada67c6f33e0f": "v4.11-rc1",
"f0992098cadb4c9c6a00703b66cafe604e178fea": "v5.10-rc7",
+ "f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f": "v6.4-rc3",
"f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa": "v3.11-rc1",
"f0d1762554014ce0ae347b9f0d088f2c157c8c72": "v5.1-rc4",
"f0d1bec9d58d4c038d0ac958c9af82be6eb18045": "v3.16-rc1",
@@ -3133,6 +3159,7 @@
"f19425641cb2572a33cb074d5e30283720bd4d22": "v5.10-rc1",
"f19b00da8ed37db4e3891fe534fcf3a605a0e562": "v3.10-rc1",
"f19d5870cbf72d4cb2a8e1f749dff97af99b071e": "v3.8-rc1",
+ "f1a411873c85b642f13b01f21b534c2bab81fc1b": "v6.4-rc6",
"f1ce3986baa62cffc3c5be156994de87524bab99": "v5.13-rc1",
"f1e255d60ae66a9f672ff9a207ee6cd8e33d2679": "v4.18-rc5",
"f227e3ec3b5cad859ad15666874405e8c1bbc1d4": "v5.8",
@@ -3314,5 +3341,6 @@
"ffc8b30866879ed9ba62bd0a86fecdbd51cd3d19": "v3.11-rc1",
"ffd980f976e7fd666c2e61bf8ab35107efd11828": "v2.6.25-rc1",
"ffdde5932042600c6807d46c1550b28b0db6a3bc": "v5.5-rc1",
- "ffe2a22562444720b05bdfeb999c03e810d84cbb": "v6.2-rc7"
+ "ffe2a22562444720b05bdfeb999c03e810d84cbb": "v6.2-rc7",
+ "fffb0b52d5258554c645c966c6cbef7de50b851d": "v6.3-rc7"
}
\ No newline at end of file
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index abe6b48..729d319 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -16507,7 +16507,7 @@
"cwe": "Permissions, Privileges, and Access Control",
"fixes": "76cc404bfdc0d419c720de4daaf2584542734f42",
"last_affected_version": "4.1.32",
- "last_modified": "2023-05-05",
+ "last_modified": "2023-07-19",
"nvd_text": "arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2015-8966",
@@ -77298,7 +77298,7 @@
"cwe": "Improper Resource Shutdown or Release",
"fixes": "d0d51a97063db4704a5ef6bc978dddab1636a306",
"last_affected_version": "6.0.1",
- "last_modified": "2023-01-02",
+ "last_modified": "2023-07-19",
"nvd_text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-3646",
@@ -79688,7 +79688,8 @@
"affected_versions": "unk to unk",
"breaks": "",
"fixes": "",
- "last_modified": "2023-03-24",
+ "last_modified": "2023-07-19",
+ "nvd_text": "A deadlock flaw was found in the Linux kernel\u2019s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-0160",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-0160",
@@ -80383,10 +80384,12 @@
}
},
"CVE-2023-1192": {
- "affected_versions": "v5.15-rc1 to unk",
+ "affected_versions": "v5.15-rc1 to v6.4-rc1",
"breaks": "a848c4f15ab6d5d405dbee7de5da71839b2bf35e",
- "fixes": "",
- "last_modified": "2023-03-09",
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
+ "fixes": "98bea253aa28ad8be2ce565a9ca21beb4a9419e5",
+ "last_affected_version": "6.3.3",
+ "last_modified": "2023-07-19",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1192",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-1192",
@@ -80455,8 +80458,20 @@
"CVE-2023-1206": {
"affected_versions": "unk to unk",
"breaks": "",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Adjacent",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.7
+ },
"fixes": "",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1206",
@@ -80558,9 +80573,21 @@
"affected_versions": "v5.6-rc1 to v5.12-rc1-dontuse",
"breaks": "b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb",
"cmt_msg": "io_uring: get rid of intermediate IORING_OP_CLOSE stage",
+ "cvss3": {
+ "Attack Complexity": "High",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.0
+ },
"fixes": "9eac1904d3364254d622bf2c771c4f85cd435fc2",
"last_affected_version": "5.11.5",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1295",
@@ -81440,6 +81467,23 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-2124"
}
},
+ "CVE-2023-21255": {
+ "affected_versions": "v5.16-rc1 to v6.4-rc4",
+ "breaks": "32e9f56a96d8d0f23cb2aeb2a3cd18d40393e787",
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup",
+ "fixes": "bdc1c5fac982845a58d28690cdb56db8c88a530d",
+ "last_affected_version": "6.3.4",
+ "last_modified": "2023-07-19",
+ "nvd_text": "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-21255",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-21255",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-21255",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-21255",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-21255",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-21255"
+ }
+ },
"CVE-2023-2156": {
"affected_versions": "v5.7-rc1 to v6.3",
"breaks": "8610c7c6e3bd647ff98d21c8bc0580e77bc2f8b3",
@@ -81499,12 +81543,12 @@
}
},
"CVE-2023-2163": {
- "affected_versions": "unk to v6.3",
- "breaks": "",
+ "affected_versions": "v5.3-rc1 to v6.3",
+ "breaks": "b5dc0163d8fd78e64a7e21f309cf932fda34353e",
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints",
"fixes": "71b547f561247897a0a14f3082730156c0533fed",
"last_affected_version": "6.2",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2163",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-2163",
@@ -82731,8 +82775,9 @@
}
},
"CVE-2023-2898": {
- "affected_versions": "unk to unk",
- "breaks": "",
+ "affected_versions": "v5.8-rc1 to v6.5-rc1",
+ "breaks": "b4b10061ef98c583bcf82a4200703fbaa98c18dc",
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()",
"cvss3": {
"Attack Complexity": "High",
"Attack Vector": "Local",
@@ -82745,8 +82790,8 @@
"raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"score": 4.7
},
- "fixes": "",
- "last_modified": "2023-06-04",
+ "fixes": "d8189834d4348ae608083e1f1f53792cfcc2a9bc",
+ "last_modified": "2023-07-19",
"nvd_text": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2898",
@@ -82906,9 +82951,21 @@
"affected_versions": "v3.19-rc1 to v6.4-rc2",
"breaks": "2ad7bf3638411cb547f2823df08166c13ab04269",
"cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "90cbed5247439a966b645b34eb0a2e037836ea8e",
"last_affected_version": "6.3.3",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if\u00a0CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.\n\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3090",
@@ -82919,6 +82976,39 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-3090"
}
},
+ "CVE-2023-3106": {
+ "affected_versions": "v3.15-rc1 to v4.8-rc7",
+ "breaks": "d3623099d3509fa68fa28235366049dd3156c63a",
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler",
+ "fixes": "1ba5bf993c6a3142e18e68ea6452b347f9cb5635",
+ "last_affected_version": "4.4.222",
+ "last_modified": "2023-07-19",
+ "nvd_text": "A NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3106",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3106",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3106",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3106",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-3106",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-3106"
+ }
+ },
+ "CVE-2023-3108": {
+ "backport": true,
+ "breaks": "1d10eb2f156f5fc83cf6c7ce60441592e66eadb3",
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter",
+ "fixes": "9399f0c51489ae8c16d6559b82a452fdc1895e91",
+ "last_modified": "2023-07-19",
+ "nvd_text": "A flaw was found in the subsequent get_user_pages_fast in the Linux kernel\u2019s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3108",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3108",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3108",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3108",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-3108",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-3108"
+ }
+ },
"CVE-2023-31081": {
"affected_versions": "unk to unk",
"breaks": "",
@@ -83086,10 +83176,23 @@
}
},
"CVE-2023-31248": {
- "affected_versions": "unk to unk",
- "breaks": "",
- "fixes": "",
- "last_modified": "2023-07-06",
+ "affected_versions": "v5.9-rc1 to v6.5-rc2",
+ "breaks": "837830a4b439bfeb86c70b0115c280377c84714b",
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "fixes": "515ad530795c118f012539ed76d02bacfd426d89",
+ "last_modified": "2023-07-19",
"nvd_text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-31248",
@@ -83303,13 +83406,58 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-32233"
}
},
+ "CVE-2023-32247": {
+ "affected_versions": "v2.6.12-rc2 to v6.4-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "ksmbd: destroy expired sessions",
+ "fixes": "ea174a91893956450510945a0c5d1a10b5323656",
+ "last_affected_version": "6.3.1",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32247",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-32247",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-32247",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-32247",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-32247",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-32247"
+ }
+ },
+ "CVE-2023-32248": {
+ "affected_versions": "v2.6.12-rc2 to v6.4-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()",
+ "fixes": "3ac00a2ab69b34189942afa9e862d5170cdcb018",
+ "last_affected_version": "6.3.1",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32248",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-32248",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-32248",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-32248",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-32248",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-32248"
+ }
+ },
"CVE-2023-32250": {
"affected_versions": "v2.6.12-rc2 to v6.4-rc1",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cvss3": {
+ "Attack Complexity": "High",
+ "Attack Vector": "Network",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "score": 8.1
+ },
"fixes": "f5c779b7ddbda30866cf2a27c63e34158f858c73",
"last_affected_version": "6.3.1",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
+ "nvd_text": "A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32250",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-32250",
@@ -83319,13 +83467,42 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-32250"
}
},
+ "CVE-2023-32252": {
+ "affected_versions": "v2.6.12-rc2 to v6.4-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "fixes": "f5c779b7ddbda30866cf2a27c63e34158f858c73",
+ "last_affected_version": "6.3.1",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32252",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-32252",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-32252",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-32252",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-32252",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-32252"
+ }
+ },
"CVE-2023-32254": {
"affected_versions": "v2.6.12-rc2 to v6.4-rc1",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect",
+ "cvss3": {
+ "Attack Complexity": "High",
+ "Attack Vector": "Network",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "score": 8.1
+ },
"fixes": "30210947a343b6b3ca13adc9bfc88e1543e16dd5",
"last_affected_version": "6.3.1",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
+ "nvd_text": "A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32254",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-32254",
@@ -83335,6 +83512,38 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-32254"
}
},
+ "CVE-2023-32257": {
+ "affected_versions": "v2.6.12-rc2 to v6.4-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "fixes": "f5c779b7ddbda30866cf2a27c63e34158f858c73",
+ "last_affected_version": "6.3.1",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32257",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-32257",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-32257",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-32257",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-32257",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-32257"
+ }
+ },
+ "CVE-2023-32258": {
+ "affected_versions": "v2.6.12-rc2 to v6.4-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel",
+ "fixes": "abcc506a9a71976a8b4c9bf3ee6efd13229c1e19",
+ "last_affected_version": "6.3.1",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32258",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-32258",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-32258",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-32258",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-32258",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-32258"
+ }
+ },
"CVE-2023-32269": {
"affected_versions": "v2.6.12-rc2 to v6.2-rc7",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
@@ -83394,13 +83603,14 @@
}
},
"CVE-2023-3269": {
- "affected_versions": "unk to unk",
- "breaks": "",
+ "affected_versions": "v6.1-rc1 to v6.5-rc1",
+ "breaks": "54a611b605901c7d5d05b6b8f5d04a6ceb0962aa",
"cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper",
"fixes": "c2508ec5a58db67093f4fb8bf89a9a7c53a109e9",
"last_affected_version": "6.3.10",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"name": "StackRot",
+ "nvd_text": "A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3269",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-3269",
@@ -83554,12 +83764,24 @@
}
},
"CVE-2023-3338": {
- "affected_versions": "unk to v6.1-rc1",
- "breaks": "",
+ "affected_versions": "v2.6.12-rc2 to v6.1-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "Remove DECnet support from kernel",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Network",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "score": 7.5
+ },
"fixes": "1202cdd665315c525b5237e96e0bedc76d7e754f",
"last_affected_version": "5.15.117",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3338",
@@ -83571,12 +83793,24 @@
}
},
"CVE-2023-3355": {
- "affected_versions": "unk to v6.3-rc1",
- "breaks": "",
+ "affected_versions": "v5.11-rc1 to v6.3-rc1",
+ "breaks": "20224d715a882210428ea62bba93f1bc4a0afe23",
"cmt_msg": "drm/msm/gem: Add check for kmalloc",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
"fixes": "d839f0811a31322c087a859c2b181e2383daa7be",
"last_affected_version": "6.2.2",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
"nvd_text": "A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local user to crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3355",
@@ -83591,9 +83825,21 @@
"affected_versions": "v5.11-rc1 to v6.2-rc1",
"breaks": "4b2c53d93a4bc9d52cc0ec354629cfc9dc217f93",
"cmt_msg": "HID: amd_sfh: Add missing check for dma_alloc_coherent",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
"fixes": "53ffa6a9f83b2170c60591da1ead8791d5a42e81",
"last_affected_version": "6.1.1",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
"nvd_text": "A NULL pointer dereference flaw was found in the Linux kernel AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3357",
@@ -83608,9 +83854,21 @@
"affected_versions": "v4.9-rc1 to v6.2-rc5",
"breaks": "3703f53b99e4a7c373ce3568dd3f91f175ebb626",
"cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
"fixes": "b3d40c3ec3dc4ad78017de6c3a38979f57aaaab8",
"last_affected_version": "6.1.8",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
"nvd_text": "A null pointer dereference was found in the Linux kernel's Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3358",
@@ -83625,9 +83883,21 @@
"affected_versions": "v5.18-rc1 to v6.2-rc7",
"breaks": "6e977eaa8280e957b87904b536661550f2a6b3e8",
"cmt_msg": "nvmem: brcm_nvram: Add check for kzalloc",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
"fixes": "b0576ade3aaf24b376ea1a4406ae138e2a22b0c0",
"last_affected_version": "6.1.10",
- "last_modified": "2023-06-30",
+ "last_modified": "2023-07-19",
"nvd_text": "An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3359",
@@ -83642,8 +83912,20 @@
"affected_versions": "v5.1-rc1 to v6.0-rc1",
"breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e",
"cmt_msg": "io_uring: mutex locked poll hashing",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "9ca9fb24d5febccea354089c41f96a8ad0d853f8",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.\n\nRacing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\n\nWe recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and\u00a00e388fce7aec40992eadee654193cad345d62663 for 5.15 stable).\n\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3389",
@@ -83658,9 +83940,21 @@
"affected_versions": "v3.16-rc1 to v6.4-rc7",
"breaks": "958bee14d0718ca7a5002c0f48a099d1d345812a",
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "1240eb93f0616b21c675416516ff3d74798fdc97",
"last_affected_version": "6.3.8",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit\u00a01240eb93f0616b21c675416516ff3d74798fdc97.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3390",
@@ -83768,9 +84062,21 @@
"affected_versions": "v5.15-rc1 to v5.18-rc5",
"breaks": "583be982d93479ea3d85091b0fd0b01201ede87d",
"cmt_msg": "mctp: defer the kfree of object mdev->addrs",
+ "cvss3": {
+ "Attack Complexity": "High",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 4.7
+ },
"fixes": "b561275d633bcd8e0e8055ab86f1a13df75a0269",
"last_affected_version": "5.17.5",
- "last_modified": "2023-07-06",
+ "last_modified": "2023-07-19",
"nvd_text": "A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3439",
@@ -83782,10 +84088,23 @@
}
},
"CVE-2023-35001": {
- "affected_versions": "unk to unk",
- "breaks": "",
- "fixes": "",
- "last_modified": "2023-07-06",
+ "affected_versions": "v3.13-rc1 to v6.5-rc2",
+ "breaks": "96518518cc417bb0a8c80b9fb736202e28acdf96",
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "fixes": "caf3ef7468f7534771b5c44cd8dbd6f7f87c2cbd",
+ "last_modified": "2023-07-19",
"nvd_text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-35001",
@@ -83796,6 +84115,37 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-35001"
}
},
+ "CVE-2023-3567": {
+ "affected_versions": "v2.6.38-rc3 to v6.2-rc7",
+ "breaks": "ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff",
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "fixes": "226fae124b2dac217ea5436060d623ff3385bc34",
+ "last_affected_version": "6.1.10",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3567",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3567",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3567",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-3567",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-3567"
+ }
+ },
+ "CVE-2023-35693": {
+ "affected_versions": "unk to unk",
+ "breaks": "",
+ "fixes": "",
+ "last_modified": "2023-07-19",
+ "nvd_text": "In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.\n\n",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-35693",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-35693",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-35693",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-35693",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-35693",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-35693"
+ }
+ },
"CVE-2023-35788": {
"affected_versions": "v4.19-rc1 to v6.4-rc5",
"breaks": "0a6e77784f490912d81b92cfd48424541c04691e",
@@ -83996,5 +84346,209 @@
"SUSE": "https://www.suse.com/security/cve/CVE-2023-35829",
"Ubuntu": "https://ubuntu.com/security/CVE-2023-35829"
}
+ },
+ "CVE-2023-3640": {
+ "affected_versions": "unk to unk",
+ "breaks": "",
+ "fixes": "",
+ "last_modified": "2023-07-19",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3640",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-3640",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-3640",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-3640",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-3640",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-3640"
+ }
+ },
+ "CVE-2023-37453": {
+ "affected_versions": "unk to unk",
+ "breaks": "",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Physical",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "score": 4.6
+ },
+ "fixes": "",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-37453",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-37453",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-37453",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-37453",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-37453",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-37453"
+ }
+ },
+ "CVE-2023-37454": {
+ "affected_versions": "unk to unk",
+ "breaks": "",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
+ "fixes": "",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-37454",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-37454",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-37454",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-37454",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-37454",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-37454"
+ }
+ },
+ "CVE-2023-38409": {
+ "affected_versions": "v5.19-rc1 to v6.3-rc7",
+ "breaks": "d443d93864726ad68c0a741d1e7b03934a9af143",
+ "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!",
+ "fixes": "fffb0b52d5258554c645c966c6cbef7de50b851d",
+ "last_affected_version": "6.2.11",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info).",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38409",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38409",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38409",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38409",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38409"
+ }
+ },
+ "CVE-2023-38426": {
+ "affected_versions": "unk to v6.4-rc3",
+ "breaks": "",
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals",
+ "fixes": "02f76c401d17e409ed45bf7887148fcc22c93c85",
+ "last_affected_version": "6.3.3",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38426",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38426",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38426",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38426",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38426",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38426"
+ }
+ },
+ "CVE-2023-38427": {
+ "affected_versions": "unk to v6.4-rc6",
+ "breaks": "",
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()",
+ "fixes": "f1a411873c85b642f13b01f21b534c2bab81fc1b",
+ "last_affected_version": "6.3.7",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38427",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38427",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38427",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38427",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38427",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38427"
+ }
+ },
+ "CVE-2023-38428": {
+ "affected_versions": "unk to v6.4-rc3",
+ "breaks": "",
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user",
+ "fixes": "f0a96d1aafd8964e1f9955c830a3e5cb3c60a90f",
+ "last_affected_version": "6.3.3",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38428",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38428",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38428",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38428",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38428",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38428"
+ }
+ },
+ "CVE-2023-38429": {
+ "affected_versions": "unk to v6.4-rc3",
+ "breaks": "",
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]",
+ "fixes": "443d61d1fa9faa60ef925513d83742902390100f",
+ "last_affected_version": "6.3.3",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38429",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38429",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38429",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38429",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38429",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38429"
+ }
+ },
+ "CVE-2023-38430": {
+ "affected_versions": "unk to v6.4-rc6",
+ "breaks": "",
+ "cmt_msg": "ksmbd: validate smb request protocol id",
+ "fixes": "1c1bcf2d3ea061613119b534f57507c377df20f9",
+ "last_affected_version": "6.3.8",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38430",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38430",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38430",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38430",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38430",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38430"
+ }
+ },
+ "CVE-2023-38431": {
+ "affected_versions": "unk to v6.4-rc6",
+ "breaks": "",
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop",
+ "fixes": "368ba06881c395f1c9a7ba22203cf8d78b4addc0",
+ "last_affected_version": "6.3.7",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38431",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38431",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38431",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38431",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38431",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38431"
+ }
+ },
+ "CVE-2023-38432": {
+ "affected_versions": "unk to v6.4",
+ "breaks": "",
+ "cmt_msg": "ksmbd: validate command payload size",
+ "fixes": "2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d",
+ "last_affected_version": "6.3.9",
+ "last_modified": "2023-07-19",
+ "nvd_text": "An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-38432",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-38432",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-38432",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-38432",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-38432",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-38432"
+ }
}
}
\ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json
index 41f8f79..70e04b5 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -640,6 +640,12 @@
"cmt_id": "0efba8d124de904db7766645561a6f39c501f2c1"
}
},
+ "3.18.42": {
+ "CVE-2015-8966": {
+ "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()",
+ "cmt_id": "db9e37a1c5f21cec095da9ed53a2c0cbeeb24ee6"
+ }
+ },
"3.18.43": {
"CVE-2016-9178": {
"cmt_msg": "fix minor infoleak in get_user_ex()",
@@ -1910,6 +1916,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -2063,9 +2072,6 @@
"CVE-2022-3522": {
"cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -2111,6 +2117,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -2321,6 +2330,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -2369,6 +2381,12 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35824": {
"cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
},
@@ -2381,6 +2399,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2019-13631": {
"cmt_msg": "Input: gtco - bounds check collection indent level"
},
@@ -2408,6 +2429,9 @@
"CVE-2022-29901": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-3108": {
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter"
+ },
"CVE-2019-19227": {
"cmt_msg": "appletalk: Fix potential NULL pointer dereference in unregister_snap_client"
},
@@ -2453,6 +2477,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -2577,7 +2604,7 @@
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2021-38208": {
"cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect"
@@ -3050,9 +3077,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -3149,6 +3182,9 @@
"CVE-2020-26139": {
"cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2015-2041": {
"cmt_msg": "net: llc: use correct size for sysctl timeout entries"
},
@@ -3212,6 +3248,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -3239,15 +3278,18 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -3566,9 +3608,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -3620,6 +3659,9 @@
"CVE-2017-5967": {
"cmt_msg": "time: Remove CONFIG_TIMER_STATS"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -3683,6 +3725,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
@@ -3692,6 +3737,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -3947,21 +3995,18 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -4250,15 +4295,15 @@
"CVE-2022-1199": {
"cmt_msg": "ax25: Fix NULL pointer dereference in ax25_kill_by_device"
},
- "CVE-2015-8966": {
- "cmt_msg": "[PATCH] arm: fix handling of F_OFD_... in oabi_fcntl64()"
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -4598,6 +4643,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -4811,6 +4859,9 @@
"CVE-2022-3202": {
"cmt_msg": "jfs: prevent NULL deref in diFree"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2018-3646": {
"cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled"
},
@@ -4829,6 +4880,9 @@
"CVE-2021-28711": {
"cmt_msg": "xen/blkfront: harden blkfront against event channel storms"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -5072,6 +5126,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -5249,6 +5306,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -5618,6 +5678,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2019-3892": {
"cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping"
},
@@ -5897,9 +5960,6 @@
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2018-10853": {
"cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access"
},
@@ -6050,9 +6110,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2017-8890": {
"cmt_msg": "dccp/tcp: do not inherit mc_list from parent"
},
@@ -6086,6 +6152,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -6159,7 +6228,7 @@
"cmt_msg": "x86: Deprecate a.out support"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -6305,9 +6374,6 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -6317,6 +6383,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -6773,9 +6845,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -6860,6 +6929,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
@@ -6929,6 +7001,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -7001,6 +7076,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -7277,9 +7355,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -7292,12 +7367,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -7694,6 +7769,9 @@
"CVE-2017-7558": {
"cmt_msg": "sctp: Avoid out-of-bounds reads from address storage"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -7730,6 +7808,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -8136,6 +8217,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -8370,6 +8454,9 @@
"CVE-2021-28711": {
"cmt_msg": "xen/blkfront: harden blkfront against event channel storms"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -8619,6 +8706,9 @@
"CVE-2017-0861": {
"cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -8670,6 +8760,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -8772,6 +8865,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -8871,6 +8967,9 @@
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2020-8832": {
"cmt_msg": "drm/i915: Record the default hw state after reset upon load"
},
@@ -8910,8 +9009,8 @@
"CVE-2019-2215": {
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -9486,6 +9585,9 @@
"CVE-2022-23036": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2022-2153": {
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()"
},
@@ -9501,9 +9603,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -9528,6 +9636,9 @@
"CVE-2019-19543": {
"cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -9591,6 +9702,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
},
@@ -9720,9 +9834,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -9735,6 +9846,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -10161,9 +10275,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -10236,6 +10347,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -10302,6 +10416,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-29569": {
"cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()"
},
@@ -10365,6 +10482,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -10635,9 +10755,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -10650,12 +10767,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -10812,9 +10929,6 @@
"CVE-2018-11506": {
"cmt_msg": "sr: pass down correctly sized SCSI sense buffer"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -11028,6 +11142,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -11338,6 +11455,9 @@
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -11566,6 +11686,9 @@
"CVE-2021-28711": {
"cmt_msg": "xen/blkfront: harden blkfront against event channel storms"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -11815,6 +11938,9 @@
"CVE-2017-0861": {
"cmt_msg": "ALSA: pcm: prevent UAF in snd_pcm_info"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -11983,6 +12109,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -12085,6 +12214,9 @@
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2017-16526": {
"cmt_msg": "uwb: properly check kthread_run return value"
},
@@ -12127,8 +12259,8 @@
"CVE-2019-2215": {
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -12349,6 +12481,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-0492": {
"cmt_msg": "cgroup-v1: Require capabilities to set release_agent"
},
@@ -12754,9 +12889,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-4662": {
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
@@ -12781,6 +12922,9 @@
"CVE-2019-19543": {
"cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -12850,6 +12994,9 @@
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
},
@@ -12991,9 +13138,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -13003,6 +13147,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -13447,9 +13597,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -13525,6 +13672,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -13591,6 +13741,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -13660,6 +13813,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -13933,9 +14089,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -13948,12 +14101,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -14122,9 +14275,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -14341,6 +14491,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -14665,6 +14818,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -15127,6 +15283,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -15178,6 +15337,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -15235,6 +15397,9 @@
"CVE-2018-20511": {
"cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -15271,6 +15436,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -15373,6 +15541,9 @@
"CVE-2022-1974": {
"cmt_msg": "nfc: replace improper check device_is_registered() in netlink related functions"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2020-8832": {
"cmt_msg": "drm/i915: Record the default hw state after reset upon load"
},
@@ -15409,8 +15580,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -15844,9 +16015,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2018-10853": {
"cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access"
},
@@ -15958,6 +16126,9 @@
"CVE-2022-23036": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2022-2153": {
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()"
},
@@ -15970,9 +16141,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -15997,6 +16174,9 @@
"CVE-2019-19543": {
"cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -16063,6 +16243,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
},
@@ -16180,9 +16363,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -16195,6 +16375,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -16594,9 +16777,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -16666,6 +16846,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -16681,9 +16864,6 @@
"CVE-2018-20976": {
"cmt_msg": "xfs: clear sb->s_fs_info on mount failure"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2018-10840": {
"cmt_msg": "ext4: correctly handle a zero-length xattr with a non-zero e_value_offs"
},
@@ -16747,6 +16927,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
@@ -16807,6 +16990,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -17080,12 +17266,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -17419,6 +17605,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -21436,6 +21625,9 @@
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -21469,9 +21661,18 @@
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -21571,9 +21772,6 @@
"CVE-2008-2544": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -21619,15 +21817,15 @@
"CVE-2022-1247": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2020-26145": {
"cmt_msg": "ath10k: drop fragments with multicast DA for PCIe"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-29901": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
@@ -21643,9 +21841,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-1076": {
"cmt_msg": "tun: tun_chr_open(): correctly initialize socket uid"
},
@@ -21655,6 +21850,9 @@
"CVE-2017-9986": {
"cmt_msg": "sound: Retire OSS"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2021-34556": {
"cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4"
},
@@ -21667,6 +21865,9 @@
"CVE-2022-2991": {
"cmt_msg": "remove the lightnvm subsystem"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -21718,9 +21919,6 @@
"CVE-2022-27672": {
"cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2005-3660": {
"cmt_msg": ""
},
@@ -21766,6 +21964,9 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2008-4609": {
"cmt_msg": ""
},
@@ -21820,9 +22021,15 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -21832,9 +22039,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -21871,6 +22075,9 @@
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-17977": {
"cmt_msg": ""
},
@@ -21898,6 +22105,12 @@
"CVE-2022-21385": {
"cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -21907,9 +22120,15 @@
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
@@ -21988,6 +22207,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2018-20449": {
"cmt_msg": "printk: hash addresses printed with %p"
},
@@ -22058,10 +22280,13 @@
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
+ },
+ "CVE-2023-3640": {
+ "cmt_msg": ""
}
}
},
@@ -22254,6 +22479,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -22524,6 +22752,9 @@
"CVE-2018-13097": {
"cmt_msg": "f2fs: fix to do sanity check with user_block_count"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2018-13095": {
"cmt_msg": "xfs: More robust inode extent count validation"
},
@@ -22701,6 +22932,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -22746,6 +22980,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -22800,6 +23037,9 @@
"CVE-2018-20511": {
"cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -22833,6 +23073,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -22920,6 +23163,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -22953,8 +23199,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -23385,9 +23631,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -23505,12 +23748,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -23598,6 +23847,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -23670,6 +23922,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -23700,9 +23955,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -23715,6 +23967,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -24090,9 +24345,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -24159,6 +24411,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -24231,6 +24486,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
@@ -24285,6 +24543,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -24537,21 +24798,18 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -24879,6 +25137,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -25179,6 +25440,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -25638,6 +25902,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -25686,6 +25953,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -25743,6 +26013,9 @@
"CVE-2018-20511": {
"cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -25776,6 +26049,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -25872,6 +26148,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -25905,8 +26184,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -26340,9 +26619,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2018-3620": {
"cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled"
},
@@ -26454,6 +26730,9 @@
"CVE-2022-23036": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2022-2153": {
"cmt_msg": "KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast()"
},
@@ -26466,12 +26745,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -26562,6 +26847,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
},
@@ -26646,6 +26934,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -26676,9 +26967,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -26691,6 +26979,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -27069,9 +27360,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -27138,6 +27426,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -27153,9 +27444,6 @@
"CVE-2018-20976": {
"cmt_msg": "xfs: clear sb->s_fs_info on mount failure"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2021-0342": {
"cmt_msg": "tun: correct header offsets in napi frags mode"
},
@@ -27216,6 +27504,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
@@ -27273,6 +27564,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -27543,12 +27837,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -27879,6 +28173,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -31179,6 +31476,10 @@
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress",
"cmt_id": "6abd4698f4c8a78e7bbfc421205c060c199554a0"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "cmt_id": "6332f52f44b9776568bf3c0b714ddfb0bb175e78"
+ },
"CVE-2023-32269": {
"cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket",
"cmt_id": "2c1984d101978e979783bdb2376eb6eca9f8f627"
@@ -31391,6 +31692,9 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -31436,12 +31740,18 @@
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-24504": {
"cmt_msg": "ice: create scheduler aggregator node config and move VSIs"
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -31532,9 +31842,6 @@
"CVE-2008-2544": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -31562,8 +31869,8 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
},
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
@@ -31586,9 +31893,6 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-1076": {
"cmt_msg": "tun: tun_chr_open(): correctly initialize socket uid"
},
@@ -31607,6 +31911,9 @@
"CVE-2022-2991": {
"cmt_msg": "remove the lightnvm subsystem"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -31646,6 +31953,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -31664,9 +31974,6 @@
"CVE-2022-27672": {
"cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2005-3660": {
"cmt_msg": ""
},
@@ -31754,9 +32061,15 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-45885": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -31766,9 +32079,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -31805,6 +32115,9 @@
"CVE-2022-3566": {
"cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-17977": {
"cmt_msg": ""
},
@@ -31832,6 +32145,12 @@
"CVE-2023-3397": {
"cmt_msg": ""
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -31841,9 +32160,15 @@
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
@@ -31910,12 +32235,18 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-1611": {
"cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls"
},
"CVE-2023-26242": {
"cmt_msg": ""
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -31968,6 +32299,9 @@
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -32145,6 +32479,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -32412,6 +32749,9 @@
"CVE-2018-13097": {
"cmt_msg": "f2fs: fix to do sanity check with user_block_count"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -32589,6 +32929,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -32637,6 +32980,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -32688,6 +33034,9 @@
"CVE-2019-16229": {
"cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
@@ -32721,6 +33070,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -32799,6 +33151,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -32832,8 +33187,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -33261,9 +33616,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -33384,12 +33736,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -33474,6 +33832,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -33543,6 +33904,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -33573,9 +33937,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -33588,6 +33949,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -33948,9 +34312,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -34023,6 +34384,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -34092,6 +34456,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
@@ -34146,6 +34513,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -34383,21 +34753,18 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -34716,6 +35083,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -36363,6 +36733,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -36531,9 +36904,6 @@
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2017-18270": {
"cmt_msg": "KEYS: prevent creating a different user's keyrings"
},
@@ -36570,6 +36940,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -36792,9 +37165,15 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
+ "CVE-2023-3108": {
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -36846,6 +37225,9 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2017-9077": {
"cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent"
},
@@ -36951,6 +37333,9 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -37083,9 +37468,6 @@
"CVE-2019-2215": {
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
- },
"CVE-2021-38208": {
"cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect"
},
@@ -37266,6 +37648,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2019-13648": {
"cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM"
},
@@ -37638,9 +38023,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2017-8890": {
"cmt_msg": "dccp/tcp: do not inherit mc_list from parent"
},
@@ -37671,6 +38062,9 @@
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2022-25375": {
"cmt_msg": "usb: gadget: rndis: check size of RNDIS_MSG_SET command"
},
@@ -37755,6 +38149,9 @@
"CVE-2020-26139": {
"cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2019-10220": {
"cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()"
},
@@ -37872,15 +38269,18 @@
"CVE-2020-0066": {
"cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -38265,9 +38665,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -38337,6 +38734,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -38406,6 +38806,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
@@ -38415,6 +38818,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -38706,9 +39112,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -38721,12 +39124,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -39084,6 +39487,9 @@
"CVE-2019-3837": {
"cmt_msg": "net_dma: simple removal"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -40235,6 +40641,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -40484,6 +40893,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -40718,9 +41130,15 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
+ "CVE-2023-3108": {
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -40781,6 +41199,9 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2017-9077": {
"cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent"
},
@@ -40895,6 +41316,9 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -41037,7 +41461,7 @@
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2021-38208": {
"cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect"
@@ -41234,6 +41658,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2019-13648": {
"cmt_msg": "powerpc/tm: Fix oops on sigreturn on systems without TM"
},
@@ -41642,6 +42069,9 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
@@ -41651,6 +42081,9 @@
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-39636": {
"cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace"
},
@@ -41684,6 +42117,9 @@
"CVE-2022-20166": {
"cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2016-9588": {
"cmt_msg": "kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)"
},
@@ -41900,15 +42336,18 @@
"CVE-2020-0066": {
"cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -42335,9 +42774,6 @@
"CVE-2022-1198": {
"cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -42413,6 +42849,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -42494,6 +42933,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
@@ -42503,6 +42945,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -42566,6 +43011,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -42815,9 +43263,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -42830,12 +43275,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -43004,9 +43449,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -43241,6 +43683,9 @@
"CVE-2019-3837": {
"cmt_msg": "net_dma: simple removal"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -44351,6 +44796,10 @@
"cmt_msg": "Bluetooth: Fix potential NULL dereference in RFCOMM bind callback",
"cmt_id": "8c996f7322f988a074896c135f90d6c4c6d173ab"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler",
+ "cmt_id": "2dcb72918e387fd1d0af40c1c351822bfe1acf63"
+ },
"CVE-2016-3857": {
"cmt_msg": "arm: oabi compat: add missing access checks",
"cmt_id": "7e7aaf7b1bf53b5b0abd380efe7fc430bc8a590d"
@@ -46233,9 +46682,6 @@
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -46404,6 +46850,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -46443,6 +46892,12 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35824": {
"cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
},
@@ -46467,12 +46922,18 @@
"CVE-2022-29901": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-3108": {
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
"CVE-2018-9465": {
"cmt_msg": "binder: fix proc->files use-after-free"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2020-15437": {
"cmt_msg": "serial: 8250: fix null-ptr-deref in serial8250_start_tx()"
},
@@ -46497,6 +46958,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -46585,7 +47049,7 @@
"cmt_msg": ""
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2021-38208": {
"cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect"
@@ -46776,6 +47240,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -46971,6 +47438,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -47034,6 +47510,9 @@
"CVE-2020-26139": {
"cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2019-10220": {
"cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()"
},
@@ -47055,6 +47534,9 @@
"CVE-2020-28374": {
"cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -47073,15 +47555,18 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -47316,9 +47801,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -47406,9 +47888,15 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -47601,21 +48089,18 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -47871,6 +48356,9 @@
"CVE-2019-3837": {
"cmt_msg": "net_dma: simple removal"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -50117,6 +50605,9 @@
"CVE-2020-36322": {
"cmt_msg": "fuse: fix bad inode"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -50258,9 +50749,6 @@
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-3460": {
"cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt"
},
@@ -50285,6 +50773,9 @@
"CVE-2019-11477": {
"cmt_msg": "tcp: limit payload size of sacked skbs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -50345,6 +50836,9 @@
"CVE-2018-13093": {
"cmt_msg": "xfs: validate cached inodes are free when allocated"
},
+ "CVE-2023-3108": {
+ "cmt_msg": "crypto: fix af_alg_make_sg() conversion to iov_iter"
+ },
"CVE-2018-13094": {
"cmt_msg": "xfs: don't call xfs_da_shrink_inode with NULL bp"
},
@@ -50492,6 +50986,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -50537,6 +51034,12 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35824": {
"cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
},
@@ -50621,6 +51124,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -50720,9 +51226,6 @@
"CVE-2019-2215": {
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
- },
"CVE-2019-2213": {
"cmt_msg": "binder: fix possible UAF when freeing buffer"
},
@@ -51137,6 +51640,9 @@
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2019-15292": {
"cmt_msg": "appletalk: Fix use-after-free in atalk_proc_exit"
},
@@ -51221,6 +51727,9 @@
"CVE-2020-26139": {
"cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2019-10220": {
"cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()"
},
@@ -51272,12 +51781,18 @@
"CVE-2022-0168": {
"cmt_msg": "cifs: fix NULL ptr dereference in smb2_ioctl_query_info()"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2019-9213": {
"cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()"
},
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -51305,15 +51820,18 @@
"CVE-2020-0066": {
"cmt_msg": "netlink: Trim skb to alloc size to avoid MSG_TRUNC"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -51611,9 +52129,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -51680,6 +52195,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -51749,12 +52267,18 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-33740": {
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2012-6712": {
"cmt_msg": "iwlwifi: Sanity check for sta_id"
},
@@ -51989,9 +52513,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -52004,8 +52525,8 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
+ "CVE-2023-35693": {
+ "cmt_msg": ""
},
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
@@ -52295,6 +52816,9 @@
"CVE-2019-3837": {
"cmt_msg": "net_dma: simple removal"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2014-8171": {
"cmt_msg": "mm: memcg: do not trap chargers with full callstack on OOM"
},
@@ -52586,6 +53110,10 @@
}
},
"6.2.12": {
+ "CVE-2023-38409": {
+ "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!",
+ "cmt_id": "62055fa6fbf8f1f1457f5d6a7d17ce1a45972613"
+ },
"CVE-2023-1859": {
"cmt_msg": "9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition",
"cmt_id": "e7dcd834af53c79418ca3cd1c42749a314b9f7dc"
@@ -52656,6 +53184,10 @@
"cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
"cmt_id": "243093d536fe3cc78b450f1beb8d584505ea3193"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()",
+ "cmt_id": "b35f6c031b87d9e51f141ff6de0ea59756a8e313"
+ },
"CVE-2023-35826": {
"cmt_msg": "media: cedrus: fix use after free bug in cedrus_remove due to race condition",
"cmt_id": "a858e35c62966761cc2bed2e4123cf68d7df546c"
@@ -52666,13 +53198,29 @@
}
},
"6.2.16": {
- "CVE-2023-34256": {
- "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum",
- "cmt_id": "c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel",
+ "cmt_id": "de428966b40c8b8abe35592ded2e9f4d366ffc38"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f"
},
"CVE-2023-32250": {
"cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
"cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f"
+ },
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions",
+ "cmt_id": "750a2d772e9d9ff377fd32e3b6797bf2cd847a7a"
+ },
+ "CVE-2023-34256": {
+ "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum",
+ "cmt_id": "c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f"
}
},
"outstanding": {
@@ -52697,6 +53245,9 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -52706,6 +53257,18 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -52727,6 +53290,9 @@
"CVE-2022-2209": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2021-26934": {
"cmt_msg": ""
},
@@ -52749,7 +53315,10 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
+ },
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
},
"CVE-2019-15239": {
"cmt_msg": "unknown"
@@ -52809,7 +53378,7 @@
"cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2005-3660": {
"cmt_msg": ""
@@ -52862,9 +53431,15 @@
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35827": {
"cmt_msg": ""
},
@@ -52883,6 +53458,9 @@
"CVE-2023-3212": {
"cmt_msg": "gfs2: Don't deref jdesc in evict"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2018-17977": {
"cmt_msg": ""
},
@@ -52907,6 +53485,9 @@
"CVE-2023-33250": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -52953,7 +53534,7 @@
"cmt_msg": ""
},
"CVE-2023-1192": {
- "cmt_msg": ""
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2019-16089": {
"cmt_msg": ""
@@ -52989,6 +53570,9 @@
"cmt_msg": ""
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -53189,14 +53773,6 @@
}
},
"6.1.11": {
- "CVE-2023-32269": {
- "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket",
- "cmt_id": "5c2227f3f17782d5262ee0979ad30609b3e01f6e"
- },
- "CVE-2023-1075": {
- "cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry",
- "cmt_id": "37c0cdf7e4919e5f76381ac60817b67bcbdacb50"
- },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits",
"cmt_id": "5e7f6e2ade57dfd6d133ff7c643abd2079248943"
@@ -53208,6 +53784,18 @@
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress",
"cmt_id": "61e43ebfd243bcbad11be26bd921723027b77441"
+ },
+ "CVE-2023-1075": {
+ "cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry",
+ "cmt_id": "37c0cdf7e4919e5f76381ac60817b67bcbdacb50"
+ },
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "cmt_id": "8506f16aae9daf354e3732bcfd447e2a97f023df"
+ },
+ "CVE-2023-32269": {
+ "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket",
+ "cmt_id": "5c2227f3f17782d5262ee0979ad30609b3e01f6e"
}
},
"6.1.12": {
@@ -53373,6 +53961,10 @@
}
},
"6.1.25": {
+ "CVE-2023-38409": {
+ "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!",
+ "cmt_id": "b15df140fe092c3ac28dab32c6b3acdda1a93c63"
+ },
"CVE-2023-1859": {
"cmt_msg": "9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition",
"cmt_id": "c4002b9d5e837f152a40d1333c56ccb84975147b"
@@ -53435,6 +54027,10 @@
"cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
"cmt_id": "9a94ebc74c3540aba5aa2c7b05032da4610a08c9"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()",
+ "cmt_id": "a70751dd7b60eab025e97e19b6b2477c6eaf2bbb"
+ },
"CVE-2023-35826": {
"cmt_msg": "media: cedrus: fix use after free bug in cedrus_remove due to race condition",
"cmt_id": "2cdc8f729d953143b3bbdc56841bb6800752de7f"
@@ -53445,13 +54041,29 @@
}
},
"6.1.29": {
- "CVE-2023-34256": {
- "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum",
- "cmt_id": "1fffe4750500148f3e744ed77cf233db8342603f"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel",
+ "cmt_id": "4aba9ab6a007e41182454f84f95c0bddf7d6d7e1"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b"
},
"CVE-2023-32250": {
"cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
"cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b"
+ },
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions",
+ "cmt_id": "1fc8a2b14ef5223f8e0b95faba2ee0a6e4d0f99d"
+ },
+ "CVE-2023-34256": {
+ "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum",
+ "cmt_id": "1fffe4750500148f3e744ed77cf233db8342603f"
}
},
"6.1.30": {
@@ -53459,9 +54071,27 @@
"cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
"cmt_id": "610a433810b277b3b77389733c07d22e8af68de2"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]",
+ "cmt_id": "af7335a4b946f9f6f9d98398cbcea15cd9850409"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user",
+ "cmt_id": "40d90ee0275a1bfcd26fa7690adc4330b4227a69"
+ },
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition",
"cmt_id": "9a342d4eb9fb8e52f7d1afe088a79513f3f9a9a5"
+ },
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals",
+ "cmt_id": "75378b03a90d75b1349bb03577ac8465194c883e"
+ }
+ },
+ "6.1.31": {
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup",
+ "cmt_id": "e1e198eff1fbaf56fd8022c4fbbf59c5324ea320"
}
},
"6.1.33": {
@@ -53469,29 +54099,53 @@
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()",
"cmt_id": "eac615ed3c6d91f1196f16f0a0599fff479cb220"
},
- "CVE-2023-34255": {
- "cmt_msg": "xfs: verify buffer contents when we skip log replay",
- "cmt_id": "a2961463d74f5c86a8dda3b41c484c28ccc4c289"
- },
"CVE-2023-2124": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay",
"cmt_id": "a2961463d74f5c86a8dda3b41c484c28ccc4c289"
},
+ "CVE-2023-1192": {
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
+ "cmt_id": "a8eaa9a06addbd9cb0238cb1c729921ecbb6504c"
+ },
"CVE-2023-3212": {
"cmt_msg": "gfs2: Don't deref jdesc in evict",
"cmt_id": "5ae4a618a1558d2b536fdd5d42e53d3e2d73870c"
},
+ "CVE-2023-34255": {
+ "cmt_msg": "xfs: verify buffer contents when we skip log replay",
+ "cmt_id": "a2961463d74f5c86a8dda3b41c484c28ccc4c289"
+ },
"CVE-2022-48425": {
"cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
"cmt_id": "a8eaa9a06addbd9cb0238cb1c729921ecbb6504c"
}
},
+ "6.1.34": {
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop",
+ "cmt_id": "543c12c2644e772caa6880662c2a852cfdc5a10c"
+ },
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()",
+ "cmt_id": "bf12d7fb63b365fb766655cedcb5d5f292b0c35e"
+ }
+ },
"6.1.35": {
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id",
+ "cmt_id": "e01fc7caac9ce9ad76df9f42f7f61ef4bf1d27c9"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE",
"cmt_id": "4aaa3b730d16c13cc3feaa127bfca1af201d969d"
}
},
+ "6.1.36": {
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size",
+ "cmt_id": "9650cf70ec9d94ff34daa088b643229231723c26"
+ }
+ },
"6.1.37": {
"CVE-2023-3269": {
"cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper",
@@ -53535,6 +54189,9 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -53572,7 +54229,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2019-15239": {
"cmt_msg": "unknown"
@@ -53629,7 +54286,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2005-3660": {
"cmt_msg": ""
@@ -53679,9 +54336,15 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-3642": {
"cmt_msg": ""
},
@@ -53760,9 +54423,6 @@
"CVE-2023-1193": {
"cmt_msg": ""
},
- "CVE-2023-1192": {
- "cmt_msg": ""
- },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -53797,6 +54457,9 @@
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -54163,9 +54826,6 @@
"CVE-2022-38457": {
"cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2018-1121": {
"cmt_msg": ""
},
@@ -54190,9 +54850,18 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-1079": {
"cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -54235,6 +54904,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2021-26934": {
"cmt_msg": ""
},
@@ -54247,6 +54919,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -54274,6 +54949,9 @@
"CVE-2023-2483": {
"cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
},
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
+ },
"CVE-2022-2196": {
"cmt_msg": "KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS"
},
@@ -54292,6 +54970,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -54337,6 +55018,9 @@
"CVE-2022-1247": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2022-4842": {
"cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference"
},
@@ -54376,6 +55060,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -54392,7 +55079,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2023-34255": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay"
@@ -54443,7 +55130,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2020-0347": {
"cmt_msg": ""
@@ -54472,6 +55159,12 @@
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2163": {
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
},
@@ -54481,6 +55174,9 @@
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-2235": {
"cmt_msg": "perf: Fix check before add_event_to_groups() in perf_group_detach()"
},
@@ -54505,6 +55201,9 @@
"CVE-2023-3355": {
"cmt_msg": "drm/msm/gem: Add check for kmalloc"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -54571,6 +55270,12 @@
"CVE-2023-35826": {
"cmt_msg": "media: cedrus: fix use after free bug in cedrus_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -54583,6 +55288,9 @@
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-1998": {
"cmt_msg": "x86/speculation: Allow enabling STIBP with legacy IBRS"
},
@@ -54601,6 +55309,9 @@
"CVE-2023-2124": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2022-45888": {
"cmt_msg": "char: xillybus: Prevent use-after-free due to race condition"
},
@@ -54662,7 +55373,7 @@
"cmt_msg": ""
},
"CVE-2023-1192": {
- "cmt_msg": ""
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2019-16089": {
"cmt_msg": ""
@@ -54691,6 +55402,9 @@
"CVE-2023-1989": {
"cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2021-3847": {
"cmt_msg": ""
},
@@ -54709,11 +55423,14 @@
"CVE-2023-23039": {
"cmt_msg": ""
},
+ "CVE-2023-38409": {
+ "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!"
+ },
"CVE-2022-48502": {
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
@@ -54900,6 +55617,9 @@
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -55053,6 +55773,9 @@
"CVE-2021-39685": {
"cmt_msg": "USB: gadget: detect too-big endpoint 0 requests"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2021-43975": {
"cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
},
@@ -55167,6 +55890,9 @@
"CVE-2016-4578": {
"cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -55278,6 +56004,9 @@
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2019-19074": {
"cmt_msg": "ath9k: release allocated buffer if timed out"
},
@@ -55410,6 +56139,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -55509,6 +56241,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2019-10124": {
"cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()"
},
@@ -55596,6 +56331,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -55980,6 +56718,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2016-9555": {
"cmt_msg": "sctp: validate chunk len before actually using it"
},
@@ -56421,6 +57162,9 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
@@ -56430,6 +57174,9 @@
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-39636": {
"cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace"
},
@@ -56466,6 +57213,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -56542,7 +57292,7 @@
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -56703,15 +57453,18 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -57186,9 +57939,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -57372,6 +58122,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
@@ -57450,6 +58203,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -57717,9 +58473,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -57732,12 +58485,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -57921,9 +58674,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -58149,6 +58899,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -58188,6 +58941,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -61063,6 +61819,12 @@
"cmt_id": "92b5848736395f4ea56738895acdd09cdc2a93da"
}
},
+ "4.4.223": {
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler",
+ "cmt_id": "0cbb0084fa2b444b7316a0967a0d93f5ae520216"
+ }
+ },
"4.4.224": {
"CVE-2020-10711": {
"cmt_msg": "netlabel: cope with NULL catmap",
@@ -61983,9 +62745,6 @@
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -62088,6 +62847,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -62118,6 +62880,12 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -62136,6 +62904,9 @@
"CVE-2018-9465": {
"cmt_msg": "binder: fix proc->files use-after-free"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2016-5728": {
"cmt_msg": "misc: mic: Fix for double fetch security bug in VOP driver"
},
@@ -62154,6 +62925,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -62215,7 +62989,7 @@
"cmt_msg": ""
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2017-18232": {
"cmt_msg": "scsi: libsas: direct call probe and destruct"
@@ -62232,9 +63006,6 @@
"CVE-2020-26557": {
"cmt_msg": ""
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -62511,6 +63282,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -62550,9 +63324,15 @@
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2020-26145": {
"cmt_msg": "ath10k: drop fragments with multicast DA for PCIe"
},
@@ -62568,9 +63348,15 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -62589,6 +63375,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2978": {
"cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
@@ -62736,9 +63525,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2021-4218": {
"cmt_msg": "sysctl: pass kernel pointers to ->proc_handler"
},
@@ -62751,6 +63537,9 @@
"CVE-2010-5321": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-21385": {
"cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs"
},
@@ -62796,9 +63585,18 @@
"CVE-2020-36313": {
"cmt_msg": "KVM: Fix out of range accesses to memslots"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-4744": {
"cmt_msg": "tun: avoid double free in tun_free_netdev"
},
@@ -62829,6 +63627,9 @@
"CVE-2022-21499": {
"cmt_msg": "lockdown: also lock down previous kgdb use"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -62928,21 +63729,18 @@
"CVE-2020-0435": {
"cmt_msg": "f2fs: fix to do sanity check with i_extra_isize"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -63279,6 +64077,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -63540,6 +64341,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -63648,6 +64452,9 @@
"CVE-2019-11884": {
"cmt_msg": "Bluetooth: hidp: fix buffer overflow"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2019-19074": {
"cmt_msg": "ath9k: release allocated buffer if timed out"
},
@@ -63768,6 +64575,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -63867,6 +64677,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2019-10124": {
"cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()"
},
@@ -63951,6 +64764,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -64326,6 +65142,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2016-9555": {
"cmt_msg": "sctp: validate chunk len before actually using it"
},
@@ -64755,12 +65574,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2017-8890": {
"cmt_msg": "dccp/tcp: do not inherit mc_list from parent"
},
@@ -64794,6 +65619,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -64870,7 +65698,7 @@
"cmt_msg": "x86: Deprecate a.out support"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -65031,9 +65859,6 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -65043,6 +65868,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -65505,9 +66336,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -65595,6 +66423,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
@@ -65679,6 +66510,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -65754,6 +66588,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -66036,9 +66873,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -66051,12 +66885,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -66237,9 +67071,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -66462,6 +67293,9 @@
"CVE-2017-7558": {
"cmt_msg": "sctp: Avoid out-of-bounds reads from address storage"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -66501,6 +67335,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -66782,6 +67619,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -67046,6 +67886,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -67157,6 +68000,9 @@
"CVE-2021-40490": {
"cmt_msg": "ext4: fix race writing to an inline_data file while its xattrs are changing"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2019-19074": {
"cmt_msg": "ath9k: release allocated buffer if timed out"
},
@@ -67280,6 +68126,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -67379,6 +68228,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2019-10124": {
"cmt_msg": "mm: hwpoison: fix thp split handing in soft_offline_in_use_page()"
},
@@ -67463,6 +68315,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -67835,6 +68690,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2016-9555": {
"cmt_msg": "sctp: validate chunk len before actually using it"
},
@@ -68261,12 +69119,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-39636": {
"cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace"
},
@@ -68303,6 +69167,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -68382,7 +69249,7 @@
"cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -68546,9 +69413,6 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -68558,6 +69422,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -69014,9 +69884,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -69107,6 +69974,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
@@ -69194,6 +70064,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2017-18241": {
"cmt_msg": "f2fs: fix a panic caused by NULL flush_cmd_control"
},
@@ -69269,6 +70142,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -69548,9 +70424,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -69563,12 +70436,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -69752,9 +70625,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -69974,6 +70844,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -70013,6 +70886,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -71481,6 +72357,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -71646,9 +72525,6 @@
"CVE-2022-3522": {
"cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-3460": {
"cmt_msg": "Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt"
},
@@ -71691,6 +72567,9 @@
"CVE-2021-28711": {
"cmt_msg": "xen/blkfront: harden blkfront against event channel storms"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -71904,6 +72783,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -71967,6 +72849,9 @@
"CVE-2017-9076": {
"cmt_msg": "ipv6/dccp: do not inherit ipv6_mc_list from parent"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35824": {
"cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
},
@@ -71982,6 +72867,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2019-13631": {
"cmt_msg": "Input: gtco - bounds check collection indent level"
},
@@ -72051,6 +72939,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -72181,7 +73072,7 @@
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2021-38208": {
"cmt_msg": "nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect"
@@ -72684,12 +73575,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2016-0758": {
"cmt_msg": "KEYS: Fix ASN.1 indefinite length object parsing"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2016-9756": {
"cmt_msg": "KVM: x86: drop error recovery in em_jmp_far and em_ret_far"
},
@@ -72714,6 +73611,9 @@
"CVE-2020-8648": {
"cmt_msg": "vt: selection, close sel_buffer race"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -72888,15 +73788,18 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -73263,9 +74166,6 @@
"CVE-2022-1198": {
"cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -73332,6 +74232,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -73401,6 +74304,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2016-5243": {
"cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump"
},
@@ -73410,6 +74316,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -73464,6 +74373,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -73686,9 +74598,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -73701,12 +74610,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -74055,6 +74964,9 @@
"CVE-2015-8963": {
"cmt_msg": "perf: Fix race in swevent hash"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -74085,6 +74997,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -74576,6 +75491,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -74735,6 +75653,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -74759,6 +75680,15 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -74819,6 +75749,9 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -74885,8 +75818,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -75230,9 +76163,6 @@
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2020-16166": {
"cmt_msg": "random32: update the net random state on interrupt and activity"
},
@@ -75317,12 +76247,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -75377,6 +76313,9 @@
"CVE-2022-44032": {
"cmt_msg": ""
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -75410,6 +76349,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -75428,9 +76370,6 @@
"CVE-2020-15852": {
"cmt_msg": "x86/ioperm: Fix io bitmap invalidation on Xen PV"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -75440,6 +76379,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -75722,9 +76667,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -75776,6 +76718,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -75830,6 +76775,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -75872,6 +76820,9 @@
"CVE-2020-29374": {
"cmt_msg": "gup: document and work around \"COW can break either way\" issue"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -76034,9 +76985,6 @@
"CVE-2021-3506": {
"cmt_msg": "f2fs: fix to avoid out-of-bounds memory access"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -76046,6 +76994,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -76295,6 +77246,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -76576,6 +77530,9 @@
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -76726,6 +77683,9 @@
"CVE-2021-39685": {
"cmt_msg": "USB: gadget: detect too-big endpoint 0 requests"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2021-43975": {
"cmt_msg": "atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait"
},
@@ -76855,6 +77815,9 @@
"CVE-2016-4578": {
"cmt_msg": "ALSA: timer: Fix leak in events via snd_timer_user_ccallback"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -77101,6 +78064,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -77203,6 +78169,9 @@
"CVE-2019-10126": {
"cmt_msg": "mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()"
},
+ "CVE-2023-3106": {
+ "cmt_msg": "xfrm: fix crash in XFRM_MSG_GETSA netlink handler"
+ },
"CVE-2016-2143": {
"cmt_msg": "s390/mm: four page table levels vs. fork"
},
@@ -77290,6 +78259,9 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -77683,6 +78655,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2016-9555": {
"cmt_msg": "sctp: validate chunk len before actually using it"
},
@@ -78145,6 +79120,9 @@
"CVE-2023-0030": {
"cmt_msg": "drm/nouveau/mmu: add more general vmm free/node handling functions"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
@@ -78154,6 +79132,9 @@
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-39636": {
"cmt_msg": "netfilter: x_tables: fix pointer leaks to userspace"
},
@@ -78190,6 +79171,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -78275,7 +79259,7 @@
"cmt_msg": "ovl: setattr: check permissions before copy-up"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -78436,15 +79420,18 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -78934,9 +79921,6 @@
"CVE-2022-1198": {
"cmt_msg": "drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -79123,6 +80107,9 @@
"CVE-2016-4580": {
"cmt_msg": "net: fix a kernel infoleak in x25 module"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2016-5243": {
"cmt_msg": "tipc: fix an infoleak in tipc_nl_compat_link_dump"
},
@@ -79132,6 +80119,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -79198,6 +80188,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -79477,9 +80470,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -79492,12 +80482,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2016-8655": {
"cmt_msg": "packet: fix race condition in packet_set_ring"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -79690,9 +80680,6 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-19332": {
"cmt_msg": "KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)"
},
@@ -79927,6 +80914,9 @@
"CVE-2015-8963": {
"cmt_msg": "perf: Fix race in swevent hash"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -79966,6 +80956,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -80455,6 +81448,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -80614,6 +81610,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -80635,6 +81634,15 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -80686,6 +81694,9 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -80750,7 +81761,7 @@
"cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -81082,9 +82093,6 @@
"CVE-2022-20148": {
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
},
@@ -81169,9 +82177,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -81247,6 +82261,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -81265,9 +82282,6 @@
"CVE-2023-1078": {
"cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -81277,6 +82291,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -81559,9 +82579,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -81610,6 +82627,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -81661,12 +82681,18 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -81709,6 +82735,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -81868,9 +82897,6 @@
"CVE-2021-3506": {
"cmt_msg": "f2fs: fix to avoid out-of-bounds memory access"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -81880,6 +82906,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -82120,6 +83149,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -82602,6 +83634,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -82761,6 +83796,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -82782,12 +83820,21 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
"CVE-2021-28964": {
"cmt_msg": "btrfs: fix race when cloning extent buffer during rewind of an old root"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-1829": {
"cmt_msg": "net/sched: Retire tcindex classifier"
},
@@ -82839,6 +83886,9 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -82900,7 +83950,7 @@
"cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -83073,6 +84123,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -83209,7 +84262,7 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -83292,9 +84345,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -83367,6 +84426,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -83385,9 +84447,6 @@
"CVE-2023-1078": {
"cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -83397,6 +84456,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -83421,6 +84486,9 @@
"CVE-2020-29569": {
"cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2978": {
"cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
@@ -83661,9 +84729,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -83703,6 +84768,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -83760,6 +84828,9 @@
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -83802,6 +84873,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -83955,9 +85029,6 @@
"CVE-2021-3506": {
"cmt_msg": "f2fs: fix to avoid out-of-bounds memory access"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -83967,6 +85038,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -84642,6 +85716,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -84792,6 +85869,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -84813,6 +85893,12 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -84867,6 +85953,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -84928,7 +86017,7 @@
"cmt_msg": "net: ll_temac: Fix TX BD buffer overwrite"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -85104,6 +86193,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -85234,7 +86326,7 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -85317,9 +86409,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -85392,6 +86490,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -85408,7 +86509,7 @@
"cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
@@ -85419,6 +86520,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -85443,6 +86550,9 @@
"CVE-2020-29569": {
"cmt_msg": "xen-blkback: set ring->xenblkd to NULL after kthread_stop()"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2978": {
"cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
@@ -85677,9 +86787,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-15902": {
"cmt_msg": "unknown"
},
@@ -85719,6 +86826,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -85764,9 +86874,15 @@
"CVE-2021-28972": {
"cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -85809,6 +86925,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -85953,9 +87072,6 @@
"CVE-2021-3506": {
"cmt_msg": "f2fs: fix to avoid out-of-bounds memory access"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -85965,6 +87081,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -90223,9 +91342,6 @@
"CVE-2022-20422": {
"cmt_msg": "arm64: fix oops in concurrently setting insn_emulation sysctls"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2018-20854": {
"cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read"
},
@@ -90238,6 +91354,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -90283,12 +91402,18 @@
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26140": {
"cmt_msg": ""
},
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -90325,18 +91450,12 @@
"CVE-2023-3090": {
"cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2019-15222": {
"cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check"
},
"CVE-2019-15223": {
"cmt_msg": "ALSA: line6: Assure canceling delayed work at disconnection"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2017-18552": {
"cmt_msg": "RDS: validate the requested traces user input against max supported"
},
@@ -90382,6 +91501,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -90436,6 +91558,9 @@
"CVE-2019-20908": {
"cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2018-7754": {
"cmt_msg": "printk: hash addresses printed with %p"
},
@@ -90520,6 +91645,9 @@
"CVE-2017-9986": {
"cmt_msg": "sound: Retire OSS"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-1073": {
"cmt_msg": "HID: check empty report_list in hid_validate_values()"
},
@@ -90562,6 +91690,9 @@
"CVE-2021-38300": {
"cmt_msg": "bpf, mips: Validate conditional branch offsets"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
@@ -90619,12 +91750,18 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
"CVE-2023-3358": {
"cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-44033": {
"cmt_msg": ""
},
@@ -90643,9 +91780,6 @@
"CVE-2022-27672": {
"cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2018-12130": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
@@ -90712,6 +91846,12 @@
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2008-4609": {
"cmt_msg": ""
},
@@ -90787,6 +91927,9 @@
"CVE-2018-12126": {
"cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2018-20509": {
"cmt_msg": "binder: refactor binder ref inc/dec for thread safety"
},
@@ -90796,6 +91939,9 @@
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-26545": {
"cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename"
},
@@ -90823,9 +91969,6 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -90871,6 +92014,9 @@
"CVE-2023-23455": {
"cmt_msg": "net: sched: atm: dont intepret cls results when asked to drop"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-17977": {
"cmt_msg": ""
},
@@ -90883,6 +92029,9 @@
"CVE-2010-5321": {
"cmt_msg": ""
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-12930": {
"cmt_msg": ""
},
@@ -90901,6 +92050,9 @@
"CVE-2022-21385": {
"cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2017-5967": {
"cmt_msg": "time: Remove CONFIG_TIMER_STATS"
},
@@ -90922,6 +92074,9 @@
"CVE-2022-4744": {
"cmt_msg": "tun: avoid double free in tun_free_netdev"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1048": {
"cmt_msg": "ALSA: pcm: Fix races among concurrent hw_params and hw_free calls"
},
@@ -91097,7 +92252,7 @@
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2017-16648": {
"cmt_msg": "dvb_frontend: don't use-after-free the frontend struct"
@@ -91256,6 +92411,9 @@
"CVE-2020-35508": {
"cmt_msg": "fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -91457,9 +92615,6 @@
"CVE-2020-15802": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2017-18270": {
"cmt_msg": "KEYS: prevent creating a different user's keyrings"
},
@@ -91484,6 +92639,9 @@
"CVE-2022-3202": {
"cmt_msg": "jfs: prevent NULL deref in diFree"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2018-3646": {
"cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled"
},
@@ -91508,6 +92666,9 @@
"CVE-2017-7895": {
"cmt_msg": "nfsd: stricter decoding of write-like NFSv2/v3 ops"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -91748,6 +92909,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -91934,6 +93098,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2017-6348": {
"cmt_msg": "irda: Fix lockdep annotations in hashbin_delete()."
},
@@ -92306,6 +93473,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2019-3892": {
"cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping"
},
@@ -92732,12 +93902,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2017-7308": {
"cmt_msg": "net/packet: fix overflow in check for priv area size"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2017-8890": {
"cmt_msg": "dccp/tcp: do not inherit mc_list from parent"
},
@@ -92771,6 +93947,9 @@
"CVE-2017-12146": {
"cmt_msg": "driver core: platform: fix race condition with driver_override"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -92844,7 +94023,7 @@
"cmt_msg": "x86: Deprecate a.out support"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
@@ -93002,9 +94181,6 @@
"CVE-2017-18221": {
"cmt_msg": "mlock: fix mlock count can not decrease in race condition"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -93014,6 +94190,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -93473,9 +94655,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-26141": {
"cmt_msg": "ath10k: Fix TKIP Michael MIC verification for PCIe"
},
@@ -93560,6 +94739,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
@@ -93641,6 +94823,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -93716,6 +94901,9 @@
"CVE-2017-1000379": {
"cmt_msg": "mm: larger stack guard gap, between vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2017-1000371": {
"cmt_msg": "binfmt_elf: use ELF_ET_DYN_BASE only for PIE"
},
@@ -94001,9 +95189,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -94016,12 +95201,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2019-15217": {
"cmt_msg": "media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -94418,6 +95603,9 @@
"CVE-2017-7558": {
"cmt_msg": "sctp: Avoid out-of-bounds reads from address storage"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -94457,6 +95645,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -94772,6 +95963,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -95000,6 +96194,9 @@
"CVE-2021-28711": {
"cmt_msg": "xen/blkfront: harden blkfront against event channel storms"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2018-14614": {
"cmt_msg": "f2fs: fix to do sanity check with cp_pack_start_sum"
},
@@ -95246,6 +96443,9 @@
"CVE-2017-11600": {
"cmt_msg": "xfrm: policy: check policy direction value"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -95414,6 +96614,9 @@
"CVE-2020-36386": {
"cmt_msg": "Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -95564,8 +96767,8 @@
"CVE-2019-2215": {
"cmt_msg": "ANDROID: binder: remove waitqueue when thread exits."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -95783,6 +96986,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2019-3892": {
"cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping"
},
@@ -96041,9 +97247,6 @@
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2018-10853": {
"cmt_msg": "kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access"
},
@@ -96185,9 +97388,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-4662": {
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
@@ -96212,6 +97421,9 @@
"CVE-2019-19543": {
"cmt_msg": "media: serial_ir: Fix use-after-free in serial_ir_init_module"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2021-3732": {
"cmt_msg": "ovl: prevent private clone if bind mount is not allowed"
},
@@ -96281,6 +97493,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2018-10323": {
"cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree"
},
@@ -96425,9 +97640,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -96437,6 +97649,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26559": {
"cmt_msg": ""
},
@@ -96902,9 +98120,6 @@
"CVE-2017-7542": {
"cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-9245": {
"cmt_msg": "f2fs: sanity check of xattr entry size"
},
@@ -96980,6 +98195,9 @@
"CVE-2021-0937": {
"cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -97046,6 +98264,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -97115,6 +98336,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-18281": {
"cmt_msg": "mremap: properly flush TLB before releasing the page"
},
@@ -97385,9 +98609,6 @@
"CVE-2020-0433": {
"cmt_msg": "blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -97400,12 +98621,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2020-14331": {
"cmt_msg": "vgacon: Fix for missing check in scrollback handling"
},
@@ -97796,6 +99017,9 @@
"CVE-2017-7558": {
"cmt_msg": "sctp: Avoid out-of-bounds reads from address storage"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2018-16884": {
"cmt_msg": "sunrpc: use-after-free in svc_process_common()"
},
@@ -97832,6 +99056,9 @@
"CVE-2019-15505": {
"cmt_msg": "media: technisat-usb2: break out of loop at end of buffer"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
@@ -98428,6 +99655,9 @@
"CVE-2019-11477": {
"cmt_msg": "tcp: limit payload size of sacked skbs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2019-11479": {
"cmt_msg": "tcp: add tcp_min_snd_mss sysctl"
},
@@ -98647,6 +99877,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -98686,9 +99919,15 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -98767,6 +100006,9 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -98836,6 +100078,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -98869,8 +100114,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -99277,9 +100522,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -99376,12 +100618,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -99460,6 +100708,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -99520,6 +100771,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -99547,9 +100801,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -99562,6 +100813,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-0045": {
"cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
},
@@ -99916,9 +101173,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -99979,6 +101233,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -100048,6 +101305,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -100105,6 +101365,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -100318,9 +101581,6 @@
"CVE-2020-0432": {
"cmt_msg": "staging: most: net: fix buffer overflow"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2020-0431": {
"cmt_msg": "HID: hid-input: clear unmapped usages"
},
@@ -100330,12 +101590,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -100633,6 +101893,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -101183,6 +102446,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -101390,6 +102656,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -101432,9 +102701,15 @@
"CVE-2022-0185": {
"cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -101510,6 +102785,9 @@
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -101579,6 +102857,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -101615,8 +102896,8 @@
"CVE-2019-2214": {
"cmt_msg": "binder: Set end of SG buffer area properly."
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -102014,9 +103295,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -102116,12 +103394,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -102200,6 +103484,9 @@
"CVE-2022-44032": {
"cmt_msg": ""
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -102260,6 +103547,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -102290,9 +103580,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -102302,6 +103589,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-0045": {
"cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
},
@@ -102647,9 +103940,6 @@
"CVE-2019-19527": {
"cmt_msg": "HID: hiddev: do cleanup in failure of opening a device"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -102713,6 +104003,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -102779,6 +104072,9 @@
"CVE-2020-36312": {
"cmt_msg": "KVM: fix memory leak in kvm_io_bus_unregister_dev()"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -102836,6 +104132,9 @@
"CVE-2020-29373": {
"cmt_msg": "io_uring: grab ->fs as part of async preparation"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -103049,9 +104348,6 @@
"CVE-2020-0432": {
"cmt_msg": "staging: most: net: fix buffer overflow"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2020-0431": {
"cmt_msg": "HID: hid-input: clear unmapped usages"
},
@@ -103061,12 +104357,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -103358,6 +104654,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2019-16714": {
"cmt_msg": "net/rds: Fix info leak in rds6_inc_info_copy()"
},
@@ -103915,6 +105214,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -104113,6 +105415,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -104146,9 +105451,15 @@
"CVE-2022-0185": {
"cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -104221,6 +105532,9 @@
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -104281,6 +105595,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -104315,7 +105632,7 @@
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -104695,9 +106012,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -104791,12 +106105,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -104914,6 +106234,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -104944,9 +106267,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -104956,6 +106276,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -105307,9 +106633,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19526": {
"cmt_msg": "NFC: pn533: fix use-after-free and memleaks"
},
@@ -105370,6 +106693,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -105433,12 +106759,18 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -105481,6 +106813,9 @@
"CVE-2020-29373": {
"cmt_msg": "io_uring: grab ->fs as part of async preparation"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -105682,9 +107017,6 @@
"CVE-2020-0432": {
"cmt_msg": "staging: most: net: fix buffer overflow"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2020-0431": {
"cmt_msg": "HID: hid-input: clear unmapped usages"
},
@@ -105694,12 +107026,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -105976,6 +107308,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -106606,6 +107941,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -106627,6 +107965,9 @@
"CVE-2021-42327": {
"cmt_msg": "drm/amdgpu: fix out of bounds write"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -106684,6 +108025,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -106708,6 +108052,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1836": {
"cmt_msg": "floppy: disable FDRAWCMD by default"
},
@@ -106724,7 +108071,7 @@
"cmt_msg": "usb: max-3421: Prevent corruption of freed memory"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -106870,6 +108217,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -106955,7 +108305,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2022-38096": {
"cmt_msg": ""
@@ -106982,7 +108332,7 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -107050,6 +108400,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-2639": {
"cmt_msg": "openvswitch: fix OOB access in reserve_sfa_size()"
},
@@ -107104,9 +108457,15 @@
"CVE-2022-3619": {
"cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -107122,9 +108481,18 @@
"CVE-2023-1872": {
"cmt_msg": "io_uring: propagate issue_flags state down to file assignment"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-1079": {
"cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -107149,6 +108517,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2873": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -107371,6 +108742,9 @@
"CVE-2022-1043": {
"cmt_msg": "io_uring: fix xa_alloc_cycle() error return value check"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -107419,9 +108793,15 @@
"CVE-2022-45884": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -107458,6 +108838,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -107569,9 +108952,6 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -107581,6 +108961,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -108311,6 +109694,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -108332,6 +109718,9 @@
"CVE-2021-42327": {
"cmt_msg": "drm/amdgpu: fix out of bounds write"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -108383,6 +109772,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -108413,6 +109805,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1836": {
"cmt_msg": "floppy: disable FDRAWCMD by default"
},
@@ -108423,7 +109818,7 @@
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -108575,6 +109970,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -108660,7 +110058,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2022-38096": {
"cmt_msg": ""
@@ -108684,7 +110082,7 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -108752,6 +110150,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-0185": {
"cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param"
},
@@ -108794,9 +110195,15 @@
"CVE-2022-3619": {
"cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -108812,9 +110219,18 @@
"CVE-2023-1872": {
"cmt_msg": "io_uring: propagate issue_flags state down to file assignment"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-1079": {
"cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -108839,6 +110255,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2873": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -109064,6 +110483,9 @@
"CVE-2022-0264": {
"cmt_msg": "bpf: Fix kernel address leakage in atomic fetch"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -109109,9 +110531,15 @@
"CVE-2022-45884": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -109145,6 +110573,9 @@
"CVE-2022-47518": {
"cmt_msg": "wifi: wilc1000: validate number of channels"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -109253,9 +110684,6 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -109265,6 +110693,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -111467,6 +112898,10 @@
"cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()",
"cmt_id": "c53f34ec3fbf3e9f67574118a6bb35ae1146f7ca"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "cmt_id": "55515d7d8743b71b80bfe68e89eb9d92630626ab"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits",
"cmt_id": "28d190882ba55cbcee1db8e4ae90c149178dcf64"
@@ -111746,6 +113181,9 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -111776,9 +113214,18 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-24504": {
"cmt_msg": "ice: create scheduler aggregator node config and move VSIs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -111843,7 +113290,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
@@ -111866,8 +113313,8 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
},
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
@@ -111899,6 +113346,9 @@
"CVE-2022-2991": {
"cmt_msg": "remove the lightnvm subsystem"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -111932,6 +113382,9 @@
"CVE-2023-23586": {
"cmt_msg": "io_uring: remove io_identity"
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -111942,7 +113395,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2005-3660": {
"cmt_msg": ""
@@ -112016,9 +113469,15 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -112028,9 +113487,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2011-4917": {
"cmt_msg": ""
},
@@ -112073,12 +113529,24 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-45885": {
"cmt_msg": ""
},
@@ -112121,9 +113589,15 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-26242": {
"cmt_msg": ""
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -112167,6 +113641,9 @@
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -112625,6 +114102,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -112757,6 +114237,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -112781,6 +114264,9 @@
"CVE-2021-42327": {
"cmt_msg": "drm/amdgpu: fix out of bounds write"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -112835,6 +114321,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -112865,6 +114354,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1836": {
"cmt_msg": "floppy: disable FDRAWCMD by default"
},
@@ -112896,7 +114388,7 @@
"cmt_msg": "sunrpc: Avoid a KASAN slab-out-of-bounds bug in xdr_set_page_base()"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -113051,6 +114543,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2248": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -113145,7 +114640,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2023-23586": {
"cmt_msg": "io_uring: remove io_identity"
@@ -113175,7 +114670,7 @@
"cmt_msg": "f2fs: fix UAF in f2fs_available_free_memory"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -113246,6 +114741,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -113306,9 +114804,15 @@
"CVE-2023-28410": {
"cmt_msg": "drm/i915/gem: add missing boundary check in vm_access"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -113336,6 +114840,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -113357,6 +114867,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2873": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -113603,6 +115116,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -113648,9 +115164,15 @@
"CVE-2022-45884": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -113687,6 +115209,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -113801,9 +115326,6 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -113813,6 +115335,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -114604,7 +116129,7 @@
"cmt_msg": "mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
@@ -114732,6 +116257,12 @@
"CVE-2020-26560": {
"cmt_msg": ""
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -114771,6 +116302,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -114792,6 +116326,9 @@
"CVE-2022-34495": {
"cmt_msg": "rpmsg: virtio: Fix possible double free in rpmsg_probe()"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2023-30772": {
"cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition"
},
@@ -114805,7 +116342,7 @@
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2020-26556": {
"cmt_msg": ""
@@ -114979,7 +116516,7 @@
"cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2022-38096": {
"cmt_msg": ""
@@ -115041,6 +116578,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-2308": {
"cmt_msg": "vduse: prevent uninitialized memory accesses"
},
@@ -115057,7 +116597,7 @@
"cmt_msg": ""
},
"CVE-2023-1192": {
- "cmt_msg": ""
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2022-4379": {
"cmt_msg": "NFSD: fix use-after-free in __nfs42_ssc_open()"
@@ -115080,9 +116620,15 @@
"CVE-2022-3619": {
"cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -115098,9 +116644,18 @@
"CVE-2023-1872": {
"cmt_msg": "io_uring: propagate issue_flags state down to file assignment"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-26140": {
"cmt_msg": ""
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -115119,6 +116674,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2873": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -115278,6 +116836,9 @@
"CVE-2010-5321": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -115308,9 +116869,18 @@
"CVE-2018-12928": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -115338,6 +116908,9 @@
"CVE-2022-47518": {
"cmt_msg": "wifi: wilc1000: validate number of channels"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -115419,12 +116992,12 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
+ },
"CVE-2022-2961": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -115434,6 +117007,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2163": {
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
},
@@ -115994,186 +117570,27 @@
}
},
"outstanding": {
- "CVE-2023-0160": {
- "cmt_msg": ""
- },
- "CVE-2020-26556": {
- "cmt_msg": ""
- },
- "CVE-2020-26557": {
- "cmt_msg": ""
- },
- "CVE-2022-43750": {
- "cmt_msg": "usb: mon: make mmapped memory read only"
- },
- "CVE-2019-20794": {
- "cmt_msg": ""
- },
- "CVE-2020-26559": {
- "cmt_msg": ""
- },
"CVE-2020-35501": {
"cmt_msg": ""
},
- "CVE-2022-38457": {
- "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources"
- },
- "CVE-2023-1078": {
- "cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
- },
- "CVE-2022-20422": {
- "cmt_msg": "arm64: fix oops in concurrently setting insn_emulation sysctls"
- },
- "CVE-2022-26365": {
- "cmt_msg": "xen/blkfront: fix leaking data in shared pages"
- },
- "CVE-2023-23454": {
- "cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop"
- },
- "CVE-2022-20421": {
- "cmt_msg": "binder: fix UAF of ref->proc caused by race condition"
- },
- "CVE-2022-3619": {
- "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
- },
- "CVE-2018-1121": {
- "cmt_msg": ""
- },
- "CVE-2023-1380": {
- "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
- },
- "CVE-2023-0615": {
- "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
- },
- "CVE-2019-19378": {
- "cmt_msg": ""
- },
- "CVE-2023-3006": {
- "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
- },
- "CVE-2022-3061": {
- "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
- },
- "CVE-2022-3586": {
- "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
- },
- "CVE-2023-2176": {
- "cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
- },
- "CVE-2022-43945": {
- "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
- },
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
- "CVE-2022-45934": {
- "cmt_msg": "Bluetooth: L2CAP: Fix u8 overflow"
- },
- "CVE-2022-2663": {
- "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
- },
- "CVE-2022-3344": {
- "cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use"
- },
- "CVE-2023-23004": {
- "cmt_msg": "malidp: Fix NULL vs IS_ERR() checking"
- },
- "CVE-2023-31081": {
- "cmt_msg": ""
- },
- "CVE-2023-3220": {
- "cmt_msg": "drm/msm/dpu: Add check for pstates"
- },
- "CVE-2023-0394": {
- "cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames"
- },
- "CVE-2023-1670": {
- "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
- },
- "CVE-2020-24503": {
- "cmt_msg": ""
- },
- "CVE-2020-24502": {
- "cmt_msg": ""
- },
- "CVE-2023-31085": {
- "cmt_msg": ""
- },
- "CVE-2023-26607": {
- "cmt_msg": "ntfs: fix out-of-bounds read in ntfs_attr_find()"
- },
- "CVE-2023-1079": {
- "cmt_msg": "HID: asus: use spinlock to safely schedule workers"
- },
- "CVE-2022-39842": {
- "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
- },
- "CVE-2023-3357": {
- "cmt_msg": "HID: amd_sfh: Add missing check for dma_alloc_coherent"
- },
- "CVE-2020-11725": {
- "cmt_msg": ""
- },
- "CVE-2023-0045": {
- "cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
- },
- "CVE-2023-28328": {
- "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
+ "CVE-2022-47521": {
+ "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute"
},
"CVE-2022-23825": {
"cmt_msg": ""
},
- "CVE-2023-3111": {
- "cmt_msg": "btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()"
- },
- "CVE-2021-33061": {
- "cmt_msg": "ixgbe: add improvement for MDD response functionality"
- },
- "CVE-2023-30456": {
- "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4"
- },
- "CVE-2023-32233": {
- "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
- },
"CVE-2023-0179": {
"cmt_msg": "netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits"
},
- "CVE-2023-31436": {
- "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
- },
- "CVE-2023-3389": {
- "cmt_msg": "io_uring: mutex locked poll hashing"
- },
- "CVE-2022-3521": {
- "cmt_msg": "kcm: avoid potential race in kcm_tx_work"
- },
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
- "CVE-2022-47929": {
- "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
- },
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
- "CVE-2021-3864": {
- "cmt_msg": ""
- },
- "CVE-2019-19814": {
- "cmt_msg": ""
- },
- "CVE-2023-2162": {
- "cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
- },
- "CVE-2022-2209": {
- "cmt_msg": ""
+ "CVE-2022-39190": {
+ "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
},
"CVE-2022-21125": {
"cmt_msg": "x86/speculation/mmio: Reuse SRBDS mitigation for SBDS"
},
- "CVE-2023-26606": {
- "cmt_msg": "fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs"
- },
"CVE-2023-28466": {
"cmt_msg": "net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()"
},
@@ -116183,65 +117600,17 @@
"CVE-2022-21123": {
"cmt_msg": "x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data"
},
- "CVE-2023-3390": {
- "cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
- },
- "CVE-2022-38096": {
- "cmt_msg": ""
- },
- "CVE-2022-2978": {
- "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
- },
- "CVE-2023-2019": {
- "cmt_msg": "netdevsim: fib: Fix reference count leak on route deletion failure"
- },
- "CVE-2022-3594": {
- "cmt_msg": "r8152: Rate limit overflow messages"
- },
- "CVE-2022-3595": {
- "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
- },
- "CVE-2022-27672": {
- "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions"
- },
- "CVE-2022-3114": {
- "cmt_msg": "clk: imx: Add check for kcalloc"
- },
"CVE-2023-0459": {
"cmt_msg": "uaccess: Add speculation barrier to copy_from_user()"
},
"CVE-2023-0458": {
"cmt_msg": "prlimit: do_prlimit needs to have a speculation check"
},
- "CVE-2023-3141": {
- "cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
- },
- "CVE-2016-8660": {
- "cmt_msg": ""
- },
- "CVE-2021-26934": {
- "cmt_msg": ""
- },
- "CVE-2023-2156": {
- "cmt_msg": "net: rpl: fix rpl header size calculation"
- },
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
- "CVE-2023-31084": {
- "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()"
- },
- "CVE-2022-1462": {
- "cmt_msg": "tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()"
- },
- "CVE-2022-42432": {
- "cmt_msg": "netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()"
- },
- "CVE-2018-12929": {
- "cmt_msg": ""
- },
- "CVE-2022-3524": {
- "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options()."
+ "CVE-2022-3628": {
+ "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
"CVE-2020-15802": {
"cmt_msg": ""
@@ -116249,11 +117618,8 @@
"CVE-2022-2590": {
"cmt_msg": "mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW"
},
- "CVE-2008-2544": {
- "cmt_msg": ""
- },
- "CVE-2023-2483": {
- "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ "CVE-2023-2898": {
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
@@ -116261,29 +117627,14 @@
"CVE-2022-3635": {
"cmt_msg": "atm: idt77252: fix use-after-free bugs caused by tst_timer"
},
- "CVE-2023-0210": {
- "cmt_msg": "ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob"
- },
"CVE-2022-3633": {
"cmt_msg": "can: j1939: j1939_session_destroy(): fix memory leak of skbs"
},
"CVE-2022-34918": {
"cmt_msg": "netfilter: nf_tables: stricter validation of element data"
},
- "CVE-2023-2248": {
- "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
- },
- "CVE-2022-2196": {
- "cmt_msg": "KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS"
- },
- "CVE-2019-15239": {
- "cmt_msg": "unknown"
- },
- "CVE-2023-33288": {
- "cmt_msg": "power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition"
- },
- "CVE-2007-3719": {
- "cmt_msg": ""
+ "CVE-2022-2602": {
+ "cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release"
},
"CVE-2022-47939": {
"cmt_msg": "ksmbd: fix use-after-free bug in smb2_tree_disconect"
@@ -116294,20 +117645,8 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
- "CVE-2023-0590": {
- "cmt_msg": "net: sched: fix race condition in qdisc_graft()"
- },
- "CVE-2022-21505": {
- "cmt_msg": "lockdown: Fix kexec lockdown bypass with ima policy"
- },
- "CVE-2022-2961": {
- "cmt_msg": ""
- },
- "CVE-2022-4095": {
- "cmt_msg": "staging: rtl8712: fix use after free bugs"
- },
- "CVE-2022-45919": {
- "cmt_msg": ""
+ "CVE-2023-2002": {
+ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
"CVE-2023-2006": {
"cmt_msg": "rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975]"
@@ -116315,17 +117654,11 @@
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
},
- "CVE-2022-40133": {
- "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources"
+ "CVE-2023-1078": {
+ "cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
},
- "CVE-2022-29901": {
- "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
- },
- "CVE-2010-4563": {
- "cmt_msg": ""
- },
- "CVE-2020-26140": {
- "cmt_msg": ""
+ "CVE-2023-1079": {
+ "cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
"CVE-2020-26143": {
"cmt_msg": ""
@@ -116333,8 +117666,8 @@
"CVE-2020-26142": {
"cmt_msg": ""
},
- "CVE-2022-39190": {
- "cmt_msg": "netfilter: nf_tables: disallow binding to already bound chain"
+ "CVE-2023-1074": {
+ "cmt_msg": "sctp: fail if no bound addresses can be used for a given scope"
},
"CVE-2023-1075": {
"cmt_msg": "net/tls: tls_is_tx_ready() checked list_entry"
@@ -116345,15 +117678,225 @@
"CVE-2023-1077": {
"cmt_msg": "sched/rt: pick_next_rt_entity(): check list_entry"
},
- "CVE-2023-0266": {
- "cmt_msg": "ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF"
- },
- "CVE-2023-2166": {
- "cmt_msg": "can: af_can: fix NULL pointer dereference in can_rcv_filter"
- },
"CVE-2023-1073": {
"cmt_msg": "HID: check empty report_list in hid_validate_values()"
},
+ "CVE-2023-1652": {
+ "cmt_msg": "NFSD: fix use-after-free in nfsd4_ssc_setup_dul()"
+ },
+ "CVE-2022-3707": {
+ "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry"
+ },
+ "CVE-2023-2176": {
+ "cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
+ },
+ "CVE-2023-2177": {
+ "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free"
+ },
+ "CVE-2022-39189": {
+ "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
+ },
+ "CVE-2022-39188": {
+ "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
+ },
+ "CVE-2022-4139": {
+ "cmt_msg": "drm/i915: fix TLB invalidation for Gen12 video and compute engines"
+ },
+ "CVE-2005-3660": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-31085": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-31084": {
+ "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()"
+ },
+ "CVE-2023-31083": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-31082": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-31081": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-4543": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3028": {
+ "cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
+ },
+ "CVE-2020-14304": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26560": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-42703": {
+ "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
+ },
+ "CVE-2023-33288": {
+ "cmt_msg": "power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition"
+ },
+ "CVE-2022-36402": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-29900": {
+ "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
+ },
+ "CVE-2022-29901": {
+ "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
+ },
+ "CVE-2023-35829": {
+ "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove"
+ },
+ "CVE-2023-35828": {
+ "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition"
+ },
+ "CVE-2022-1116": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2318": {
+ "cmt_msg": "net: rose: fix UAF bugs caused by timer handler"
+ },
+ "CVE-2023-35823": {
+ "cmt_msg": "media: saa7134: fix use after free bug in saa7134_finidev due to race condition"
+ },
+ "CVE-2022-23816": {
+ "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
+ },
+ "CVE-2023-35824": {
+ "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
+ },
+ "CVE-2023-35827": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
+ "CVE-2022-3567": {
+ "cmt_msg": "ipv6: Fix data races around sk->sk_prot."
+ },
+ "CVE-2022-3566": {
+ "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
+ },
+ "CVE-2022-3565": {
+ "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
+ },
+ "CVE-2022-3564": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
+ },
+ "CVE-2022-4269": {
+ "cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
+ },
+ "CVE-2022-1882": {
+ "cmt_msg": "watchqueue: make sure to serialize 'wqueue->defunct' properly"
+ },
+ "CVE-2023-30772": {
+ "cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition"
+ },
+ "CVE-2023-1611": {
+ "cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls"
+ },
+ "CVE-2013-7445": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2020-26556": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26557": {
+ "cmt_msg": ""
+ },
+ "CVE-2019-20794": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-26559": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-3397": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-3542": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-1121": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3061": {
+ "cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
+ },
+ "CVE-2022-3344": {
+ "cmt_msg": "KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use"
+ },
+ "CVE-2023-23004": {
+ "cmt_msg": "malidp: Fix NULL vs IS_ERR() checking"
+ },
+ "CVE-2023-3090": {
+ "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb"
+ },
+ "CVE-2023-23559": {
+ "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
+ },
+ "CVE-2022-39842": {
+ "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write"
+ },
+ "CVE-2023-32233": {
+ "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
+ },
+ "CVE-2019-19814": {
+ "cmt_msg": ""
+ },
+ "CVE-2021-26934": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3114": {
+ "cmt_msg": "clk: imx: Add check for kcalloc"
+ },
+ "CVE-2023-3141": {
+ "cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
+ },
+ "CVE-2023-0210": {
+ "cmt_msg": "ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in ksmbd_decode_ntlmssp_auth_blob"
+ },
+ "CVE-2022-3524": {
+ "cmt_msg": "tcp/udp: Fix memory leak in ipv6_renew_options()."
+ },
+ "CVE-2022-3523": {
+ "cmt_msg": "mm/memory.c: fix race when faulting a device private page"
+ },
+ "CVE-2022-3522": {
+ "cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check"
+ },
+ "CVE-2022-3521": {
+ "cmt_msg": "kcm: avoid potential race in kcm_tx_work"
+ },
+ "CVE-2022-2196": {
+ "cmt_msg": "KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS"
+ },
+ "CVE-2007-3719": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-0590": {
+ "cmt_msg": "net: sched: fix race condition in qdisc_graft()"
+ },
+ "CVE-2022-4095": {
+ "cmt_msg": "staging: rtl8712: fix use after free bugs"
+ },
+ "CVE-2022-45919": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-2248": {
+ "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
+ },
"CVE-2022-2586": {
"cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table"
},
@@ -116363,18 +117906,9 @@
"CVE-2022-2585": {
"cmt_msg": "posix-cpu-timers: Cleanup CPU timers before freeing them during exec"
},
- "CVE-2022-3534": {
- "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups"
- },
- "CVE-2022-3535": {
- "cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
- },
"CVE-2022-1247": {
"cmt_msg": ""
},
- "CVE-2022-48425": {
- "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
- },
"CVE-2022-3621": {
"cmt_msg": "nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()"
},
@@ -116390,9 +117924,6 @@
"CVE-2022-2588": {
"cmt_msg": "net_sched: cls_route: remove from list when handle is 0"
},
- "CVE-2022-4842": {
- "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference"
- },
"CVE-2022-47942": {
"cmt_msg": "ksmbd: fix heap-based overflow in set_ntacl_dacl()"
},
@@ -116405,38 +117936,242 @@
"CVE-2022-47941": {
"cmt_msg": "ksmbd: fix memory leak in smb2_handle_negotiate"
},
- "CVE-2023-21102": {
- "cmt_msg": "efi: rt-wrapper: Add missing include"
- },
- "CVE-2020-10708": {
- "cmt_msg": ""
- },
- "CVE-2023-1652": {
- "cmt_msg": "NFSD: fix use-after-free in nfsd4_ssc_setup_dul()"
- },
- "CVE-2023-0386": {
- "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
+ "CVE-2023-1095": {
+ "cmt_msg": "netfilter: nf_tables: fix null deref due to zeroed list head"
},
"CVE-2022-3238": {
"cmt_msg": ""
},
- "CVE-2022-3707": {
- "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry"
+ "CVE-2023-1829": {
+ "cmt_msg": "net/sched: Retire tcindex classifier"
},
- "CVE-2023-3338": {
- "cmt_msg": "Remove DECnet support from kernel"
+ "CVE-2022-2905": {
+ "cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors"
},
- "CVE-2017-13693": {
+ "CVE-2022-48423": {
+ "cmt_msg": "fs/ntfs3: Validate resident attribute name"
+ },
+ "CVE-2022-48424": {
+ "cmt_msg": "fs/ntfs3: Validate attribute name offset"
+ },
+ "CVE-2022-48425": {
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
+ },
+ "CVE-2023-31248": {
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
+ },
+ "CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2021-0399": {
- "cmt_msg": ""
+ "CVE-2022-3303": {
+ "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
+ },
+ "CVE-2022-45869": {
+ "cmt_msg": "KVM: x86/mmu: Fix race condition in direct_page_fault"
},
"CVE-2023-23455": {
"cmt_msg": "net: sched: atm: dont intepret cls results when asked to drop"
},
- "CVE-2023-1829": {
- "cmt_msg": "net/sched: Retire tcindex classifier"
+ "CVE-2023-23454": {
+ "cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop"
+ },
+ "CVE-2023-2483": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
+ "CVE-2022-4128": {
+ "cmt_msg": "mptcp: fix subflow traversal at disconnect time"
+ },
+ "CVE-2022-4129": {
+ "cmt_msg": "l2tp: Serialize access to sk_user_data with sk_callback_lock"
+ },
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
+ "CVE-2023-26544": {
+ "cmt_msg": "fs/ntfs3: Fix slab-out-of-bounds read in run_unpack"
+ },
+ "CVE-2023-26545": {
+ "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename"
+ },
+ "CVE-2021-3892": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-26373": {
+ "cmt_msg": "x86/speculation: Add RSB VM Exit protections"
+ },
+ "CVE-2019-15290": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-3212": {
+ "cmt_msg": "gfs2: Don't deref jdesc in evict"
+ },
+ "CVE-2023-28866": {
+ "cmt_msg": "Bluetooth: HCI: Fix global-out-of-bounds"
+ },
+ "CVE-2022-26878": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-20566": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"
+ },
+ "CVE-2018-12930": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-25012": {
+ "cmt_msg": "HID: bigben: use spinlock to safely schedule workers"
+ },
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2022-4662": {
+ "cmt_msg": "USB: core: Prevent nested device-reset calls"
+ },
+ "CVE-2022-2308": {
+ "cmt_msg": "vduse: prevent uninitialized memory accesses"
+ },
+ "CVE-2022-3903": {
+ "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
+ },
+ "CVE-2023-1195": {
+ "cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
+ },
+ "CVE-2023-1194": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-1193": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-1192": {
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
+ },
+ "CVE-2022-4379": {
+ "cmt_msg": "NFSD: fix use-after-free in __nfs42_ssc_open()"
+ },
+ "CVE-2022-44034": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-44033": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-44032": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-48502": {
+ "cmt_msg": "fs/ntfs3: Check fields while reading"
+ },
+ "CVE-2023-21102": {
+ "cmt_msg": "efi: rt-wrapper: Add missing include"
+ },
+ "CVE-2022-3619": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
+ },
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
+ "CVE-2023-0615": {
+ "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
+ },
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
+ "CVE-2023-3006": {
+ "cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
+ },
+ "CVE-2022-3586": {
+ "cmt_msg": "sch_sfb: Don't assume the skb is still around after enqueueing to child"
+ },
+ "CVE-2022-43945": {
+ "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR"
+ },
+ "CVE-2023-2430": {
+ "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
+ "CVE-2020-26140": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-3390": {
+ "cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
+ },
+ "CVE-2021-33061": {
+ "cmt_msg": "ixgbe: add improvement for MDD response functionality"
+ },
+ "CVE-2023-3389": {
+ "cmt_msg": "io_uring: mutex locked poll hashing"
+ },
+ "CVE-2021-3864": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-1670": {
+ "cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
+ },
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
+ "CVE-2022-2978": {
+ "cmt_msg": "fs: fix UAF/GPF bug in nilfs_mdt_destroy"
+ },
+ "CVE-2018-12931": {
+ "cmt_msg": ""
+ },
+ "CVE-2016-8660": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-2156": {
+ "cmt_msg": "net: rpl: fix rpl header size calculation"
+ },
+ "CVE-2022-42432": {
+ "cmt_msg": "netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()"
+ },
+ "CVE-2008-4609": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-26607": {
+ "cmt_msg": "ntfs: fix out-of-bounds read in ntfs_attr_find()"
+ },
+ "CVE-2023-26606": {
+ "cmt_msg": "fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs"
+ },
+ "CVE-2019-15239": {
+ "cmt_msg": "unknown"
+ },
+ "CVE-2022-21505": {
+ "cmt_msg": "lockdown: Fix kexec lockdown bypass with ima policy"
+ },
+ "CVE-2023-20941": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3534": {
+ "cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups"
+ },
+ "CVE-2022-3535": {
+ "cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
+ },
+ "CVE-2022-4842": {
+ "cmt_msg": "fs/ntfs3: Fix attr_punch_hole() null pointer derenference"
+ },
+ "CVE-2023-28328": {
+ "cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
+ },
+ "CVE-2023-0386": {
+ "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
+ },
+ "CVE-2023-28327": {
+ "cmt_msg": "af_unix: Get user_ns from in_skb in unix_diag_get_exact()."
+ },
+ "CVE-2017-13693": {
+ "cmt_msg": ""
},
"CVE-2017-13694": {
"cmt_msg": ""
@@ -116447,24 +118182,15 @@
"CVE-2022-42720": {
"cmt_msg": "wifi: cfg80211: fix BSS refcounting bugs"
},
- "CVE-2022-36879": {
- "cmt_msg": "xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()"
+ "CVE-2022-42722": {
+ "cmt_msg": "wifi: mac80211: fix crash in beacon protection for P2P-device"
},
- "CVE-2012-4542": {
- "cmt_msg": ""
+ "CVE-2022-42896": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
- "CVE-2022-42329": {
- "cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
- },
- "CVE-2022-44034": {
- "cmt_msg": ""
- },
- "CVE-2023-2269": {
- "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
- },
"CVE-2023-33952": {
"cmt_msg": "drm/vmwgfx: Do not drop the reference to the handle too soon"
},
@@ -116474,150 +118200,297 @@
"CVE-2022-4382": {
"cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting"
},
- "CVE-2022-44033": {
- "cmt_msg": ""
- },
- "CVE-2022-48423": {
- "cmt_msg": "fs/ntfs3: Validate resident attribute name"
- },
- "CVE-2022-2602": {
- "cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release"
- },
- "CVE-2013-7445": {
- "cmt_msg": ""
- },
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
- "CVE-2022-39188": {
- "cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
- },
- "CVE-2022-4139": {
- "cmt_msg": "drm/i915: fix TLB invalidation for Gen12 video and compute engines"
- },
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
- "CVE-2023-26242": {
- "cmt_msg": ""
- },
- "CVE-2023-34255": {
- "cmt_msg": "xfs: verify buffer contents when we skip log replay"
- },
- "CVE-2005-3660": {
- "cmt_msg": ""
- },
- "CVE-2023-28327": {
- "cmt_msg": "af_unix: Get user_ns from in_skb in unix_diag_get_exact()."
- },
- "CVE-2023-1095": {
- "cmt_msg": "netfilter: nf_tables: fix null deref due to zeroed list head"
- },
- "CVE-2023-31083": {
- "cmt_msg": ""
- },
- "CVE-2023-31082": {
- "cmt_msg": ""
- },
- "CVE-2022-3424": {
- "cmt_msg": "misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os"
- },
- "CVE-2022-47521": {
- "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute"
- },
"CVE-2022-3545": {
"cmt_msg": "nfp: fix use-after-free in area_cache_get()"
},
- "CVE-2022-41674": {
- "cmt_msg": "wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()"
- },
"CVE-2022-3543": {
"cmt_msg": "af_unix: Fix memory leaks of the whole sk due to OOB skb."
},
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
- "CVE-2022-3523": {
- "cmt_msg": "mm/memory.c: fix race when faulting a device private page"
- },
- "CVE-2022-3303": {
- "cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
- },
- "CVE-2022-3522": {
- "cmt_msg": "mm/hugetlb: use hugetlb_pte_stable in migration race check"
- },
- "CVE-2022-45869": {
- "cmt_msg": "KVM: x86/mmu: Fix race condition in direct_page_fault"
- },
- "CVE-2022-4543": {
- "cmt_msg": ""
- },
- "CVE-2008-4609": {
- "cmt_msg": ""
- },
- "CVE-2022-3028": {
- "cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
- },
- "CVE-2022-2905": {
- "cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors"
- },
"CVE-2023-1382": {
"cmt_msg": "tipc: set con sock in tipc_conn_alloc"
},
- "CVE-2020-14304": {
- "cmt_msg": ""
- },
- "CVE-2022-2318": {
- "cmt_msg": "net: rose: fix UAF bugs caused by timer handler"
- },
- "CVE-2022-42719": {
- "cmt_msg": "wifi: mac80211: fix MBSSID parsing use-after-free"
+ "CVE-2023-1380": {
+ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
},
"CVE-2020-0347": {
"cmt_msg": ""
},
- "CVE-2023-0461": {
- "cmt_msg": "net/ulp: prevent ULP without clone op from entering the LISTEN status"
+ "CVE-2019-12456": {
+ "cmt_msg": ""
},
- "CVE-2022-42328": {
- "cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
+ "CVE-2021-33655": {
+ "cmt_msg": "fbcon: Disallow setting font bigger than screen size"
},
- "CVE-2021-3714": {
+ "CVE-2023-1206": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-41850": {
+ "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
+ },
+ "CVE-2023-2985": {
+ "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super"
+ },
+ "CVE-2022-3649": {
+ "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
+ },
+ "CVE-2022-3646": {
+ "cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure"
+ },
+ "CVE-2022-3642": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3643": {
+ "cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
+ },
+ "CVE-2023-3357": {
+ "cmt_msg": "HID: amd_sfh: Add missing check for dma_alloc_coherent"
+ },
+ "CVE-2023-3355": {
+ "cmt_msg": "drm/msm/gem: Add check for kmalloc"
+ },
+ "CVE-2019-15902": {
+ "cmt_msg": "unknown"
+ },
+ "CVE-2023-3358": {
+ "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map"
+ },
+ "CVE-2018-17977": {
+ "cmt_msg": ""
+ },
+ "CVE-2010-5321": {
"cmt_msg": ""
},
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2022-3169": {
+ "cmt_msg": "nvme: ensure subsystem reset is single threaded"
+ },
+ "CVE-2022-36280": {
+ "cmt_msg": "drm/vmwgfx: Validate the box size for the snooped cursor"
+ },
+ "CVE-2023-22997": {
+ "cmt_msg": "module: Fix NULL vs IS_ERR checking for module_get_next_page"
+ },
+ "CVE-2023-22998": {
+ "cmt_msg": "drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init"
+ },
+ "CVE-2022-26365": {
+ "cmt_msg": "xen/blkfront: fix leaking data in shared pages"
+ },
+ "CVE-2023-3220": {
+ "cmt_msg": "drm/msm/dpu: Add check for pstates"
+ },
+ "CVE-2023-34255": {
+ "cmt_msg": "xfs: verify buffer contents when we skip log replay"
+ },
+ "CVE-2023-34256": {
+ "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum"
+ },
+ "CVE-2018-12929": {
+ "cmt_msg": ""
+ },
+ "CVE-2018-12928": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
+ "CVE-2023-32254": {
+ "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
+ },
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
+ "CVE-2020-10708": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-32250": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
+ "CVE-2022-0400": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-2235": {
+ "cmt_msg": "perf: Fix check before add_event_to_groups() in perf_group_detach()"
+ },
+ "CVE-2023-1989": {
+ "cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
+ },
+ "CVE-2022-25265": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-47519": {
+ "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute"
+ },
+ "CVE-2022-47518": {
+ "cmt_msg": "wifi: wilc1000: validate number of channels"
+ },
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-0160": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-2663": {
+ "cmt_msg": "netfilter: nf_conntrack_irc: Fix forged IP logic"
+ },
+ "CVE-2022-43750": {
+ "cmt_msg": "usb: mon: make mmapped memory read only"
+ },
+ "CVE-2023-0045": {
+ "cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
+ },
+ "CVE-2022-38457": {
+ "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources"
+ },
+ "CVE-2022-20422": {
+ "cmt_msg": "arm64: fix oops in concurrently setting insn_emulation sysctls"
+ },
+ "CVE-2022-20421": {
+ "cmt_msg": "binder: fix UAF of ref->proc caused by race condition"
+ },
+ "CVE-2019-19378": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-36879": {
+ "cmt_msg": "xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()"
+ },
+ "CVE-2022-45934": {
+ "cmt_msg": "Bluetooth: L2CAP: Fix u8 overflow"
+ },
+ "CVE-2022-41674": {
+ "cmt_msg": "wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()"
+ },
+ "CVE-2020-24503": {
+ "cmt_msg": ""
+ },
+ "CVE-2020-24502": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-1118": {
+ "cmt_msg": "media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()"
+ },
+ "CVE-2020-11725": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-30456": {
+ "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4"
+ },
+ "CVE-2023-31436": {
+ "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
+ },
+ "CVE-2022-47929": {
+ "cmt_msg": "net: sched: disallow noqueue for qdisc classes"
+ },
+ "CVE-2022-2209": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-3594": {
+ "cmt_msg": "r8152: Rate limit overflow messages"
+ },
+ "CVE-2023-2019": {
+ "cmt_msg": "netdevsim: fib: Fix reference count leak on route deletion failure"
+ },
+ "CVE-2022-3595": {
+ "cmt_msg": "cifs: fix double-fault crash during ntlmssp"
+ },
+ "CVE-2022-1462": {
+ "cmt_msg": "tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()"
+ },
+ "CVE-2022-42329": {
+ "cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
+ },
+ "CVE-2022-42328": {
+ "cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
+ },
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
+ },
+ "CVE-2022-2961": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-3268": {
+ "cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
+ },
+ "CVE-2022-40133": {
+ "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources"
+ },
+ "CVE-2010-4563": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-2163": {
+ "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
+ },
+ "CVE-2023-2162": {
+ "cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
+ },
+ "CVE-2023-2166": {
+ "cmt_msg": "can: af_can: fix NULL pointer dereference in can_rcv_filter"
+ },
+ "CVE-2023-0266": {
+ "cmt_msg": "ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF"
+ },
+ "CVE-2021-0399": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-3161": {
+ "cmt_msg": "fbcon: Check font dimension limits"
+ },
+ "CVE-2012-4542": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-4378": {
+ "cmt_msg": "proc: proc_skip_spaces() shouldn't think it is working on C strings"
+ },
+ "CVE-2022-3424": {
+ "cmt_msg": "misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os"
+ },
+ "CVE-2023-2269": {
+ "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
+ },
+ "CVE-2023-0394": {
+ "cmt_msg": "ipv6: raw: Deduct extension header length in rawv6_push_pending_frames"
+ },
+ "CVE-2023-32269": {
+ "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket"
+ },
+ "CVE-2008-2544": {
+ "cmt_msg": ""
+ },
+ "CVE-2022-42719": {
+ "cmt_msg": "wifi: mac80211: fix MBSSID parsing use-after-free"
+ },
+ "CVE-2023-0461": {
+ "cmt_msg": "net/ulp: prevent ULP without clone op from entering the LISTEN status"
+ },
+ "CVE-2021-3714": {
+ "cmt_msg": ""
+ },
"CVE-2023-0468": {
"cmt_msg": "io_uring: make poll refs more robust"
},
- "CVE-2019-12456": {
- "cmt_msg": ""
- },
- "CVE-2020-26560": {
- "cmt_msg": ""
- },
- "CVE-2021-3892": {
- "cmt_msg": ""
- },
- "CVE-2023-35823": {
- "cmt_msg": "media: saa7134: fix use after free bug in saa7134_finidev due to race condition"
+ "CVE-2023-3111": {
+ "cmt_msg": "btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()"
},
"CVE-2023-20928": {
"cmt_msg": "android: binder: stop saving a pointer to the VMA"
},
- "CVE-2023-2430": {
- "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
- },
- "CVE-2022-4128": {
- "cmt_msg": "mptcp: fix subflow traversal at disconnect time"
- },
- "CVE-2021-33655": {
- "cmt_msg": "fbcon: Disallow setting font bigger than screen size"
- },
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2023-2860": {
"cmt_msg": "ipv6: sr: fix out-of-bounds read when setting HMAC data."
},
@@ -116633,189 +118506,36 @@
"CVE-2022-33740": {
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
- "CVE-2023-33203": {
- "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
- },
- "CVE-2023-1206": {
- "cmt_msg": ""
- },
- "CVE-2022-41850": {
- "cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
- },
"CVE-2022-33744": {
"cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting"
},
- "CVE-2023-2235": {
- "cmt_msg": "perf: Fix check before add_event_to_groups() in perf_group_detach()"
- },
- "CVE-2023-26544": {
- "cmt_msg": "fs/ntfs3: Fix slab-out-of-bounds read in run_unpack"
- },
- "CVE-2023-26545": {
- "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename"
- },
- "CVE-2023-2985": {
- "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super"
- },
- "CVE-2023-32269": {
- "cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket"
- },
- "CVE-2022-3649": {
- "cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
- },
- "CVE-2022-3646": {
- "cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure"
- },
- "CVE-2022-3642": {
- "cmt_msg": ""
- },
- "CVE-2022-3643": {
- "cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
- },
"CVE-2023-2194": {
"cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()"
},
- "CVE-2022-42703": {
- "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
- },
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2022-41218": {
"cmt_msg": "media: dvb-core: Fix UAF due to refcount races at releasing"
},
- "CVE-2011-4917": {
- "cmt_msg": ""
- },
- "CVE-2023-28866": {
- "cmt_msg": "Bluetooth: HCI: Fix global-out-of-bounds"
- },
"CVE-2022-36946": {
"cmt_msg": "netfilter: nf_queue: do not allow packet truncation below transport header offset"
},
- "CVE-2023-30772": {
- "cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition"
- },
- "CVE-2022-36123": {
- "cmt_msg": "x86: Clear .brk area at early boot"
- },
- "CVE-2019-15902": {
- "cmt_msg": "unknown"
+ "CVE-2011-4916": {
+ "cmt_msg": ""
},
"CVE-2022-21166": {
"cmt_msg": "x86/speculation/mmio: Enable CPU Fill buffer clearing on idle"
},
- "CVE-2022-26373": {
- "cmt_msg": "x86/speculation: Add RSB VM Exit protections"
- },
- "CVE-2022-36402": {
- "cmt_msg": ""
- },
- "CVE-2022-29900": {
- "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
- },
- "CVE-2019-15290": {
- "cmt_msg": ""
- },
- "CVE-2023-3212": {
- "cmt_msg": "gfs2: Don't deref jdesc in evict"
- },
- "CVE-2023-3161": {
- "cmt_msg": "fbcon: Check font dimension limits"
- },
- "CVE-2022-3567": {
- "cmt_msg": "ipv6: Fix data races around sk->sk_prot."
- },
- "CVE-2023-1118": {
- "cmt_msg": "media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()"
- },
- "CVE-2023-25012": {
- "cmt_msg": "HID: bigben: use spinlock to safely schedule workers"
- },
- "CVE-2022-42722": {
- "cmt_msg": "wifi: mac80211: fix crash in beacon protection for P2P-device"
- },
- "CVE-2022-3566": {
- "cmt_msg": "tcp: Fix data races around icsk->icsk_af_ops."
- },
- "CVE-2023-35829": {
- "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove"
- },
- "CVE-2023-35828": {
- "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition"
- },
- "CVE-2018-17977": {
- "cmt_msg": ""
- },
- "CVE-2022-26878": {
- "cmt_msg": ""
- },
"CVE-2022-41849": {
"cmt_msg": "fbdev: smscufx: Fix use-after-free in ufx_ops_open()"
},
- "CVE-2022-3565": {
- "cmt_msg": "mISDN: fix use-after-free bugs in l1oip timer handlers"
- },
- "CVE-2022-1116": {
+ "CVE-2022-41848": {
"cmt_msg": ""
},
- "CVE-2010-5321": {
- "cmt_msg": ""
- },
- "CVE-2022-20566": {
- "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"
- },
- "CVE-2018-12930": {
- "cmt_msg": ""
- },
- "CVE-2018-12931": {
- "cmt_msg": ""
- },
- "CVE-2022-23816": {
- "cmt_msg": "x86/kvm/vmx: Make noinstr clean"
- },
- "CVE-2023-35824": {
- "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition"
- },
- "CVE-2023-35827": {
- "cmt_msg": ""
- },
- "CVE-2022-42896": {
- "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
- },
- "CVE-2022-4269": {
- "cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
- },
- "CVE-2022-4129": {
- "cmt_msg": "l2tp: Serialize access to sk_user_data with sk_callback_lock"
- },
"CVE-2021-39801": {
"cmt_msg": ""
},
"CVE-2021-39800": {
"cmt_msg": ""
},
- "CVE-2022-3169": {
- "cmt_msg": "nvme: ensure subsystem reset is single threaded"
- },
- "CVE-2022-3564": {
- "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu"
- },
- "CVE-2022-41848": {
- "cmt_msg": ""
- },
- "CVE-2022-36280": {
- "cmt_msg": "drm/vmwgfx: Validate the box size for the snooped cursor"
- },
- "CVE-2023-1074": {
- "cmt_msg": "sctp: fail if no bound addresses can be used for a given scope"
- },
- "CVE-2022-3628": {
- "cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
- },
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2022-45885": {
"cmt_msg": ""
},
@@ -116828,158 +118548,65 @@
"CVE-2022-45886": {
"cmt_msg": ""
},
- "CVE-2023-22997": {
- "cmt_msg": "module: Fix NULL vs IS_ERR checking for module_get_next_page"
- },
- "CVE-2023-22998": {
- "cmt_msg": "drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init"
- },
"CVE-2023-2124": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay"
},
"CVE-2022-45888": {
"cmt_msg": "char: xillybus: Prevent use-after-free due to race condition"
},
- "CVE-2021-3542": {
- "cmt_msg": ""
- },
"CVE-2023-1281": {
"cmt_msg": "net/sched: tcindex: update imperfect hash filters respecting rcu"
},
- "CVE-2023-2177": {
- "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free"
- },
"CVE-2023-2513": {
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry"
},
"CVE-2023-1859": {
"cmt_msg": "9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition"
},
- "CVE-2023-23559": {
- "cmt_msg": "wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid"
- },
"CVE-2023-1855": {
"cmt_msg": "hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition"
},
- "CVE-2022-1882": {
- "cmt_msg": "watchqueue: make sure to serialize 'wqueue->defunct' properly"
- },
- "CVE-2023-3268": {
- "cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
- },
- "CVE-2023-32254": {
- "cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
- },
- "CVE-2023-34256": {
- "cmt_msg": "ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum"
- },
- "CVE-2022-2308": {
- "cmt_msg": "vduse: prevent uninitialized memory accesses"
- },
- "CVE-2018-12928": {
- "cmt_msg": ""
+ "CVE-2022-27672": {
+ "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions"
},
"CVE-2020-25220": {
"cmt_msg": ""
},
- "CVE-2022-3903": {
- "cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
- },
"CVE-2015-2877": {
"cmt_msg": ""
},
"CVE-2022-0171": {
"cmt_msg": "KVM: SEV: add cache flush to solve SEV cache incoherency issues"
},
- "CVE-2023-1611": {
- "cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls"
- },
- "CVE-2023-1195": {
- "cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
- },
- "CVE-2023-1194": {
- "cmt_msg": ""
- },
- "CVE-2023-1193": {
- "cmt_msg": ""
- },
- "CVE-2023-1192": {
+ "CVE-2023-26242": {
"cmt_msg": ""
},
"CVE-2019-16089": {
"cmt_msg": ""
},
- "CVE-2023-32250": {
- "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
- },
- "CVE-2022-0400": {
- "cmt_msg": ""
- },
- "CVE-2022-4379": {
- "cmt_msg": "NFSD: fix use-after-free in __nfs42_ssc_open()"
- },
- "CVE-2022-4378": {
- "cmt_msg": "proc: proc_skip_spaces() shouldn't think it is working on C strings"
- },
"CVE-2022-1679": {
"cmt_msg": "ath9k: fix use-after-free in ath9k_hif_usb_rx_cb"
},
- "CVE-2022-44032": {
- "cmt_msg": ""
- },
- "CVE-2023-3358": {
- "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map"
- },
"CVE-2023-1513": {
"cmt_msg": "kvm: initialize all of the kvm_debugregs structure before sending it to userspace"
},
- "CVE-2023-1989": {
- "cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
- },
"CVE-2021-3847": {
"cmt_msg": ""
},
- "CVE-2023-20941": {
- "cmt_msg": ""
- },
"CVE-2022-40768": {
"cmt_msg": "scsi: stex: Properly zero out the passthrough command structure"
},
- "CVE-2023-3397": {
+ "CVE-2011-4917": {
"cmt_msg": ""
},
- "CVE-2022-25265": {
- "cmt_msg": ""
- },
- "CVE-2011-4916": {
- "cmt_msg": ""
- },
- "CVE-2022-48424": {
- "cmt_msg": "fs/ntfs3: Validate attribute name offset"
- },
- "CVE-2022-4662": {
- "cmt_msg": "USB: core: Prevent nested device-reset calls"
+ "CVE-2022-36123": {
+ "cmt_msg": "x86: Clear .brk area at early boot"
},
"CVE-2023-23039": {
"cmt_msg": ""
},
- "CVE-2022-48502": {
- "cmt_msg": "fs/ntfs3: Check fields while reading"
- },
- "CVE-2022-47519": {
- "cmt_msg": "wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute"
- },
- "CVE-2022-47518": {
- "cmt_msg": "wifi: wilc1000: validate number of channels"
- },
- "CVE-2023-35001": {
- "cmt_msg": ""
- },
- "CVE-2023-2002": {
- "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
- },
- "CVE-2023-3090": {
- "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb"
+ "CVE-2023-3338": {
+ "cmt_msg": "Remove DECnet support from kernel"
}
}
},
@@ -117421,6 +119048,9 @@
"CVE-2022-32296": {
"cmt_msg": "tcp: increase source port perturb table to 2^16"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -117439,6 +119069,12 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -117490,6 +119126,9 @@
"CVE-2023-35827": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -117530,7 +119169,7 @@
"cmt_msg": "USB: core: Prevent nested device-reset calls"
},
"CVE-2023-35001": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -117764,7 +119403,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2022-38096": {
"cmt_msg": ""
@@ -117788,7 +119427,7 @@
"cmt_msg": "bpf: Don't use tnum_range on array range checking for poke descriptors"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-28389": {
"cmt_msg": "can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path"
@@ -117856,6 +119495,9 @@
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2022-0185": {
"cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param"
},
@@ -117898,9 +119540,15 @@
"CVE-2022-3619": {
"cmt_msg": "Bluetooth: L2CAP: Fix memory leak in vhci_write"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -117916,9 +119564,18 @@
"CVE-2023-1872": {
"cmt_msg": "io_uring: propagate issue_flags state down to file assignment"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-1079": {
"cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -117940,6 +119597,9 @@
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-2873": {
"cmt_msg": "i2c: ismt: prevent memory corruption in ismt_access()"
},
@@ -118126,6 +119786,9 @@
"CVE-2010-5321": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-0264": {
"cmt_msg": "bpf: Fix kernel address leakage in atomic fetch"
},
@@ -118171,9 +119834,18 @@
"CVE-2021-4202": {
"cmt_msg": "NFC: reorganize the functions in nci_request"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-32254": {
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect"
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -118204,6 +119876,9 @@
"CVE-2022-47518": {
"cmt_msg": "wifi: wilc1000: validate number of channels"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -118300,9 +119975,6 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -118312,6 +119984,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -119995,6 +121670,10 @@
"cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket",
"cmt_id": "c27e0eac568a008cdf04ae7e4ea2d3c18717e627"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "cmt_id": "fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits",
"cmt_id": "dccbd062d71657648efc32fdc9919b33763cc68b"
@@ -120207,6 +121886,10 @@
"cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
"cmt_id": "e11765cea2050fa25fc3e03da858e83284c5ce79"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()",
+ "cmt_id": "227eb2689b44d0d60da3839b146983e73435924c"
+ },
"CVE-2023-35823": {
"cmt_msg": "media: saa7134: fix use after free bug in saa7134_finidev due to race condition",
"cmt_id": "2f48c0a463a37ac76ac089ec7936f673b9a0a448"
@@ -120219,14 +121902,30 @@
}
},
"5.15.113": {
- "CVE-2023-3090": {
- "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
- "cmt_id": "7c8be27727fe194b4625da442ee2b854db76b200"
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals",
+ "cmt_id": "865be1cff2c038984fe55c9deae5461a498cfdf9"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user",
+ "cmt_id": "7657321b2624197840ef2cfa4f29ccf873d7aa9b"
+ },
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]",
+ "cmt_id": "61e043326e72b5abb02b5bc9132f2620a7faf8c5"
+ },
+ "CVE-2023-1192": {
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
+ "cmt_id": "2a67f26f70ab344ae6ea78638890eebc1191a501"
},
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition",
"cmt_id": "162a9b321538972a260c7b178638c2368c071f77"
},
+ "CVE-2023-3090": {
+ "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
+ "cmt_id": "7c8be27727fe194b4625da442ee2b854db76b200"
+ },
"CVE-2022-48425": {
"cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
"cmt_id": "2a67f26f70ab344ae6ea78638890eebc1191a501"
@@ -120287,6 +121986,9 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -120308,9 +122010,21 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-23825": {
"cmt_msg": ""
},
@@ -120357,7 +122071,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
@@ -120374,8 +122088,8 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
},
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
@@ -120438,7 +122152,7 @@
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2005-3660": {
"cmt_msg": ""
@@ -120491,9 +122205,15 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-3642": {
"cmt_msg": ""
},
@@ -120542,6 +122262,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-45885": {
"cmt_msg": ""
},
@@ -120587,14 +122310,17 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-1194": {
"cmt_msg": ""
},
"CVE-2023-1193": {
"cmt_msg": ""
},
- "CVE-2023-1192": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2019-16089": {
"cmt_msg": ""
@@ -120636,6 +122362,9 @@
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -120801,6 +122530,9 @@
"CVE-2019-15090": {
"cmt_msg": "scsi: qedi: remove memset/memcpy to nfunc and use func instead"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
@@ -120999,6 +122731,9 @@
"CVE-2019-11477": {
"cmt_msg": "tcp: limit payload size of sacked skbs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2019-11479": {
"cmt_msg": "tcp: add tcp_min_snd_mss sysctl"
},
@@ -121047,6 +122782,9 @@
"CVE-2019-17054": {
"cmt_msg": "appletalk: enforce CAP_NET_RAW for raw sockets"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -121230,6 +122968,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2019-20806": {
"cmt_msg": "media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame"
},
@@ -121278,6 +123019,9 @@
"CVE-2022-23816": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -121368,6 +123112,9 @@
"CVE-2022-2961": {
"cmt_msg": ""
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -121446,6 +123193,9 @@
"CVE-2020-0444": {
"cmt_msg": "audit: fix error handling in audit_data_to_entry()"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2022-1419": {
"cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create"
},
@@ -121479,8 +123229,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -121893,9 +123643,6 @@
"CVE-2021-37159": {
"cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2021-29154": {
"cmt_msg": "bpf, x86: Validate computation of branch displacements for x86-64"
},
@@ -122007,12 +123754,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -122094,6 +123847,9 @@
"CVE-2019-11191": {
"cmt_msg": "x86: Deprecate a.out support"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -122157,6 +123913,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -122184,9 +123943,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -122199,6 +123955,9 @@
"CVE-2019-20811": {
"cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-0045": {
"cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
},
@@ -122562,9 +124321,6 @@
"CVE-2019-19448": {
"cmt_msg": "btrfs: only search for left_info if there is no right_info in try_merge_free_space"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
@@ -122637,6 +124393,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -122706,6 +124465,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -122766,6 +124528,9 @@
"CVE-2020-25284": {
"cmt_msg": "rbd: require global CAP_SYS_ADMIN for mapping and unmapping"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -122991,9 +124756,6 @@
"CVE-2020-0432": {
"cmt_msg": "staging: most: net: fix buffer overflow"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2019-3874": {
"cmt_msg": "sctp: implement memory accounting on tx path"
},
@@ -123003,12 +124765,12 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
- "CVE-2023-2163": {
- "cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
- },
"CVE-2023-2162": {
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress"
},
@@ -123324,6 +125086,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -125913,6 +127678,10 @@
"cmt_msg": "scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress",
"cmt_id": "d4d765f4761f9e3a2d62992f825aeee593bcb6b9"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
+ "cmt_id": "d0332cbf53dad06a22189cc341391237f4ea6d9f"
+ },
"CVE-2023-32269": {
"cmt_msg": "netrom: Fix use-after-free caused by accept on already connected socket",
"cmt_id": "20355b9569bd1fd5a236898524b6dd4117e660d0"
@@ -126156,6 +127925,9 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -126195,9 +127967,18 @@
"CVE-2019-19449": {
"cmt_msg": "f2fs: fix to do sanity check on segment/section count"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2020-24504": {
"cmt_msg": "ice: create scheduler aggregator node config and move VSIs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -126276,9 +128057,6 @@
"CVE-2008-2544": {
"cmt_msg": ""
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2022-3636": {
"cmt_msg": "net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()"
},
@@ -126300,8 +128078,8 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
},
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
@@ -126336,6 +128114,9 @@
"CVE-2022-2991": {
"cmt_msg": "remove the lightnvm subsystem"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2022-3624": {
"cmt_msg": "bonding: fix reference count leak in balance-alb mode"
},
@@ -126369,6 +128150,9 @@
"CVE-2021-4148": {
"cmt_msg": "mm: khugepaged: skip huge page collapse for special files"
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -126378,12 +128162,12 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2005-3660": {
"cmt_msg": ""
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2023-31085": {
"cmt_msg": ""
},
@@ -126456,9 +128240,15 @@
"CVE-2022-3176": {
"cmt_msg": "io_uring: fix UAF due to missing POLLFREE handling"
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -126468,9 +128258,6 @@
"CVE-2022-3642": {
"cmt_msg": ""
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -126528,15 +128315,24 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2020-36385": {
"cmt_msg": "RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy"
},
@@ -126585,12 +128381,18 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-1611": {
"cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls"
},
"CVE-2023-26242": {
"cmt_msg": ""
},
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -126637,6 +128439,9 @@
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
@@ -126964,6 +128769,9 @@
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -127000,6 +128808,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-19378": {
"cmt_msg": ""
},
@@ -127141,6 +128952,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -127186,6 +129000,9 @@
"CVE-2022-3633": {
"cmt_msg": "can: j1939: j1939_session_destroy(): fix memory leak of skbs"
},
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
+ },
"CVE-2023-26607": {
"cmt_msg": "ntfs: fix out-of-bounds read in ntfs_attr_find()"
},
@@ -127201,6 +129018,9 @@
"CVE-2007-3719": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-0590": {
"cmt_msg": "net: sched: fix race condition in qdisc_graft()"
},
@@ -127210,9 +129030,15 @@
"CVE-2022-4095": {
"cmt_msg": "staging: rtl8712: fix use after free bugs"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2006": {
"cmt_msg": "rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975]"
},
@@ -127270,6 +129096,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -127306,15 +129135,15 @@
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
"CVE-2022-3707": {
"cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry"
},
- "CVE-2023-3338": {
- "cmt_msg": "Remove DECnet support from kernel"
- },
"CVE-2017-13693": {
"cmt_msg": ""
},
@@ -127345,6 +129174,9 @@
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2022-42329": {
"cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
},
@@ -127360,6 +129192,9 @@
"CVE-2023-33951": {
"cmt_msg": "drm/vmwgfx: Do not drop the reference to the handle too soon"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-4382": {
"cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting"
},
@@ -127385,7 +129220,7 @@
"cmt_msg": "drm/i915: fix TLB invalidation for Gen12 video and compute engines"
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2023-26242": {
"cmt_msg": ""
@@ -127399,6 +129234,9 @@
"CVE-2005-3660": {
"cmt_msg": ""
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2023-28327": {
"cmt_msg": "af_unix: Get user_ns from in_skb in unix_diag_get_exact()."
},
@@ -127463,7 +129301,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-42719": {
"cmt_msg": "wifi: mac80211: fix MBSSID parsing use-after-free"
@@ -127504,9 +129342,15 @@
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2023-2860": {
"cmt_msg": "ipv6: sr: fix out-of-bounds read when setting HMAC data."
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2163": {
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
},
@@ -127576,6 +129420,9 @@
"CVE-2022-36402": {
"cmt_msg": ""
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2019-15290": {
"cmt_msg": ""
},
@@ -127624,6 +129471,9 @@
"CVE-2010-5321": {
"cmt_msg": ""
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2018-12930": {
"cmt_msg": ""
},
@@ -127642,6 +129492,9 @@
"CVE-2022-4269": {
"cmt_msg": "act_mirred: use the backlog for nested calls to mirred ingress"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -127663,8 +129516,8 @@
"CVE-2023-1074": {
"cmt_msg": "sctp: fail if no bound addresses can be used for a given scope"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
+ "CVE-2023-3338": {
+ "cmt_msg": "Remove DECnet support from kernel"
},
"CVE-2022-45885": {
"cmt_msg": ""
@@ -127748,7 +129601,7 @@
"cmt_msg": ""
},
"CVE-2023-1192": {
- "cmt_msg": ""
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2019-16089": {
"cmt_msg": ""
@@ -127777,6 +129630,9 @@
"CVE-2023-1989": {
"cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2021-3847": {
"cmt_msg": ""
},
@@ -127813,8 +129669,8 @@
"CVE-2022-47518": {
"cmt_msg": "wifi: wilc1000: validate number of channels"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
@@ -128002,6 +129858,10 @@
"CVE-2022-42720": {
"cmt_msg": "wifi: cfg80211: fix BSS refcounting bugs",
"cmt_id": "46b23a9559580a72d8cc5811b1bce8db099806d6"
+ },
+ "CVE-2022-3646": {
+ "cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure",
+ "cmt_id": "4755fcd844240857b525f6e8d8b65ee140fe9570"
}
},
"5.19.17": {
@@ -128047,6 +129907,9 @@
"CVE-2022-43750": {
"cmt_msg": "usb: mon: make mmapped memory read only"
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2019-20794": {
"cmt_msg": ""
},
@@ -128125,6 +129988,9 @@
"CVE-2023-1079": {
"cmt_msg": "HID: asus: use spinlock to safely schedule workers"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-3357": {
"cmt_msg": "HID: amd_sfh: Add missing check for dma_alloc_coherent"
},
@@ -128134,9 +130000,6 @@
"CVE-2023-0045": {
"cmt_msg": "x86/bugs: Flush IBP in ib_prctl_set()"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2022-23825": {
"cmt_msg": ""
},
@@ -128203,6 +130066,9 @@
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2016-8660": {
"cmt_msg": ""
},
@@ -128212,6 +130078,9 @@
"CVE-2023-2156": {
"cmt_msg": "net: rpl: fix rpl header size calculation"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2023-31084": {
"cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()"
},
@@ -128242,6 +130111,9 @@
"CVE-2022-3633": {
"cmt_msg": "can: j1939: j1939_session_destroy(): fix memory leak of skbs"
},
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup"
+ },
"CVE-2022-3630": {
"cmt_msg": "fscache: don't leak cookie access refs if invalidation is in progress or failed"
},
@@ -128260,6 +130132,9 @@
"CVE-2007-3719": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-0590": {
"cmt_msg": "net: sched: fix race condition in qdisc_graft()"
},
@@ -128272,6 +130147,9 @@
"CVE-2022-45919": {
"cmt_msg": ""
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
"CVE-2023-2006": {
"cmt_msg": "rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975]"
},
@@ -128317,12 +130195,15 @@
"CVE-2022-3531": {
"cmt_msg": "selftest/bpf: Fix memory leak in kprobe_multi_test"
},
- "CVE-2023-1078": {
- "cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
+ "CVE-2023-26242": {
+ "cmt_msg": ""
},
"CVE-2022-3534": {
"cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
"CVE-2022-1247": {
"cmt_msg": ""
},
@@ -128356,6 +130237,9 @@
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
@@ -128386,6 +130270,9 @@
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2022-42329": {
"cmt_msg": "xen/netback: don't call kfree_skb() with interrupts disabled"
},
@@ -128398,6 +130285,9 @@
"CVE-2023-33951": {
"cmt_msg": "drm/vmwgfx: Do not drop the reference to the handle too soon"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2022-4382": {
"cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting"
},
@@ -128417,10 +130307,7 @@
"cmt_msg": "drm/i915: fix TLB invalidation for Gen12 video and compute engines"
},
"CVE-2023-31248": {
- "cmt_msg": ""
- },
- "CVE-2023-26242": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2023-34255": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay"
@@ -128465,7 +130352,7 @@
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2022-36402": {
"cmt_msg": ""
@@ -128539,9 +130426,15 @@
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2023-2860": {
"cmt_msg": "ipv6: sr: fix out-of-bounds read when setting HMAC data."
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-2163": {
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints"
},
@@ -128569,8 +130462,8 @@
"CVE-2022-3649": {
"cmt_msg": "nilfs2: fix use-after-free bug of struct nilfs_root"
},
- "CVE-2022-3646": {
- "cmt_msg": "nilfs2: fix leak of nilfs_root in case of writer thread creation failure"
+ "CVE-2023-1078": {
+ "cmt_msg": "rds: rds_rm_zerocopy_callback() use list_first_entry()"
},
"CVE-2023-35826": {
"cmt_msg": "media: cedrus: fix use after free bug in cedrus_remove due to race condition"
@@ -128671,6 +130564,12 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2021-39801": {
"cmt_msg": ""
},
@@ -128689,6 +130588,9 @@
"CVE-2022-36280": {
"cmt_msg": "drm/vmwgfx: Validate the box size for the snooped cursor"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-1998": {
"cmt_msg": "x86/speculation: Allow enabling STIBP with legacy IBRS"
},
@@ -128710,6 +130612,9 @@
"CVE-2023-2124": {
"cmt_msg": "xfs: verify buffer contents when we skip log replay"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2022-45888": {
"cmt_msg": "char: xillybus: Prevent use-after-free due to race condition"
},
@@ -128774,7 +130679,7 @@
"cmt_msg": ""
},
"CVE-2023-1192": {
- "cmt_msg": ""
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs"
},
"CVE-2019-16089": {
"cmt_msg": ""
@@ -128803,6 +130708,9 @@
"CVE-2023-1989": {
"cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2021-3847": {
"cmt_msg": ""
},
@@ -128821,6 +130729,9 @@
"CVE-2023-23039": {
"cmt_msg": ""
},
+ "CVE-2023-38409": {
+ "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!"
+ },
"CVE-2022-48502": {
"cmt_msg": "fs/ntfs3: Check fields while reading"
},
@@ -128833,8 +130744,8 @@
"CVE-2022-47518": {
"cmt_msg": "wifi: wilc1000: validate number of channels"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
@@ -129373,6 +131284,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -129556,6 +131470,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -129586,6 +131503,15 @@
"CVE-2022-0185": {
"cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2021-3892": {
"cmt_msg": ""
},
@@ -129652,6 +131578,9 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -129742,8 +131671,8 @@
"CVE-2020-0255": {
"cmt_msg": "selinux: properly handle multiple messages in selinux_netlink_send()"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -130111,9 +132040,6 @@
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2020-16166": {
"cmt_msg": "random32: update the net random state on interrupt and activity"
},
@@ -130201,12 +132127,18 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2020-12768": {
"cmt_msg": "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
},
"CVE-2020-12769": {
"cmt_msg": "spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-32399": {
"cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller"
},
@@ -130267,6 +132199,9 @@
"CVE-2022-44032": {
"cmt_msg": ""
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -130309,6 +132244,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2019-14896": {
"cmt_msg": "libertas: Fix two buffer overflows at parsing bss descriptor"
},
@@ -130336,9 +132274,6 @@
"CVE-2020-0067": {
"cmt_msg": "f2fs: fix to avoid memory leakage in f2fs_listxattr"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -130348,6 +132283,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -130675,9 +132616,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -130729,6 +132667,9 @@
"CVE-2022-26490": {
"cmt_msg": "nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -130792,6 +132733,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -130837,6 +132781,9 @@
"CVE-2020-29374": {
"cmt_msg": "gup: document and work around \"COW can break either way\" issue"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -131017,9 +132964,6 @@
"CVE-2020-0432": {
"cmt_msg": "staging: most: net: fix buffer overflow"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2020-0431": {
"cmt_msg": "HID: hid-input: clear unmapped usages"
},
@@ -131029,6 +132973,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -131293,6 +133240,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -131735,6 +133685,9 @@
"CVE-2023-2008": {
"cmt_msg": "udmabuf: add back sanity check"
},
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop"
+ },
"CVE-2023-2002": {
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
},
@@ -131894,6 +133847,9 @@
"CVE-2020-28974": {
"cmt_msg": "vt: Disable KD_FONT_OP_COPY"
},
+ "CVE-2023-3567": {
+ "cmt_msg": "vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
+ },
"CVE-2022-3028": {
"cmt_msg": "af_key: Do not call xfrm_probe_algs in parallel"
},
@@ -131918,6 +133874,15 @@
"CVE-2023-2430": {
"cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
+ },
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2022-20572": {
"cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag"
},
@@ -131972,6 +133937,9 @@
"CVE-2021-20239": {
"cmt_msg": "net: pass a sockptr_t into ->setsockopt"
},
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size"
+ },
"CVE-2022-3567": {
"cmt_msg": "ipv6: Fix data races around sk->sk_prot."
},
@@ -132032,8 +134000,8 @@
"CVE-2020-27830": {
"cmt_msg": "speakup: Reject setting the speakup line discipline outside of speakup"
},
- "CVE-2023-35001": {
- "cmt_msg": ""
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2022-27666": {
"cmt_msg": "esp: Fix possible buffer overflow in ESP transformation"
@@ -132368,9 +134336,6 @@
"CVE-2020-12771": {
"cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
- "CVE-2023-2898": {
- "cmt_msg": ""
- },
"CVE-2020-16166": {
"cmt_msg": "random32: update the net random state on interrupt and activity"
},
@@ -132452,9 +134417,15 @@
"CVE-2018-12931": {
"cmt_msg": ""
},
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals"
+ },
"CVE-2023-1990": {
"cmt_msg": "nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition"
},
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()"
+ },
"CVE-2021-33098": {
"cmt_msg": "ixgbe: fix large MTU request from VF"
},
@@ -132506,6 +134477,9 @@
"CVE-2022-44032": {
"cmt_msg": ""
},
+ "CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
"CVE-2020-10781": {
"cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\""
},
@@ -132536,6 +134510,9 @@
"CVE-2023-0615": {
"cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases"
},
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()"
+ },
"CVE-2023-3006": {
"cmt_msg": "arm64: Add AMPERE1 to the Spectre-BHB affected list"
},
@@ -132554,9 +134531,6 @@
"CVE-2020-15852": {
"cmt_msg": "x86/ioperm: Fix io bitmap invalidation on Xen PV"
},
- "CVE-2023-31248": {
- "cmt_msg": ""
- },
"CVE-2020-26558": {
"cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical"
},
@@ -132566,6 +134540,12 @@
"CVE-2020-26541": {
"cmt_msg": "certs: Add EFI_CERT_X509_GUID support for dbx entries"
},
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE"
},
@@ -132848,9 +134828,6 @@
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
- "CVE-2023-3355": {
- "cmt_msg": "drm/msm/gem: Add check for kmalloc"
- },
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input"
},
@@ -132902,6 +134879,9 @@
"CVE-2022-42896": {
"cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM"
},
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions"
+ },
"CVE-2022-3169": {
"cmt_msg": "nvme: ensure subsystem reset is single threaded"
},
@@ -132953,6 +134933,9 @@
"CVE-2020-35519": {
"cmt_msg": "net/x25: prevent a couple of overflows"
},
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
+ },
"CVE-2023-31436": {
"cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg"
},
@@ -132995,6 +134978,9 @@
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
+ "CVE-2023-3640": {
+ "cmt_msg": ""
+ },
"CVE-2023-0160": {
"cmt_msg": ""
},
@@ -133157,9 +135143,6 @@
"CVE-2021-3506": {
"cmt_msg": "f2fs: fix to avoid out-of-bounds memory access"
},
- "CVE-2023-3269": {
- "cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper"
- },
"CVE-2023-3268": {
"cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read"
},
@@ -133169,6 +135152,9 @@
"CVE-2010-4563": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2023-1249": {
"cmt_msg": "coredump: Use the vma snapshot in fill_files_note"
},
@@ -133418,6 +135404,9 @@
"CVE-2021-28375": {
"cmt_msg": "misc: fastrpc: restrict user apps from sending kernel RPC messages"
},
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]"
+ },
"CVE-2022-1195": {
"cmt_msg": "hamradio: improve the incomplete fix to avoid NPD"
},
@@ -133568,6 +135557,18 @@
"cmt_msg": "io_uring/rsrc: check for nonconsecutive pages",
"cmt_id": "3a0a9211d7d0138d55aecd209b05e6d4a9eec383"
},
+ "CVE-2023-32258": {
+ "cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel",
+ "cmt_id": "920d5dd2d041484bf001c9713c2e3bcc6de79726"
+ },
+ "CVE-2023-32257": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b"
+ },
+ "CVE-2023-35824": {
+ "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition",
+ "cmt_id": "d730bc84064364cafdb20c6ee7fda2cd7416407a"
+ },
"CVE-2023-32233": {
"cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
"cmt_id": "f8486683ffa30456e0be4290282a44c4459a3287"
@@ -133576,13 +135577,13 @@
"cmt_msg": "ksmbd: fix racy issue under cocurrent smb2 tree disconnect",
"cmt_id": "39366b47a59d46af15ac57beb0996268bf911f6a"
},
- "CVE-2023-35824": {
- "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition",
- "cmt_id": "d730bc84064364cafdb20c6ee7fda2cd7416407a"
+ "CVE-2023-32252": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b"
},
- "CVE-2023-3268": {
- "cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read",
- "cmt_id": "35ca4fb494c0c9f226fbcfa1c1688e6cc1e5062e"
+ "CVE-2023-32250": {
+ "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
+ "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b"
},
"CVE-2023-3312": {
"cmt_msg": "cpufreq: qcom-cpufreq-hw: fix double IO unmap and resource release on exit",
@@ -133596,9 +135597,17 @@
"cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
"cmt_id": "a554e6ec3626d4c11f55d7eef8d6aa93fb211c24"
},
- "CVE-2023-32250": {
- "cmt_msg": "ksmbd: fix racy issue from session setup and logoff",
- "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b"
+ "CVE-2023-32247": {
+ "cmt_msg": "ksmbd: destroy expired sessions",
+ "cmt_id": "6775ee7ef4b37c521aa4cf3730f54554c4875542"
+ },
+ "CVE-2023-32248": {
+ "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()",
+ "cmt_id": "1636e09779f83e10e6ed57d91ef94abcefdd206b"
+ },
+ "CVE-2023-3268": {
+ "cmt_msg": "relayfs: fix out-of-bounds access in relay_file_read",
+ "cmt_id": "35ca4fb494c0c9f226fbcfa1c1688e6cc1e5062e"
},
"CVE-2023-35823": {
"cmt_msg": "media: saa7134: fix use after free bug in saa7134_finidev due to race condition",
@@ -133612,19 +135621,41 @@
}
},
"6.3.4": {
- "CVE-2023-3090": {
- "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
- "cmt_id": "3cd16c6a6a6b68bba02fbbc54b9906f44640ffde"
+ "CVE-2023-38426": {
+ "cmt_msg": "ksmbd: fix global-out-of-bounds in smb2_find_context_vals",
+ "cmt_id": "0adcdc220fa555935bb37a273f08956616f8601a"
+ },
+ "CVE-2023-38428": {
+ "cmt_msg": "ksmbd: fix wrong UserName check in session_user",
+ "cmt_id": "3df195fbddfae60ca24a9bbc209402d9fccdef68"
+ },
+ "CVE-2023-38429": {
+ "cmt_msg": "ksmbd: allocate one more byte for implied bcc[0]",
+ "cmt_id": "778aae5a513ea09aa5addfa352bd70a5b71dda85"
+ },
+ "CVE-2023-1192": {
+ "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
+ "cmt_id": "e6f4b1c32d6d6047958d7700d12fed6d91f441e7"
},
"CVE-2023-3141": {
"cmt_msg": "memstick: r592: Fix UAF bug in r592_remove due to race condition",
"cmt_id": "76fec5f01c9c70e11b85fdeb3f2707589c9238ca"
},
+ "CVE-2023-3090": {
+ "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb",
+ "cmt_id": "3cd16c6a6a6b68bba02fbbc54b9906f44640ffde"
+ },
"CVE-2022-48425": {
"cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs",
"cmt_id": "e6f4b1c32d6d6047958d7700d12fed6d91f441e7"
}
},
+ "6.3.5": {
+ "CVE-2023-21255": {
+ "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup",
+ "cmt_id": "c9e6aae1f26758f3e87b93cff18d79dfd80f2f25"
+ }
+ },
"6.3.7": {
"CVE-2023-35788": {
"cmt_msg": "net/sched: flower: fix possible OOB write in fl_set_geneve_opt()",
@@ -133643,12 +135674,32 @@
"cmt_id": "14c454764a37b194dc916c07488ce7339c82bc4f"
}
},
+ "6.3.8": {
+ "CVE-2023-38431": {
+ "cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop",
+ "cmt_id": "e9cb7be2fcbaee9e808b729e92948d38d52e5add"
+ },
+ "CVE-2023-38427": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()",
+ "cmt_id": "205279b96b5c40c60c6de4f9342416e02ee279f1"
+ }
+ },
"6.3.9": {
+ "CVE-2023-38430": {
+ "cmt_msg": "ksmbd: validate smb request protocol id",
+ "cmt_id": "75e7d81679ef7995422adc84ef597fded99c24a6"
+ },
"CVE-2023-3390": {
"cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE",
"cmt_id": "bdace3b1a51887211d3e49417a18fdbd315a313b"
}
},
+ "6.3.10": {
+ "CVE-2023-38432": {
+ "cmt_msg": "ksmbd: validate command payload size",
+ "cmt_id": "768caf4019f0391c0b6452afe34cea1704133f7b"
+ }
+ },
"6.3.11": {
"CVE-2023-3269": {
"cmt_msg": "mm: introduce new 'lock_mm_and_find_vma()' page fault helper",
@@ -133686,6 +135737,9 @@
"CVE-2020-24502": {
"cmt_msg": ""
},
+ "CVE-2023-35693": {
+ "cmt_msg": ""
+ },
"CVE-2020-11725": {
"cmt_msg": ""
},
@@ -133720,7 +135774,7 @@
"cmt_msg": ""
},
"CVE-2023-2898": {
- "cmt_msg": ""
+ "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()"
},
"CVE-2019-15239": {
"cmt_msg": "unknown"
@@ -133774,7 +135828,7 @@
"cmt_msg": ""
},
"CVE-2023-31248": {
- "cmt_msg": ""
+ "cmt_msg": "netfilter: nf_tables: do not ignore genmask when looking up chain by id"
},
"CVE-2005-3660": {
"cmt_msg": ""
@@ -133824,9 +135878,15 @@
"CVE-2021-3892": {
"cmt_msg": ""
},
+ "CVE-2023-37453": {
+ "cmt_msg": ""
+ },
"CVE-2023-1206": {
"cmt_msg": ""
},
+ "CVE-2023-37454": {
+ "cmt_msg": ""
+ },
"CVE-2023-35827": {
"cmt_msg": ""
},
@@ -133905,9 +135965,6 @@
"CVE-2023-1193": {
"cmt_msg": ""
},
- "CVE-2023-1192": {
- "cmt_msg": ""
- },
"CVE-2019-16089": {
"cmt_msg": ""
},
@@ -133939,6 +135996,9 @@
"cmt_msg": ""
},
"CVE-2023-35001": {
+ "cmt_msg": "netfilter: nf_tables: prevent OOB access in nft_byteorder_eval"
+ },
+ "CVE-2023-3640": {
"cmt_msg": ""
}
}
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index a32159b..c83f331 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -4514,6 +4514,10 @@
}
},
"CVE-2015-8966": {
+ "3.18": {
+ "cmt_id": "db9e37a1c5f21cec095da9ed53a2c0cbeeb24ee6",
+ "fixed_version": "3.18.42"
+ },
"4.1": {
"cmt_id": "469a242127b181656cb0a07de4584215bd4494fb",
"fixed_version": "4.1.33"
@@ -35110,6 +35114,10 @@
"cmt_id": "44b1ee304bac03f1b879be5afe920e3a844e40fc",
"fixed_version": "5.15.74"
},
+ "5.19": {
+ "cmt_id": "4755fcd844240857b525f6e8d8b65ee140fe9570",
+ "fixed_version": "5.19.16"
+ },
"5.4": {
"cmt_id": "b7e409d11db9ce9f8bc05fcdfa24d143f60cd393",
"fixed_version": "5.4.218"
@@ -36727,6 +36735,20 @@
"fixed_version": "6.2.3"
}
},
+ "CVE-2023-1192": {
+ "5.15": {
+ "cmt_id": "2a67f26f70ab344ae6ea78638890eebc1191a501",
+ "fixed_version": "5.15.113"
+ },
+ "6.1": {
+ "cmt_id": "a8eaa9a06addbd9cb0238cb1c729921ecbb6504c",
+ "fixed_version": "6.1.33"
+ },
+ "6.3": {
+ "cmt_id": "e6f4b1c32d6d6047958d7700d12fed6d91f441e7",
+ "fixed_version": "6.3.4"
+ }
+ },
"CVE-2023-1249": {
"5.10": {
"cmt_id": "558564db44755dfb3e48b0d64de327d20981e950",
@@ -37349,6 +37371,16 @@
"fixed_version": "6.3.7"
}
},
+ "CVE-2023-21255": {
+ "6.1": {
+ "cmt_id": "e1e198eff1fbaf56fd8022c4fbbf59c5324ea320",
+ "fixed_version": "6.1.31"
+ },
+ "6.3": {
+ "cmt_id": "c9e6aae1f26758f3e87b93cff18d79dfd80f2f25",
+ "fixed_version": "6.3.5"
+ }
+ },
"CVE-2023-2156": {
"5.10": {
"cmt_id": "c972851d3848647f57cd8d5625c48663410c3f96",
@@ -38227,6 +38259,16 @@
"fixed_version": "6.3.4"
}
},
+ "CVE-2023-3106": {
+ "3.16": {
+ "cmt_id": "2dcb72918e387fd1d0af40c1c351822bfe1acf63",
+ "fixed_version": "3.16.39"
+ },
+ "4.4": {
+ "cmt_id": "0cbb0084fa2b444b7316a0967a0d93f5ae520216",
+ "fixed_version": "4.4.223"
+ }
+ },
"CVE-2023-3111": {
"4.14": {
"cmt_id": "ff0e8ed8dfb584575cffc1561f17a1d094e8565b",
@@ -38447,6 +38489,38 @@
"fixed_version": "6.3.2"
}
},
+ "CVE-2023-32247": {
+ "6.1": {
+ "cmt_id": "1fc8a2b14ef5223f8e0b95faba2ee0a6e4d0f99d",
+ "fixed_version": "6.1.29"
+ },
+ "6.2": {
+ "cmt_id": "750a2d772e9d9ff377fd32e3b6797bf2cd847a7a",
+ "fixed_version": "6.2.16"
+ },
+ "6.3": {
+ "cmt_id": "6775ee7ef4b37c521aa4cf3730f54554c4875542",
+ "fixed_version": "6.3.2"
+ }
+ },
+ "CVE-2023-32248": {
+ "5.15": {
+ "cmt_id": "227eb2689b44d0d60da3839b146983e73435924c",
+ "fixed_version": "5.15.111"
+ },
+ "6.1": {
+ "cmt_id": "a70751dd7b60eab025e97e19b6b2477c6eaf2bbb",
+ "fixed_version": "6.1.28"
+ },
+ "6.2": {
+ "cmt_id": "b35f6c031b87d9e51f141ff6de0ea59756a8e313",
+ "fixed_version": "6.2.15"
+ },
+ "6.3": {
+ "cmt_id": "1636e09779f83e10e6ed57d91ef94abcefdd206b",
+ "fixed_version": "6.3.2"
+ }
+ },
"CVE-2023-32250": {
"6.1": {
"cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b",
@@ -38461,6 +38535,20 @@
"fixed_version": "6.3.2"
}
},
+ "CVE-2023-32252": {
+ "6.1": {
+ "cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b",
+ "fixed_version": "6.1.29"
+ },
+ "6.2": {
+ "cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f",
+ "fixed_version": "6.2.16"
+ },
+ "6.3": {
+ "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b",
+ "fixed_version": "6.3.2"
+ }
+ },
"CVE-2023-32254": {
"6.1": {
"cmt_id": "bd80d35725a0cf4df9307bfe2f1a3b2cb983d8e6",
@@ -38475,6 +38563,34 @@
"fixed_version": "6.3.2"
}
},
+ "CVE-2023-32257": {
+ "6.1": {
+ "cmt_id": "f623f627ad2b1dc215ab3b0df53fb05cfd3a1c3b",
+ "fixed_version": "6.1.29"
+ },
+ "6.2": {
+ "cmt_id": "d270631c21e68fb8016d6e231d022d7023a2df6f",
+ "fixed_version": "6.2.16"
+ },
+ "6.3": {
+ "cmt_id": "02f41d88f15d6b7d523e52cc3f87488f57e9265b",
+ "fixed_version": "6.3.2"
+ }
+ },
+ "CVE-2023-32258": {
+ "6.1": {
+ "cmt_id": "4aba9ab6a007e41182454f84f95c0bddf7d6d7e1",
+ "fixed_version": "6.1.29"
+ },
+ "6.2": {
+ "cmt_id": "de428966b40c8b8abe35592ded2e9f4d366ffc38",
+ "fixed_version": "6.2.16"
+ },
+ "6.3": {
+ "cmt_id": "920d5dd2d041484bf001c9713c2e3bcc6de79726",
+ "fixed_version": "6.3.2"
+ }
+ },
"CVE-2023-32269": {
"4.14": {
"cmt_id": "35d5bb094bc7529c15561289a1ea995f897bf2e6",
@@ -38791,6 +38907,28 @@
"fixed_version": "5.17.6"
}
},
+ "CVE-2023-3567": {
+ "4.19": {
+ "cmt_id": "6332f52f44b9776568bf3c0b714ddfb0bb175e78",
+ "fixed_version": "4.19.273"
+ },
+ "5.10": {
+ "cmt_id": "55515d7d8743b71b80bfe68e89eb9d92630626ab",
+ "fixed_version": "5.10.168"
+ },
+ "5.15": {
+ "cmt_id": "fc9e27f3ba083534b8bbf72ab0f5c810ffdc7d18",
+ "fixed_version": "5.15.93"
+ },
+ "5.4": {
+ "cmt_id": "d0332cbf53dad06a22189cc341391237f4ea6d9f",
+ "fixed_version": "5.4.232"
+ },
+ "6.1": {
+ "cmt_id": "8506f16aae9daf354e3732bcfd447e2a97f023df",
+ "fixed_version": "6.1.11"
+ }
+ },
"CVE-2023-35788": {
"4.19": {
"cmt_id": "59a27414bb00e48c4153a8b794fb4e69910a6a1b",
@@ -38946,5 +39084,97 @@
"cmt_id": "2115e94838adc9d1e7b75043c9f26abcc910f6fb",
"fixed_version": "6.3.2"
}
+ },
+ "CVE-2023-38409": {
+ "6.1": {
+ "cmt_id": "b15df140fe092c3ac28dab32c6b3acdda1a93c63",
+ "fixed_version": "6.1.25"
+ },
+ "6.2": {
+ "cmt_id": "62055fa6fbf8f1f1457f5d6a7d17ce1a45972613",
+ "fixed_version": "6.2.12"
+ }
+ },
+ "CVE-2023-38426": {
+ "5.15": {
+ "cmt_id": "865be1cff2c038984fe55c9deae5461a498cfdf9",
+ "fixed_version": "5.15.113"
+ },
+ "6.1": {
+ "cmt_id": "75378b03a90d75b1349bb03577ac8465194c883e",
+ "fixed_version": "6.1.30"
+ },
+ "6.3": {
+ "cmt_id": "0adcdc220fa555935bb37a273f08956616f8601a",
+ "fixed_version": "6.3.4"
+ }
+ },
+ "CVE-2023-38427": {
+ "6.1": {
+ "cmt_id": "bf12d7fb63b365fb766655cedcb5d5f292b0c35e",
+ "fixed_version": "6.1.34"
+ },
+ "6.3": {
+ "cmt_id": "205279b96b5c40c60c6de4f9342416e02ee279f1",
+ "fixed_version": "6.3.8"
+ }
+ },
+ "CVE-2023-38428": {
+ "5.15": {
+ "cmt_id": "7657321b2624197840ef2cfa4f29ccf873d7aa9b",
+ "fixed_version": "5.15.113"
+ },
+ "6.1": {
+ "cmt_id": "40d90ee0275a1bfcd26fa7690adc4330b4227a69",
+ "fixed_version": "6.1.30"
+ },
+ "6.3": {
+ "cmt_id": "3df195fbddfae60ca24a9bbc209402d9fccdef68",
+ "fixed_version": "6.3.4"
+ }
+ },
+ "CVE-2023-38429": {
+ "5.15": {
+ "cmt_id": "61e043326e72b5abb02b5bc9132f2620a7faf8c5",
+ "fixed_version": "5.15.113"
+ },
+ "6.1": {
+ "cmt_id": "af7335a4b946f9f6f9d98398cbcea15cd9850409",
+ "fixed_version": "6.1.30"
+ },
+ "6.3": {
+ "cmt_id": "778aae5a513ea09aa5addfa352bd70a5b71dda85",
+ "fixed_version": "6.3.4"
+ }
+ },
+ "CVE-2023-38430": {
+ "6.1": {
+ "cmt_id": "e01fc7caac9ce9ad76df9f42f7f61ef4bf1d27c9",
+ "fixed_version": "6.1.35"
+ },
+ "6.3": {
+ "cmt_id": "75e7d81679ef7995422adc84ef597fded99c24a6",
+ "fixed_version": "6.3.9"
+ }
+ },
+ "CVE-2023-38431": {
+ "6.1": {
+ "cmt_id": "543c12c2644e772caa6880662c2a852cfdc5a10c",
+ "fixed_version": "6.1.34"
+ },
+ "6.3": {
+ "cmt_id": "e9cb7be2fcbaee9e808b729e92948d38d52e5add",
+ "fixed_version": "6.3.8"
+ }
+ },
+ "CVE-2023-38432": {
+ "6.1": {
+ "cmt_id": "9650cf70ec9d94ff34daa088b643229231723c26",
+ "fixed_version": "6.1.36"
+ },
+ "6.3": {
+ "cmt_id": "768caf4019f0391c0b6452afe34cea1704133f7b",
+ "fixed_version": "6.3.10"
+ }
}
}
\ No newline at end of file
