Update 27Sep23
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index 0b49a0b..78c654f 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,35 +1,38 @@
# **Linux Kernel CVE Changes**
-## Last Update - 17Sep23 11:55
+## Last Update - 27Sep23 16:47
### **New CVEs Added:**
-[CVE-2023-3865](cves/CVE-2023-3865)
-[CVE-2023-3866](cves/CVE-2023-3866)
-[CVE-2023-3867](cves/CVE-2023-3867)
-[CVE-2023-4244](cves/CVE-2023-4244)
-[CVE-2023-4881](cves/CVE-2023-4881)
-[CVE-2023-4921](cves/CVE-2023-4921)
+[CVE-2020-36766](cves/CVE-2020-36766)
+[CVE-2023-42752](cves/CVE-2023-42752)
+[CVE-2023-42753](cves/CVE-2023-42753)
+[CVE-2023-42755](cves/CVE-2023-42755)
+[CVE-2023-5158](cves/CVE-2023-5158)
+[CVE-2023-5197](cves/CVE-2023-5197)
### **New Versions Checked:**
-[6.1.53](streams/6.1)
-[6.4.16](streams/6.4)
+[4.14.326](streams/4.14)
+[4.19.295](streams/4.19)
+[5.10.197](streams/5.10)
+[5.15.133](streams/5.15)
+[5.4.257](streams/5.4)
+[6.1.55](streams/6.1)
### **Updated CVEs:**
-[CVE-2022-4095](cves/CVE-2022-4095)
-[CVE-2023-25775](cves/CVE-2023-25775)
-[CVE-2023-31083](cves/CVE-2023-31083)
-[CVE-2023-37453](cves/CVE-2023-37453)
-[CVE-2023-4623](cves/CVE-2023-4623)
-[CVE-2023-3777](cves/CVE-2023-3777)
-[CVE-2023-4015](cves/CVE-2023-4015)
-[CVE-2023-4155](cves/CVE-2023-4155)
-[CVE-2023-4206](cves/CVE-2023-4206)
+[CVE-2017-5715](cves/CVE-2017-5715)
+[CVE-2023-1194](cves/CVE-2023-1194)
[CVE-2023-4207](cves/CVE-2023-4207)
-[CVE-2023-4208](cves/CVE-2023-4208)
-[CVE-2023-4622](cves/CVE-2023-4622)
+[CVE-2023-4623](cves/CVE-2023-4623)
+[CVE-2023-4881](cves/CVE-2023-4881)
+[CVE-2023-4921](cves/CVE-2023-4921)
+[CVE-2023-2163](cves/CVE-2023-2163)
+[CVE-2023-34319](cves/CVE-2023-34319)
+[CVE-2023-3567](cves/CVE-2023-3567)
+[CVE-2023-4155](cves/CVE-2023-4155)
+[CVE-2023-4563](cves/CVE-2023-4563)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index ae80791..c45d27f 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -962,6 +962,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1311,6 +1312,8 @@
CVE-2023-40283: Fix not seen in stream
CVE-2023-4134: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index da1a339..6edd7fb 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1101,6 +1101,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1449,6 +1450,8 @@
CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index 0bc81b5..c1947b0 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -927,6 +927,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1281,6 +1282,8 @@
CVE-2023-40283: Fix not seen in stream
CVE-2023-4134: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index ffbf93e..7384878 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1061,6 +1061,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1415,6 +1416,8 @@
CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index e38ebb8..7d2d136 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -903,6 +903,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fixed with 3.16.83
@@ -1272,6 +1273,8 @@
CVE-2023-40283: Fix not seen in stream
CVE-2023-4134: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index 7acf99e..f5311d7 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1016,6 +1016,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8694: (unk) powercap: restrict energy meter to root access
@@ -1378,6 +1379,8 @@
CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index c84c4cd..c334c6f 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -884,6 +884,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1263,6 +1264,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index d0c8635..551066b 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1120,6 +1120,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1499,6 +1500,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index 59013c1..eca64a5 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -958,6 +958,7 @@
CVE-2020-36386: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1275,6 +1276,8 @@
CVE-2023-4010: Fix unknown
CVE-2023-40283: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index aba008d..c7a59e2 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1118,6 +1118,7 @@
CVE-2020-36386: (unk) Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1433,6 +1434,8 @@
CVE-2023-4010: (unk)
CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 620a0a9..6e7d4e6 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -838,6 +838,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1230,6 +1231,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index 770a92e..957fd9e 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -937,6 +937,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1328,6 +1329,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index d01c511..f072a6d 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -719,6 +719,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1144,6 +1145,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index 791f62b..f012272 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -753,6 +753,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1178,6 +1179,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index 93f89ed..2561929 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -688,6 +688,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1116,6 +1117,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index 42de8da..f8e6634 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -710,6 +710,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1138,6 +1139,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index 4806754..3d6dfb1 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -663,6 +663,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1103,6 +1104,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 1764d42..bc7efb2 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -689,6 +689,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1129,6 +1130,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index 5410100..f767382 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -645,6 +645,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1088,6 +1089,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index 8db8ce6..fd62123 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -673,6 +673,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1116,6 +1117,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index 3e6af3f..c137f19 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -609,6 +609,7 @@
CVE-2020-36557: Fixed with 4.14.175
CVE-2020-36558: Fixed with 4.14.172
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fixed with 4.14.196
CVE-2020-3702: Fixed with 4.14.245
CVE-2020-4788: Fixed with 4.14.208
CVE-2020-7053: Fix not seen in stream
@@ -1057,13 +1058,15 @@
CVE-2023-4132: Fixed with 4.14.322
CVE-2023-4134: Fix not seen in stream
CVE-2023-4206: Fixed with 4.14.322
-CVE-2023-4207: Fix not seen in stream
+CVE-2023-4207: Fixed with 4.14.326
CVE-2023-4208: Fixed with 4.14.322
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fixed with 4.14.326
+CVE-2023-42755: Fixed with 4.14.326
CVE-2023-4385: Fixed with 4.14.283
CVE-2023-4387: Fixed with 4.14.281
CVE-2023-4459: Fixed with 4.14.281
CVE-2023-4622: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4921: Fixed with 4.14.326
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index 3c206fd..46ebedb 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -767,6 +767,9 @@
CVE-2020-14314: fbbfd55a40d5d0806b59ee0403c75d5ac517533f ext4: fix potential negative array index in do_split()
CVE-2020-29371: 89346bc395e7bc0a7d3c36c824782050b17d4fec romfs: fix uninitialized memory leak in romfs_dev_read()
+CVEs fixed in 4.14.196:
+ CVE-2020-36766: e6a62b5c4f7a05afec7ea4cfb040fb8512376259 cec-api: prevent leaking memory through hole in structure
+
CVEs fixed in 4.14.197:
CVE-2020-0465: a083dcdcfa2568747112edf865b3e848d70835e5 HID: core: Sanitize event code and type when mapping input
CVE-2020-25285: c4b219136040bc57e9704afee8f5c5a9430795a5 mm/hugetlb: fix a race between hugetlb sysctl handlers
@@ -1377,6 +1380,12 @@
CVEs fixed in 4.14.324:
CVE-2023-3772: ed1cba039309c80b49719fcff3e3d7cdddb73d96 xfrm: add NULL check in xfrm_update_ae_params
+CVEs fixed in 4.14.326:
+ CVE-2023-4207: 530a85ea747965b7c275fa44a364916e0ec2efaa net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
+ CVE-2023-42752: afd2657ba7af6d05afd6cc6b9315c091fafed14b igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: a048f77ba9cf7f77a06b2ee60446c6cc061c2daf net/sched: Retire rsvp classifier
+ CVE-2023-4921: d9f43fc5a78d1505733d3621cd4c044eaf71a02f net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1597,9 +1606,7 @@
CVE-2023-3863: (unk) net: nfc: Fix use-after-free caused by nfc_llcp_find_local
CVE-2023-4010: (unk)
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
- CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index 329515a..f8516aa 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -553,6 +553,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -1016,6 +1017,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index eba8638..741a3c9 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -587,6 +587,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -1048,6 +1049,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index 9ed70fc..ca1abaf 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -532,6 +532,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -996,6 +997,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index cfd7701..cf4bcb0 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -564,6 +564,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -1028,6 +1029,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 12cef90..a9f6156 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -512,6 +512,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -978,6 +979,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 92dbd46..7a3c043 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -544,6 +544,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -1010,6 +1011,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 6a7572c..e959f93 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -490,6 +490,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -956,6 +957,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index cfb6a9f..0fe8493 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -522,6 +522,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -988,6 +989,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index 97d429c..e56f3e3 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -459,6 +459,7 @@
CVE-2020-36558: Fixed with 4.19.107
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fixed with 4.19.164
+CVE-2020-36766: Fixed with 4.19.143
CVE-2020-3702: Fixed with 4.19.205
CVE-2020-4788: Fixed with 4.19.159
CVE-2020-7053: Fix not seen in stream
@@ -936,13 +937,15 @@
CVE-2023-4133: Fix not seen in stream
CVE-2023-4134: Fix not seen in stream
CVE-2023-4206: Fixed with 4.19.291
-CVE-2023-4207: Fix not seen in stream
+CVE-2023-4207: Fixed with 4.19.295
CVE-2023-4208: Fixed with 4.19.291
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fixed with 4.19.295
+CVE-2023-42755: Fixed with 4.19.295
CVE-2023-4385: Fixed with 4.19.247
CVE-2023-4387: Fixed with 4.19.245
CVE-2023-4459: Fixed with 4.19.245
CVE-2023-4622: Fix not seen in stream
-CVE-2023-4623: Fix not seen in stream
+CVE-2023-4623: Fixed with 4.19.295
CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4921: Fixed with 4.19.295
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 5fb565d..42f409b 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -553,6 +553,9 @@
CVE-2020-14314: b3ddf6ba5e28a57729fff1605ae08e21be5c92e3 ext4: fix potential negative array index in do_split()
CVE-2020-29371: 9660983738399465fd0e3b1977a61bbd29b2e5be romfs: fix uninitialized memory leak in romfs_dev_read()
+CVEs fixed in 4.19.143:
+ CVE-2020-36766: da489549711e61bd43f3fd6fe19bb538eb575b39 cec-api: prevent leaking memory through hole in structure
+
CVEs fixed in 4.19.144:
CVE-2020-0465: a47b8511d90528c77346597e2012100dfc28cd8c HID: core: Sanitize event code and type when mapping input
CVE-2020-12888: da7aea6eb5608695f590dcd72523536b709d0399 vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
@@ -1206,6 +1209,13 @@
CVE-2023-1077: 84d90fb72a053c034b018fcc3cfaa6f606faf1c6 sched/rt: pick_next_rt_entity(): check list_entry
CVE-2023-3772: 44f69c96f8a147413c23c68cda4d6fb5e23137cd xfrm: add NULL check in xfrm_update_ae_params
+CVEs fixed in 4.19.295:
+ CVE-2023-4207: 4f38dc8496d1991e2c055a0068dd98fb48affcc6 net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
+ CVE-2023-42752: 76ce657a5db97ff4e26b284fedc33e8591a4be17 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: 6ca0ea6a46e7a2d70fb1b1f6a886efe2b2365e16 net/sched: Retire rsvp classifier
+ CVE-2023-4623: 7c62e0c3c6e9c9c15ead63339db6a0e158d22a66 net/sched: sch_hfsc: Ensure inner classes have fsc curve
+ CVE-2023-4921: 7ea1faa59c75336d86893378838ed1e6f20c0520 net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1406,9 +1416,6 @@
CVE-2023-4010: (unk)
CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
- CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
- CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index cad9c77..1635b7c 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -448,6 +448,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -936,6 +937,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index ef3b5ba..892e066 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -481,6 +481,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -968,6 +969,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index e2bdc5a..7d80422 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -831,6 +831,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1231,6 +1232,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
CVE-2023-4622: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 6948ae5..3dd6a74 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -847,6 +847,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1247,6 +1248,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 2af56d4..d577c18 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -810,6 +810,7 @@
CVE-2020-36557: Fixed with 4.4.218
CVE-2020-36558: Fixed with 4.4.215
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fixed with 4.4.284
CVE-2020-4788: Fixed with 4.4.245
CVE-2020-8647: Fixed with 4.4.216
@@ -1212,6 +1213,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index 39de291..eb7cd45 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1395,6 +1395,7 @@
CVE-2020-36322: (unk) fuse: fix bad inode
CVE-2020-36385: (unk) RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-8832: (unk) drm/i915: Record the default hw state after reset upon load
CVE-2021-0399: (unk)
CVE-2021-0929: (unk) staging/android/ion: delete dma_buf->kmap/unmap implemenation
@@ -1698,6 +1699,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index 918a11a..22ca777 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -792,6 +792,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1195,6 +1196,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index 9623522..6069eeb 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -808,6 +808,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1211,6 +1212,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 668e459..df36f16 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -762,6 +762,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1169,6 +1170,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index ea53182..56945fb 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -780,6 +780,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1187,6 +1188,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index fb2ed35..7e07738 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -742,6 +742,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1152,6 +1153,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index 57e0222..f3f326f 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -762,6 +762,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1172,6 +1173,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 72a6d4e..3a28818 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -741,6 +741,7 @@
CVE-2020-36557: Fix not seen in stream
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8647: Fix not seen in stream
@@ -1155,6 +1156,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index b60a410..ed53564 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -771,6 +771,7 @@
CVE-2020-36557: (unk) vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8647: (unk) vgacon: Fix a UAF in vgacon_invert_region
@@ -1185,6 +1186,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index cf55834..46837b1 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -175,7 +175,7 @@
CVE-2017-5576: Fixed with 4.9.7
CVE-2017-5577: Fixed with 4.9.7
CVE-2017-5669: Fixed with 4.9.14
-CVE-2017-5715: Fix not seen in stream
+CVE-2017-5715: Fixed with 4.9.77
CVE-2017-5753: Fix not seen in stream
CVE-2017-5754: Fixed with 4.9.81
CVE-2017-5897: Fixed with 4.9.11
@@ -740,6 +740,7 @@
CVE-2020-36557: Fixed with 4.9.218
CVE-2020-36558: Fixed with 4.9.215
CVE-2020-36691: Fix not seen in stream
+CVE-2020-36766: Fixed with 4.9.235
CVE-2020-3702: Fixed with 4.9.283
CVE-2020-4788: Fixed with 4.9.245
CVE-2020-8647: Fixed with 4.9.216
@@ -1159,6 +1160,8 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fixed with 4.9.318
CVE-2023-4387: Fixed with 4.9.316
CVE-2023-4459: Fixed with 4.9.316
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index ef32c24..2c7acec 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -326,6 +326,7 @@
CVE-2017-1000410: 6aebc2670ebfdda0762a6b471fbf8ca18dcf44f2 Bluetooth: Prevent stack info leak from the EFS element.
CVE-2017-13216: c51d23dffc2e9ca05d611c86c440f9055541c62d staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
CVE-2017-17741: c781e3be97a1cbeef8c853101e8f266db556b0a3 KVM: Fix stack-out-of-bounds read in write_mmio
+ CVE-2017-5715: 26323fb4d717e11a69484c6df02eeef90dba7ef2 x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
CVE-2018-5332: cebb382931c4fb341162eae80b696650260e4a2b RDS: Heap OOB write in rds_message_alloc_sgs()
CVE-2018-5333: ce31b6ac1111096ae9bb0b45f4ba564a909bb366 RDS: null pointer dereference in rds_atomic_free_op
@@ -941,6 +942,9 @@
CVE-2020-14314: 539ae3e03875dacaa9c388aff141ccbb4ef4ecb5 ext4: fix potential negative array index in do_split()
CVE-2020-29371: 6d26d08216475e5a40e4f6ade397c181a19dc524 romfs: fix uninitialized memory leak in romfs_dev_read()
+CVEs fixed in 4.9.235:
+ CVE-2020-36766: 43f90dc5c73e0e9d2a459d904b71f9682fd54f1b cec-api: prevent leaking memory through hole in structure
+
CVEs fixed in 4.9.236:
CVE-2020-0465: ac48d8300edd1aa4ce0fbef0ff5136d363f44cdf HID: core: Sanitize event code and type when mapping input
CVE-2020-12888: 5f2c69e2ef24a79b6909a6dc6b249a17909965f8 vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
@@ -1406,7 +1410,6 @@
CVE-2017-18232: (unk) scsi: libsas: direct call probe and destruct
CVE-2017-18261: (unk) clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is enabled
CVE-2017-18552: (unk) RDS: validate the requested traces user input against max supported
- CVE-2017-5715: (unk) x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
CVE-2017-5753: (unk) x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
CVE-2017-5967: (unk) time: Remove CONFIG_TIMER_STATS
CVE-2017-8065: (unk) crypto: ccm - move cbcmac input off the stack
@@ -1708,6 +1711,8 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index 83d9fd9..7513dd5 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -427,6 +427,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -915,6 +916,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index 00c83a6..26b8c83 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -475,6 +475,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -963,6 +964,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index 0808580..e8e705d 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -391,6 +391,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-7053: Fix not seen in stream
@@ -895,6 +896,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index 5bc960f..bb5074d 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -427,6 +427,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-7053: (unk) drm/i915: Introduce a mutex for file_priv->context_idr
@@ -931,6 +932,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index c5bed85..722d344 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -649,12 +649,16 @@
CVE-2023-4208: Fixed with 5.10.190
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fixed with 5.10.190
+CVE-2023-42752: Fixed with 5.10.195
+CVE-2023-42753: Fixed with 5.10.195
+CVE-2023-42755: Fixed with 5.10.197
CVE-2023-4385: Fixed with 5.10.121
CVE-2023-4387: Fixed with 5.10.118
CVE-2023-4389: Fixed with 5.10.112
CVE-2023-4459: Fixed with 5.10.118
CVE-2023-4563: Fix not seen in stream
CVE-2023-4622: Fix not seen in stream
-CVE-2023-4623: Fix not seen in stream
+CVE-2023-4623: Fixed with 5.10.195
CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4921: Fixed with 5.10.195
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index aff3180..b85a484 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -792,6 +792,15 @@
CVEs fixed in 5.10.192:
CVE-2023-3772: bd30aa9c7febb6e709670cd5154194189ca3b7b5 xfrm: add NULL check in xfrm_update_ae_params
+CVEs fixed in 5.10.195:
+ CVE-2023-42752: 1186eaffd87ed9be6f18cbc7145ffdcb1f6982e0 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: 83091f8ac03f118086596f17c9a52d31d6ca94b3 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-4623: b08cc6c0396fd5cfaac4ca044f2282367347c062 net/sched: sch_hfsc: Ensure inner classes have fsc curve
+ CVE-2023-4921: 746a8df5e4d235059b1adf02e8456e7ec132d2d8 net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
+CVEs fixed in 5.10.197:
+ CVE-2023-42755: 8db844077ec9912d75952c80d76da71fc2412852 net/sched: Retire rsvp classifier
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -941,6 +950,5 @@
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
- CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index b25d3aa..4b7acd4 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -643,6 +643,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -652,3 +655,4 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index 49ef8e2..f26934c 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -685,6 +685,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -694,3 +697,4 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 7685ce7..d9fc478 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -595,6 +595,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -604,3 +607,4 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index 170b4fe..d05ffda 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -627,6 +627,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -636,3 +639,4 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 026a5c8..cf137bd 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -564,6 +564,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -574,3 +577,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index 6605ebb..1d621d7 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -596,6 +596,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -606,3 +609,5 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index 78298e0..c0966f9 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -539,6 +539,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -549,3 +552,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 924141b..81f36c3 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -573,6 +573,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -583,3 +586,5 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index b1373ee..9af91b6 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -390,7 +390,7 @@
CVE-2023-1118: Fixed with 5.15.99
CVE-2023-1192: Fixed with 5.15.113
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1206: Fixed with 5.15.124
CVE-2023-1249: Fixed with 5.15.33
CVE-2023-1252: Fixed with 5.15.3
@@ -545,6 +545,9 @@
CVE-2023-4208: Fixed with 5.15.126
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fixed with 5.15.128
+CVE-2023-42752: Fixed with 5.15.132
+CVE-2023-42753: Fixed with 5.15.132
+CVE-2023-42755: Fixed with 5.15.133
CVE-2023-4385: Fixed with 5.15.46
CVE-2023-4387: Fixed with 5.15.42
CVE-2023-4389: Fixed with 5.15.35
@@ -552,6 +555,8 @@
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fixed with 5.15.128
CVE-2023-4622: Fix not seen in stream
-CVE-2023-4623: Fix not seen in stream
-CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4623: Fixed with 5.15.132
+CVE-2023-4881: Fixed with 5.15.132
+CVE-2023-4921: Fixed with 5.15.132
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index 938f24d..b430bdf 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -619,6 +619,16 @@
CVE-2023-4273: 6b64974e02ea82d0bae917f1fa79495a1a59b5bf exfat: check if filename entries exceeds max filename length
CVE-2023-4569: 1adaec4758d1cefbf348a291ad9b752aaa10f8d3 netfilter: nf_tables: deactivate catchall elements in next generation
+CVEs fixed in 5.15.132:
+ CVE-2023-42752: 3e48f741e98a0bd2dc1ad517eec1931ea3accbd7 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-4623: 4cf994d3f4ff42d604fae2b461bdd5195a7dfabd net/sched: sch_hfsc: Ensure inner classes have fsc curve
+ CVE-2023-4881: 1ad7b189cc1411048434e8595ffcbe7873b71082 netfilter: nftables: exthdr: fix 4-byte stack OOB write
+ CVE-2023-4921: 6ea277b2c6263931798234e2eed892ecfbb85596 net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
+CVEs fixed in 5.15.133:
+ CVE-2023-42755: 08569c92f7f339de21b7a68d43d6795fc0aa24f2 net/sched: Retire rsvp classifier
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -716,7 +726,7 @@
CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area
CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1872: (unk) io_uring: propagate issue_flags state down to file assignment
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
@@ -756,6 +766,5 @@
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
- CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
- CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index f4e243a..a1d8271 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -357,7 +357,7 @@
CVE-2023-1118: Fix not seen in stream
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1195: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1249: Fixed with 5.16.19
@@ -513,6 +513,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -524,3 +527,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 54f49f2..49bf249 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -401,7 +401,7 @@
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -549,6 +549,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -560,3 +563,5 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index b06c48f..88bab1c 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -302,7 +302,7 @@
CVE-2023-1118: Fix not seen in stream
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1195: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1249: Fixed with 5.17.2
@@ -459,6 +459,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fixed with 5.17.14
CVE-2023-4387: Fixed with 5.17.10
CVE-2023-4389: Fixed with 5.17.4
@@ -470,3 +473,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index 502b867..5df46ac 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -347,7 +347,7 @@
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -495,6 +495,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4394: (unk) btrfs: fix possible memory leak in btrfs_get_dev_args_from_path()
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
@@ -502,3 +505,5 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index cce068b..283d457 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -257,7 +257,7 @@
CVE-2023-1118: Fix not seen in stream
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1195: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
@@ -409,6 +409,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fixed with 5.18.3
CVE-2023-4387: Fixed with 5.18
CVE-2023-4394: Fix not seen in stream
@@ -419,3 +422,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index b09030e..2226c5b 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -304,7 +304,7 @@
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -448,6 +448,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4394: (unk) btrfs: fix possible memory leak in btrfs_get_dev_args_from_path()
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
@@ -455,3 +458,5 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 139c73b..6242cb2 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -213,7 +213,7 @@
CVE-2023-1118: Fix not seen in stream
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1195: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
@@ -368,6 +368,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4394: Fixed with 5.19.6
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fix not seen in stream
@@ -375,3 +378,5 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index e9686cf..2cf2662 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -248,7 +248,7 @@
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -399,9 +399,14 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index 5aa1b35..45b93ba 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -348,6 +348,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8428: Fix not seen in stream
@@ -857,6 +858,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index 3e0fff3..b5530e7 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -386,6 +386,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8428: (unk) do_last(): fetch directory ->i_mode and ->i_uid before it's too late
@@ -895,6 +896,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index d3b85cb..573ca5b 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -318,6 +318,7 @@
CVE-2020-36558: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8428: Fix not seen in stream
@@ -832,6 +833,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 2ab6d01..68af58e 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -354,6 +354,7 @@
CVE-2020-36558: (unk) vt: vt_ioctl: fix race in VT_RESIZEX
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8428: (unk) do_last(): fetch directory ->i_mode and ->i_uid before it's too late
@@ -868,6 +869,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index efa5c6d..bdf513c 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -243,6 +243,7 @@
CVE-2020-36558: Fixed with 5.4.23
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fixed with 5.4.86
+CVE-2020-36766: Fixed with 5.4.62
CVE-2020-3702: Fixed with 5.4.143
CVE-2020-4788: Fixed with 5.4.79
CVE-2020-8428: Fixed with 5.4.16
@@ -762,10 +763,13 @@
CVE-2023-4207: Fixed with 5.4.253
CVE-2023-4208: Fixed with 5.4.253
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fixed with 5.4.257
+CVE-2023-42753: Fixed with 5.4.257
+CVE-2023-42755: Fixed with 5.4.257
CVE-2023-4385: Fixed with 5.4.198
CVE-2023-4387: Fixed with 5.4.196
CVE-2023-4459: Fixed with 5.4.196
CVE-2023-4622: Fix not seen in stream
-CVE-2023-4623: Fix not seen in stream
+CVE-2023-4623: Fixed with 5.4.257
CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4921: Fixed with 5.4.257
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index c06ca23..c0d42ac 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -239,6 +239,7 @@
CVE-2020-29371: 19a77c937a1914bdd655366e79a2a1b7d675f554 romfs: fix uninitialized memory leak in romfs_dev_read()
CVEs fixed in 5.4.62:
+ CVE-2020-36766: 6734eeb6c2f07336f76bcf2c57e7bf8259ae0d40 cec-api: prevent leaking memory through hole in structure
CVE-2021-3428: 8e63c86f658005a9d8bc672642e587a787c53a72 ext4: handle error of ext4_setup_system_zone() on remount
CVEs fixed in 5.4.63:
@@ -986,6 +987,13 @@
CVEs fixed in 5.4.255:
CVE-2023-3772: 8046beb890ebc83c5820188c650073e1c6066e67 xfrm: add NULL check in xfrm_update_ae_params
+CVEs fixed in 5.4.257:
+ CVE-2023-42752: 3d54e99499307c3e5613a2fe2a5c9b97eef95ff4 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: 109e830585e89a03d554bf8ad0e668630d0a6260 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: 42900fd140c8db99141b9f083bfe8de887190ed9 net/sched: Retire rsvp classifier
+ CVE-2023-4623: da13749d5ff70bb033a8f35da32cfd6e88246b2f net/sched: sch_hfsc: Ensure inner classes have fsc curve
+ CVE-2023-4921: a6d11571b91d34fd7ce8451c2dfd112194c79ae2 net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1154,6 +1162,4 @@
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
- CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 13647b4..44b785c 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -195,6 +195,7 @@
CVE-2020-36558: Fixed with 5.5.7
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8428: Fixed with 5.5
@@ -723,6 +724,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index ba12134..78a7c11 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -239,6 +239,7 @@
CVE-2020-36516: (unk) ipv4: avoid using shared IP generator for connected sockets
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8694: (unk) powercap: restrict energy meter to root access
@@ -757,6 +758,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index d3fc584..4d70f39 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -174,6 +174,7 @@
CVE-2020-36557: Fixed with 5.6.2
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8694: Fix not seen in stream
@@ -703,6 +704,9 @@
CVE-2023-4207: Fix not seen in stream
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4459: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 1e7e28d..eb34e7d 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -211,6 +211,7 @@
CVE-2020-36516: (unk) ipv4: avoid using shared IP generator for connected sockets
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8694: (unk) powercap: restrict energy meter to root access
@@ -737,6 +738,9 @@
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index 319234d..245992b 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -153,6 +153,7 @@
CVE-2020-36516: Fix not seen in stream
CVE-2020-36691: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fix not seen in stream
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8694: Fix not seen in stream
@@ -702,6 +703,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index b2e97cc..60aea24 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -190,6 +190,7 @@
CVE-2020-36516: (unk) ipv4: avoid using shared IP generator for connected sockets
CVE-2020-36691: (unk) netlink: limit recursion depth in policy validation
CVE-2020-36694: (unk) netfilter: x_tables: Switch synchronization to RCU
+ CVE-2020-36766: (unk) cec-api: prevent leaking memory through hole in structure
CVE-2020-3702: (unk) ath: Use safer key clearing with key cache entries
CVE-2020-4788: (unk) powerpc/64s: flush L1D on kernel entry
CVE-2020-8694: (unk) powercap: restrict energy meter to root access
@@ -736,6 +737,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index ade9334..62f33fc 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -129,6 +129,7 @@
CVE-2020-36387: Fixed with 5.8.2
CVE-2020-36516: Fix not seen in stream
CVE-2020-36694: Fix not seen in stream
+CVE-2020-36766: Fixed with 5.8.6
CVE-2020-3702: Fix not seen in stream
CVE-2020-4788: Fix not seen in stream
CVE-2020-8694: Fix not seen in stream
@@ -689,6 +690,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index fbe9fc3..51abe12 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -24,6 +24,7 @@
CVE-2020-29371: 734a5c3f266c26ff785bc1fcf083b55fcda47ff5 romfs: fix uninitialized memory leak in romfs_dev_read()
CVEs fixed in 5.8.6:
+ CVE-2020-36766: 72db989557d993793c01ba84eb98f3cbf2a7f4cf cec-api: prevent leaking memory through hole in structure
CVE-2021-3428: 6c30edde8a3a710c20b5689a921425a479501cb5 ext4: handle error of ext4_setup_system_zone() on remount
CVEs fixed in 5.8.7:
@@ -723,6 +724,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index 2f222e9..1fae333 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -667,6 +667,9 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4385: Fix not seen in stream
CVE-2023-4387: Fix not seen in stream
CVE-2023-4389: Fix not seen in stream
@@ -676,3 +679,4 @@
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index b1f76d6..c8fc696 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -697,6 +697,9 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4385: (unk) fs: jfs: fix possible NULL pointer dereference in dbFree()
CVE-2023-4387: (unk) net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
CVE-2023-4389: (unk) btrfs: fix root ref counts in error handling in btrfs_get_root_ref
@@ -706,3 +709,4 @@
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt
index 88cb83f..bbd8758 100644
--- a/data/6.0/6.0_CVEs.txt
+++ b/data/6.0/6.0_CVEs.txt
@@ -177,7 +177,7 @@
CVE-2023-1118: Fix not seen in stream
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1195: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
@@ -323,9 +323,14 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fix not seen in stream
CVE-2023-4622: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt
index b16871e..dec0c76 100644
--- a/data/6.0/6.0_security.txt
+++ b/data/6.0/6.0_security.txt
@@ -226,7 +226,7 @@
CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1195: (unk) cifs: fix use-after-free caused by invalid pointer `hostname`
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
@@ -357,9 +357,14 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt
index 02128d0..9ca07e6 100644
--- a/data/6.1/6.1_CVEs.txt
+++ b/data/6.1/6.1_CVEs.txt
@@ -126,7 +126,7 @@
CVE-2023-1118: Fixed with 6.1.16
CVE-2023-1192: Fixed with 6.1.33
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fixed with 6.1.34
CVE-2023-1206: Fixed with 6.1.43
CVE-2023-1281: Fixed with 6.1.13
CVE-2023-1380: Fixed with 6.1.27
@@ -267,9 +267,14 @@
CVE-2023-4208: Fixed with 6.1.45
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fixed with 6.1.45
+CVE-2023-42752: Fixed with 6.1.53
+CVE-2023-42753: Fixed with 6.1.53
+CVE-2023-42755: Fixed with 6.1.55
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fixed with 6.1.47
CVE-2023-4622: Fix not seen in stream
CVE-2023-4623: Fixed with 6.1.53
-CVE-2023-4881: Fix not seen in stream
-CVE-2023-4921: Fix not seen in stream
+CVE-2023-4881: Fixed with 6.1.54
+CVE-2023-4921: Fixed with 6.1.54
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt
index 3932d0b..a0cc23c 100644
--- a/data/6.1/6.1_security.txt
+++ b/data/6.1/6.1_security.txt
@@ -180,6 +180,7 @@
CVE-2023-35788: eac615ed3c6d91f1196f16f0a0599fff479cb220 net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVEs fixed in 6.1.34:
+ CVE-2023-1194: 8f2984233c87a1d08f4c45f077130590c7a2c991 ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-38427: bf12d7fb63b365fb766655cedcb5d5f292b0c35e ksmbd: fix out-of-bound read in deassemble_neg_contexts()
CVE-2023-38431: 543c12c2644e772caa6880662c2a852cfdc5a10c ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
@@ -250,8 +251,17 @@
CVEs fixed in 6.1.53:
CVE-2023-25775: f01cfec8d3456bf389918eb898eda11f46d8b1b7 RDMA/irdma: Prevent zero-length STAG registration
+ CVE-2023-42752: 6678912b4df1bfac6f7c80642d56dc22e23419e4 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: 7ca0706c68adadf86a36b60dca090f5e9481e808 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
CVE-2023-4623: a1e820fc7808e42b990d224f40e9b4895503ac40 net/sched: sch_hfsc: Ensure inner classes have fsc curve
+CVEs fixed in 6.1.54:
+ CVE-2023-4881: d9ebfc0f21377690837ebbd119e679243e0099cc netfilter: nftables: exthdr: fix 4-byte stack OOB write
+ CVE-2023-4921: a18349dc8d916a64d7c93f05da98953e3386d8e9 net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+
+CVEs fixed in 6.1.55:
+ CVE-2023-42755: b93aeb6352b0229e3c5ca5ca4ff015b015aff33c net/sched: Retire rsvp classifier
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -332,7 +342,6 @@
CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition
CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
CVE-2023-20941: (unk)
CVE-2023-21264: (unk) KVM: arm64: Prevent unconditional donation of unmapped regions from the host
CVE-2023-21400: (unk)
@@ -357,5 +366,5 @@
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
- CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
- CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt
index 990dc23..d633a27 100644
--- a/data/6.2/6.2_CVEs.txt
+++ b/data/6.2/6.2_CVEs.txt
@@ -90,7 +90,7 @@
CVE-2023-1118: Fixed with 6.2.3
CVE-2023-1192: Fix not seen in stream
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fix not seen in stream
CVE-2023-1206: Fix not seen in stream
CVE-2023-1281: Fixed with 6.2
CVE-2023-1380: Fixed with 6.2.14
@@ -213,9 +213,14 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
+CVE-2023-42755: Fix not seen in stream
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fix not seen in stream
CVE-2023-4622: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt
index 79aed2a..22e87bb 100644
--- a/data/6.2/6.2_security.txt
+++ b/data/6.2/6.2_security.txt
@@ -171,7 +171,7 @@
CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
+ CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-20569: (unk) x86/bugs: Increase the x86 bugs vector size to two u32s
CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0
@@ -241,9 +241,14 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
+ CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/6.3/6.3_CVEs.txt b/data/6.3/6.3_CVEs.txt
index ceb92ba..bc7d871 100644
--- a/data/6.3/6.3_CVEs.txt
+++ b/data/6.3/6.3_CVEs.txt
@@ -82,7 +82,7 @@
CVE-2023-0160: Fixed with 6.3.2
CVE-2023-1192: Fixed with 6.3.4
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
+CVE-2023-1194: Fixed with 6.3.8
CVE-2023-1206: Fix not seen in stream
CVE-2023-1380: Fixed with 6.3.1
CVE-2023-2002: Fixed with 6.3.1
@@ -180,9 +180,13 @@
CVE-2023-4208: Fix not seen in stream
CVE-2023-4244: Fix not seen in stream
CVE-2023-4273: Fix not seen in stream
+CVE-2023-42752: Fix not seen in stream
+CVE-2023-42753: Fix not seen in stream
CVE-2023-4563: Fix not seen in stream
CVE-2023-4569: Fix not seen in stream
CVE-2023-4622: Fix not seen in stream
CVE-2023-4623: Fix not seen in stream
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/6.3/6.3_security.txt b/data/6.3/6.3_security.txt
index 917ea59..0212a9b 100644
--- a/data/6.3/6.3_security.txt
+++ b/data/6.3/6.3_security.txt
@@ -60,6 +60,7 @@
CVE-2023-35788: 900fab73a9cd3dd6a3a69f89980f8f3c9a738d5a net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVEs fixed in 6.3.8:
+ CVE-2023-1194: 61dfe01204daf5469f21cc639f710f9e28e929c8 ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-38427: 205279b96b5c40c60c6de4f9342416e02ee279f1 ksmbd: fix out-of-bound read in deassemble_neg_contexts()
CVE-2023-38431: e9cb7be2fcbaee9e808b729e92948d38d52e5add ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
@@ -162,7 +163,6 @@
CVE-2022-45884: (unk)
CVE-2022-45885: (unk)
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-20569: (unk) x86/bugs: Increase the x86 bugs vector size to two u32s
CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0
@@ -208,9 +208,13 @@
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
+ CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/6.4/6.4_CVEs.txt b/data/6.4/6.4_CVEs.txt
index 8b0f40a..dd23d57 100644
--- a/data/6.4/6.4_CVEs.txt
+++ b/data/6.4/6.4_CVEs.txt
@@ -74,7 +74,6 @@
CVE-2022-45884: Fix unknown
CVE-2022-45885: Fix unknown
CVE-2023-1193: Fix unknown
-CVE-2023-1194: Fix unknown
CVE-2023-1206: Fixed with 6.4.8
CVE-2023-20569: Fixed with 6.4.9
CVE-2023-20588: Fixed with 6.4.10
@@ -127,6 +126,8 @@
CVE-2023-4208: Fixed with 6.4.10
CVE-2023-4244: Fixed with 6.4.12
CVE-2023-4273: Fixed with 6.4.10
+CVE-2023-42752: Fixed with 6.4.16
+CVE-2023-42753: Fixed with 6.4.16
CVE-2023-4563: Fixed with 6.4.11
CVE-2023-4569: Fixed with 6.4.12
CVE-2023-4611: Fixed with 6.4.8
@@ -134,3 +135,5 @@
CVE-2023-4623: Fixed with 6.4.16
CVE-2023-4881: Fix not seen in stream
CVE-2023-4921: Fix not seen in stream
+CVE-2023-5158: Fix unknown
+CVE-2023-5197: Fix not seen in stream
diff --git a/data/6.4/6.4_security.txt b/data/6.4/6.4_security.txt
index b44c7d5..2c4354a 100644
--- a/data/6.4/6.4_security.txt
+++ b/data/6.4/6.4_security.txt
@@ -63,6 +63,8 @@
CVEs fixed in 6.4.16:
CVE-2023-25775: ceba966f1d6391800cab3c1c9ac1661b5166bc5b RDMA/irdma: Prevent zero-length STAG registration
CVE-2023-37453: b4a074b1fb222164ed7d5c0b8c922dc4a0840848 USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
+ CVE-2023-42752: 87f07ec534e39e29bc715753df2e77509e8fafc3 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
+ CVE-2023-42753: d59b6fc405549f7caf31f6aa5da1d6bef746b166 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
CVE-2023-4623: 5293f466d41d6c2eaad8b833576ea3dbee630dc2 net/sched: sch_hfsc: Ensure inner classes have fsc curve
Outstanding CVEs:
@@ -141,7 +143,6 @@
CVE-2022-45884: (unk)
CVE-2022-45885: (unk)
CVE-2023-1193: (unk)
- CVE-2023-1194: (unk)
CVE-2023-20941: (unk)
CVE-2023-21400: (unk)
CVE-2023-23039: (unk)
@@ -160,3 +161,5 @@
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
+ CVE-2023-5158: (unk)
+ CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 82e7886..7af8e36 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -1720,6 +1720,7 @@
CVE-2020-36558: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6cd1ed50efd88261298577cd92a14f2768eddeeb (v2.6.12-rc2 to v5.6-rc3)
CVE-2020-36691: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 7690aa1cdf7c4565ad6b013b324c28b685505e24 (v2.6.12-rc2 to v5.8-rc1)
CVE-2020-36694: 80055dab5de0c8677bc148c4717ddfc753a9148e - cc00bcaa589914096edef7fb87ca5cee4a166b5c (v4.15-rc1 to v5.10)
+CVE-2020-36766: (n/a) - 6c42227c3467549ddc65efe99c869021d2f4a570 (unk to v5.9-rc1)
CVE-2020-3702: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56c5485c9e444c2e85e11694b6c44f1338fc20fd (v2.6.12-rc2 to v5.12-rc1-dontuse)
CVE-2020-4788: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f79643787e0a0762d2409b7b8334e83f22d85695 (v2.6.12-rc2 to v5.10-rc5)
CVE-2020-7053: 1acfc104cdf8a3408f0e83b4115d4419c6315005 - 7dc40713618c884bf07c030d1ab1f47a9dc1f310 (v4.14-rc1 to v5.2-rc1)
@@ -2317,7 +2318,7 @@
CVE-2023-1118: 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6 - 29b0589a865b6f66d141d79b2dd1373e4e50fe17 (v2.6.36-rc1 to v6.3-rc1)
CVE-2023-1192: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - 98bea253aa28ad8be2ce565a9ca21beb4a9419e5 (v5.15-rc1 to v6.4-rc1)
CVE-2023-1193: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - (n/a) (v5.15-rc1 to unk)
-CVE-2023-1194: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - (n/a) (v5.15-rc1 to unk)
+CVE-2023-1194: a848c4f15ab6d5d405dbee7de5da71839b2bf35e - fc6c6a3c324c1b3e93a03d0cfa3749c781f23de0 (v5.15-rc1 to v6.4-rc6)
CVE-2023-1195: 7be3248f313930ff3d3436d4e9ddbe9fccc1f541 - 153695d36ead0ccc4d0256953c751cabf673e621 (v5.16-rc1 to v6.1-rc3)
CVE-2023-1206: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - d11b0df7ddf1831f3e170972f43186dad520bfcc (v2.6.12-rc2 to v6.5-rc4)
CVE-2023-1249: 2aa362c49c314a98fb9aebbd7760a461667bac05 - 390031c942116d4733310f0684beb8db19885fe6 (v3.7-rc1 to v5.18-rc1)
@@ -2512,6 +2513,9 @@
CVE-2023-4208: de5df63228fcfbd5bb7fd883774c18fec9e61f12 - 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81 (v3.18-rc1 to v6.5-rc5)
CVE-2023-4244: (n/a) - 6a33d8b73dfac0a41f3877894b38082bd0c9a5bc (unk to v6.5-rc7)
CVE-2023-4273: ca06197382bde0a3bc20215595d1c9ce20c6e341 - d42334578eba1390859012ebb91e1e556d51db49 (v5.7-rc1 to v6.5-rc5)
+CVE-2023-42752: 57e1ab6eaddc9f2c358cd4afb497cda6e3c6821a - c3b704d4a4a265660e665df51b129e8425216ed1 (v2.6.38-rc1 to v6.6-rc1)
+CVE-2023-42753: 886503f34d63e681662057448819edb5b1057a97 - 050d91c03b28ca479df13dfb02bcd2c60dd6a878 (v4.20-rc2 to v6.6-rc1)
+CVE-2023-42755: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 265b4da82dbf5df04bee5a5d46b7474b1aaf326a (v2.6.12-rc2 to v6.3-rc1)
CVE-2023-4385: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0d4837fdb796f99369cf7691d33de1b856bcaf1f (v2.6.12-rc2 to v5.19-rc1)
CVE-2023-4387: 5738a09d58d5ad2871f1f9a42bf6a3aa9ece5b3c - 9e7fef9521e73ca8afd7da9e58c14654b02dfad8 (v4.4-rc4 to v5.18)
CVE-2023-4389: bc44d7c4b2b179c4b74fba208b9908e2ecbc1b4d - 168a2f776b9762f4021421008512dd7ab7474df1 (v5.7-rc1 to v5.18-rc3)
@@ -2524,3 +2528,5 @@
CVE-2023-4623: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b3d26c5702c7d6c45456326e56d2ccf3f103e60f (v2.6.12-rc2 to v6.6-rc1)
CVE-2023-4881: 49499c3e6e18b7677a63316f3ff54a16533dc28f - fd94d9dadee58e09b49075240fe83423eb1dcd36 (v4.1-rc1 to v6.6-rc1)
CVE-2023-4921: 462dbc9101acd38e92eda93c0726857517a24bbd - 8fc134fee27f2263988ae38920bc03da416b03d8 (v3.8-rc1 to v6.6-rc1)
+CVE-2023-5158: b8c06ad4d67db56ed6bdfb685c134da74e92a2c7 - (n/a) (v5.13-rc1 to unk)
+CVE-2023-5197: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - f15f29fd4779be8a418b66e9d52979bb6d6c2325 (v5.9-rc1 to v6.6-rc3)
diff --git a/data/cmts.json b/data/cmts.json
index b3bab3e..8245e5a 100644
--- a/data/cmts.json
+++ b/data/cmts.json
@@ -58,6 +58,7 @@
"04f25edb48c441fc278ecc154c270f16966cbb90": "v5.3-rc1",
"04f5866e41fb70690e28397487d8bd8eea7d712a": "v5.1-rc6",
"04f81f0154e4bf002be6f4d85668ce1257efa4d9": "v4.0-rc1",
+ "050d91c03b28ca479df13dfb02bcd2c60dd6a878": "v6.6-rc1",
"050fad7c4534c13c8eb1d9c2ba66012e014773cb": "v4.17-rc7",
"051ae669e4505abbe05165bebf6be7922de11f41": "v6.1-rc8",
"051ff581ce70e822729e9474941f3c206cbf7436": "v4.6-rc1",
@@ -530,6 +531,7 @@
"25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef": "v4.19-rc1",
"2638fd0f92d4397884fd991d8f4925cb3f081901": "v4.11-rc7",
"263b4509ec4d47e0da3e753f85a39ea12d1eff24": "v3.14-rc1",
+ "265b4da82dbf5df04bee5a5d46b7474b1aaf326a": "v6.3-rc1",
"265e60a170d0a0ecfc2d20490134ed2c48dd45ab": "v4.14-rc5",
"26634c4b1868323f49f8cd24c3493b57819867fd": "v3.10-rc1",
"2665abfd757fb35a241c6f0b1ebf620e3ffb36fb": "v5.5-rc1",
@@ -1224,6 +1226,7 @@
"57be1f3f3ec1ccab6432615ca161c4c9ece2a2aa": "v3.16-rc1",
"57bebf807e2abcf87d96b9de1266104ee2d8fc2f": "v6.3-rc1",
"57d44a354a43edba4ef9963327d4657d12edbfbc": "v6.5-rc1",
+ "57e1ab6eaddc9f2c358cd4afb497cda6e3c6821a": "v2.6.38-rc1",
"57e68e9cd65b4b8eb4045a1e0d0746458502554c": "v3.15-rc1",
"57ebd808a97d7c5b1e1afb937c2db22beba3c1f8": "v4.16-rc3",
"580077855a40741cf511766129702d97ff02f4d9": "v6.0-rc1",
@@ -1495,6 +1498,7 @@
"6c342ce2239c182c2428ce5a44cb32330434ae6e": "v5.17-rc5",
"6c389fc931bcda88940c809f752ada6d7799482c": "v4.8-rc5",
"6c3b047fa2d2286d5e438bcb470c7b1a49f415f6": "v4.15-rc1",
+ "6c42227c3467549ddc65efe99c869021d2f4a570": "v5.9-rc1",
"6c4841c2b6c32a134f9f36e5e08857138cc12b10": "v2.6.19-rc3",
"6c493f8b28c6744995e92801a20dca192635dd22": "v3.5-rc1",
"6c4e976785011dfbe461821d0bfc58cfd60eac56": "v4.12-rc1",
@@ -1876,6 +1880,7 @@
"88314e4dda1e158aabce76429ef4d017b48f8b92": "v2.6.25-rc1",
"8835ba4a39cf53f705417b3b3a94eb067673f2c9": "v4.6-rc1",
"8844618d8aa7a9973e7b527d038a2a589665002c": "v4.18-rc4",
+ "886503f34d63e681662057448819edb5b1057a97": "v4.20-rc2",
"8869477a49c3e99def1fcdadd6bbc407fea14b45": "v2.6.24-rc5",
"886e44c9298a6b428ae046e2fa092ca52e822e6a": "v5.17",
"887bfc546097fbe8071dac13b2fef73b77920899": "v6.2-rc1",
@@ -2500,6 +2505,7 @@
"b870e73a56c4cccbec33224233eaf295839f228c": "v6.2-rc5",
"b892bf75b2034e0e4af23da9a276160b8ad26c15": "v3.14-rc1",
"b8a8684502a0fc852afa0056c6bb2a9273f6fcc0": "v3.15-rc1",
+ "b8c06ad4d67db56ed6bdfb685c134da74e92a2c7": "v5.13-rc1",
"b8c75e4a1b325ea0a9433fa8834be97b5836b946": "v6.4-rc3",
"b8d17e7d93d2beb89e4f34c59996376b8b544792": "v5.5-rc1",
"b8e51a6a9db94bc1fb18ae831b3dab106b5a4b5f": "v5.4-rc6",
@@ -2673,6 +2679,7 @@
"c364df2489b8ef2f5e3159b1dff1ff1fdb16040d": "v5.13-rc7",
"c37e9e013469521d9adb932d17a1795c139b36db": "v4.18-rc4",
"c3b5b0241f620a356c97d8f43343e721c718806d": "v2.6.35-rc1",
+ "c3b704d4a4a265660e665df51b129e8425216ed1": "v6.6-rc1",
"c3c87e770458aa004bd7ed3f29945ff436fd6511": "v3.19-rc7",
"c3e2219216c92919a6bd1711f340f5faa98695e6": "v5.2-rc4",
"c40a2c8817e42273a4627c48c884b805475a733f": "v4.4-rc1",
@@ -3230,6 +3237,7 @@
"f14e22435a27ef183bbfa78f77ad86644c0b354c": "v3.10-rc5",
"f15133df088ecadd141ea1907f2c96df67c729f0": "v4.1-rc3",
"f15f05b0a5de667c821a9727c33bce9d1d9b26dd": "v4.11-rc1",
+ "f15f29fd4779be8a418b66e9d52979bb6d6c2325": "v6.6-rc3",
"f16d80b75a096c52354c6e0a574993f3b0dfbdfe": "v5.3-rc2",
"f185de28d9ae6c978135993769352e523ee8df06": "v5.13-rc1",
"f1923820c447e986a9da0fc6bf60c1dccdf0408e": "v3.9-rc8",
@@ -3376,6 +3384,7 @@
"fc3a9157d3148ab91039c75423da8ef97be3e105": "v2.6.38-rc1",
"fc4ef9d5724973193bfa5ebed181dba6de3a56db": "v5.19-rc1",
"fc67dd70adb711a45d2ef34e12d1a8be75edde61": "v4.16-rc1",
+ "fc6c6a3c324c1b3e93a03d0cfa3749c781f23de0": "v6.4-rc6",
"fc6d01ff9ef03b66d4a3a23b46fc3c3d8cf92009": "v5.18-rc1",
"fc7222c3a9f56271fba02aabbfbae999042f1679": "v6.0-rc6",
"fc739a058d99c9297ef6bfd923b809d85855b9a9": "v5.4-rc3",
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index 6ea5f33..890653a 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -30518,7 +30518,7 @@
"cwe": "Information Leak / Disclosure",
"fixes": "99c6fa2511d8a683e61468be91b83f85452115fa",
"last_affected_version": "4.14.13",
- "last_modified": "2023-06-29",
+ "last_modified": "2023-09-27",
"name": "Spectre",
"nvd_text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"ref_urls": {
@@ -59973,6 +59973,36 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2020-36694"
}
},
+ "CVE-2020-36766": {
+ "affected_versions": "unk to v5.9-rc1",
+ "breaks": "",
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "None",
+ "Confidentiality": "Low",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "score": 3.3
+ },
+ "cwe": "Unspecified",
+ "fixes": "6c42227c3467549ddc65efe99c869021d2f4a570",
+ "last_affected_version": "5.8.5",
+ "last_modified": "2023-09-27",
+ "nvd_text": "An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged users, because of directly assigning log_addrs with a hole in the struct.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2020-36766",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2020-36766",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2020-36766",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2020-36766",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2020-36766",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2020-36766"
+ }
+ },
"CVE-2020-3702": {
"affected_versions": "v2.6.12-rc2 to v5.12-rc1-dontuse",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
@@ -80547,10 +80577,12 @@
}
},
"CVE-2023-1194": {
- "affected_versions": "v5.15-rc1 to unk",
+ "affected_versions": "v5.15-rc1 to v6.4-rc6",
"breaks": "a848c4f15ab6d5d405dbee7de5da71839b2bf35e",
- "fixes": "",
- "last_modified": "2023-03-09",
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()",
+ "fixes": "fc6c6a3c324c1b3e93a03d0cfa3749c781f23de0",
+ "last_affected_version": "6.3.7",
+ "last_modified": "2023-09-27",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1194",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-1194",
@@ -81837,9 +81869,22 @@
"affected_versions": "v5.3-rc1 to v6.3",
"breaks": "b5dc0163d8fd78e64a7e21f309cf932fda34353e",
"cmt_msg": "bpf: Fix incorrect verifier pruning due to missing register precision taints",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Changed",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
+ "score": 8.8
+ },
"fixes": "71b547f561247897a0a14f3082730156c0533fed",
"last_affected_version": "6.2",
- "last_modified": "2023-07-19",
+ "last_modified": "2023-09-27",
+ "nvd_text": "Incorrect verifier pruning\u00a0in BPF in Linux Kernel\u00a0>=5.4\u00a0leads to unsafe\ncode paths being incorrectly marked as safe, resulting in\u00a0arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2163",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-2163",
@@ -84626,9 +84671,22 @@
"affected_versions": "v6.1 to v6.5-rc6",
"breaks": "ad7f402ae4f466647c3a669b8a6f3e5d4271c84a",
"cmt_msg": "xen/netback: Fix buffer overrun triggered by unusual packet",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "534fc31d09b706a16d83533e16b5dc855caf7576",
"last_affected_version": "6.4.8",
- "last_modified": "2023-08-25",
+ "last_modified": "2023-09-27",
+ "nvd_text": "The fix for XSA-423 added logic to Linux'es netback driver to deal with\na frontend splitting a packet in a way such that not all of the headers\nwould come in one piece. Unfortunately the logic introduced there\ndidn't account for the extreme case of the entire packet being split\ninto as many pieces as permitted by the protocol, yet still being\nsmaller than the area that's specially dealt with to keep all (possible)\nheaders together. Such an unusual packet would therefore trigger a\nbuffer overrun in the driver.\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-34319",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-34319",
@@ -84714,8 +84772,8 @@
},
"fixes": "226fae124b2dac217ea5436060d623ff3385bc34",
"last_affected_version": "6.1.10",
- "last_modified": "2023-08-11",
- "nvd_text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This flaw allows an attacker with local user access to cause a system crash or leak internal kernel information.",
+ "last_modified": "2023-09-27",
+ "nvd_text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-3567",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-3567",
@@ -85829,9 +85887,21 @@
"affected_versions": "v5.11-rc1 to v6.5-rc6",
"breaks": "291bd20d5d88814a73d43b55b9428feab2f28094",
"cmt_msg": "KVM: SEV: only access GHCB fields once",
+ "cvss3": {
+ "Attack Complexity": "High",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Changed",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
+ "score": 5.6
+ },
"fixes": "7588dbcebcbf0193ab5b76987396d0254270b04a",
"last_affected_version": "6.4.10",
- "last_modified": "2023-09-17",
+ "last_modified": "2023-09-27",
"nvd_text": "A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4155",
@@ -85918,7 +85988,7 @@
},
"fixes": "76e42ae831991c828cffa8c37736ebfb831ad5ec",
"last_affected_version": "6.4.9",
- "last_modified": "2023-09-17",
+ "last_modified": "2023-09-27",
"nvd_text": "A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.\n\nWhen fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec.\n\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4207",
@@ -86016,6 +86086,67 @@
"Ubuntu": "https://ubuntu.com/security/CVE-2023-4273"
}
},
+ "CVE-2023-42752": {
+ "affected_versions": "v2.6.38-rc1 to v6.6-rc1",
+ "breaks": "57e1ab6eaddc9f2c358cd4afb497cda6e3c6821a",
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "fixes": "c3b704d4a4a265660e665df51b129e8425216ed1",
+ "last_affected_version": "6.4.15",
+ "last_modified": "2023-09-27",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-42752",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-42752",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-42752",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-42752",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-42752",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-42752"
+ }
+ },
+ "CVE-2023-42753": {
+ "affected_versions": "v4.20-rc2 to v6.6-rc1",
+ "breaks": "886503f34d63e681662057448819edb5b1057a97",
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
+ "fixes": "050d91c03b28ca479df13dfb02bcd2c60dd6a878",
+ "last_affected_version": "6.4.15",
+ "last_modified": "2023-09-27",
+ "nvd_text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-42753",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-42753",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-42753",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-42753",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-42753",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-42753"
+ }
+ },
+ "CVE-2023-42755": {
+ "affected_versions": "v2.6.12-rc2 to v6.3-rc1",
+ "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "fixes": "265b4da82dbf5df04bee5a5d46b7474b1aaf326a",
+ "last_affected_version": "6.1.54",
+ "last_modified": "2023-09-27",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-42755",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-42755",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-42755",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-42755",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-42755",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-42755"
+ }
+ },
"CVE-2023-4385": {
"affected_versions": "v2.6.12-rc2 to v5.19-rc1",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
@@ -86167,7 +86298,8 @@
"cmt_msg": "netfilter: nf_tables: don't skip expired elements during walk",
"fixes": "24138933b97b055d486e8064b4a1721702442a9b",
"last_affected_version": "6.4.10",
- "last_modified": "2023-09-10",
+ "last_modified": "2023-09-27",
+ "nvd_text": "** REJECT ** This was assigned as a duplicate of CVE-2023-4244.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4563",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-4563",
@@ -86175,7 +86307,8 @@
"Red Hat": "https://access.redhat.com/security/cve/CVE-2023-4563",
"SUSE": "https://www.suse.com/security/cve/CVE-2023-4563",
"Ubuntu": "https://ubuntu.com/security/CVE-2023-4563"
- }
+ },
+ "rejected": true
},
"CVE-2023-4569": {
"affected_versions": "v5.13-rc1 to v6.5-rc7",
@@ -86281,7 +86414,7 @@
},
"fixes": "b3d26c5702c7d6c45456326e56d2ccf3f103e60f",
"last_affected_version": "6.4.15",
- "last_modified": "2023-09-17",
+ "last_modified": "2023-09-27",
"nvd_text": "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.\n\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4623",
@@ -86309,8 +86442,9 @@
"score": 7.1
},
"fixes": "fd94d9dadee58e09b49075240fe83423eb1dcd36",
- "last_modified": "2023-09-17",
- "nvd_text": "A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.",
+ "last_affected_version": "6.1.53",
+ "last_modified": "2023-09-27",
+ "nvd_text": "** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4881",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-4881",
@@ -86318,14 +86452,28 @@
"Red Hat": "https://access.redhat.com/security/cve/CVE-2023-4881",
"SUSE": "https://www.suse.com/security/cve/CVE-2023-4881",
"Ubuntu": "https://ubuntu.com/security/CVE-2023-4881"
- }
+ },
+ "rejected": true
},
"CVE-2023-4921": {
"affected_versions": "v3.8-rc1 to v6.6-rc1",
"breaks": "462dbc9101acd38e92eda93c0726857517a24bbd",
"cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "8fc134fee27f2263988ae38920bc03da416b03d8",
- "last_modified": "2023-09-17",
+ "last_affected_version": "6.1.53",
+ "last_modified": "2023-09-27",
"nvd_text": "A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\n\nWhen the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().\n\nWe recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.\n\n",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4921",
@@ -86335,5 +86483,48 @@
"SUSE": "https://www.suse.com/security/cve/CVE-2023-4921",
"Ubuntu": "https://ubuntu.com/security/CVE-2023-4921"
}
+ },
+ "CVE-2023-5158": {
+ "affected_versions": "v5.13-rc1 to unk",
+ "breaks": "b8c06ad4d67db56ed6bdfb685c134da74e92a2c7",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "score": 5.5
+ },
+ "cwe": "Unspecified",
+ "fixes": "",
+ "last_modified": "2023-09-27",
+ "nvd_text": "A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-5158",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-5158",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-5158",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-5158",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-5158",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-5158"
+ }
+ },
+ "CVE-2023-5197": {
+ "affected_versions": "v5.9-rc1 to v6.6-rc3",
+ "breaks": "d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87",
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding",
+ "fixes": "f15f29fd4779be8a418b66e9d52979bb6d6c2325",
+ "last_modified": "2023-09-27",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-5197",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-5197",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-5197",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-5197",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-5197",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-5197"
+ }
}
}
\ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json
index 2500278..85f8620 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -3464,12 +3464,15 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
- "CVE-2021-20265": {
- "cmt_msg": "af_unix: fix struct pid memory leak"
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
},
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
+ "CVE-2021-20265": {
+ "cmt_msg": "af_unix: fix struct pid memory leak"
+ },
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
@@ -4070,12 +4073,18 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -4721,6 +4730,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
@@ -6656,6 +6668,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -7511,6 +7526,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -10128,6 +10146,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2018-7740": {
"cmt_msg": "hugetlbfs: check for pgoff value overflow"
},
@@ -10914,6 +10935,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -10923,6 +10947,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -12124,6 +12151,9 @@
"CVE-2018-10938": {
"cmt_msg": "Cipso: cipso_v4_optptr enter infinite loop"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2017-1000252": {
"cmt_msg": "KVM: VMX: Do not BUG() on out-of-bounds guest IRQ"
},
@@ -13474,6 +13504,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2018-7740": {
"cmt_msg": "hugetlbfs: check for pgoff value overflow"
},
@@ -14293,6 +14326,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -16705,6 +16741,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
@@ -17467,6 +17506,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -17476,6 +17518,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -20068,6 +20113,12 @@
"cmt_id": "6875d79ba740f47a480908cf9fa791715ea0e4f1"
}
},
+ "4.14.196": {
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cmt_id": "e6a62b5c4f7a05afec7ea4cfb040fb8512376259"
+ }
+ },
"4.14.197": {
"CVE-2020-25285": {
"cmt_msg": "mm/hugetlb: fix a race between hugetlb sysctl handlers",
@@ -21818,6 +21869,24 @@
"cmt_id": "ed1cba039309c80b49719fcff3e3d7cdddb73d96"
}
},
+ "4.14.326": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "a048f77ba9cf7f77a06b2ee60446c6cc061c2daf"
+ },
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "d9f43fc5a78d1505733d3621cd4c044eaf71a02f"
+ },
+ "CVE-2023-4207": {
+ "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free",
+ "cmt_id": "530a85ea747965b7c275fa44a364916e0ec2efaa"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "afd2657ba7af6d05afd6cc6b9315c091fafed14b"
+ }
+ },
"outstanding": {
"CVE-2023-20593": {
"cmt_msg": "x86/cpu/amd: Add a Zenbleed fix"
@@ -22098,9 +22167,6 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
"CVE-2019-18885": {
"cmt_msg": "btrfs: merge btrfs_find_device and find_device"
},
@@ -22452,9 +22518,6 @@
"CVE-2020-8832": {
"cmt_msg": "drm/i915: Record the default hw state after reset upon load"
},
- "CVE-2023-4207": {
- "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free"
- },
"CVE-2022-1280": {
"cmt_msg": "drm: avoid circular locks in drm_mode_getconnector"
},
@@ -24383,6 +24446,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
@@ -25106,6 +25172,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -25115,6 +25184,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -27434,6 +27506,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
@@ -28178,6 +28253,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -28187,6 +28265,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -30157,6 +30238,12 @@
"cmt_id": "dcb6e6efb3298e59d90ee05c6ed33de810314892"
}
},
+ "4.19.143": {
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cmt_id": "da489549711e61bd43f3fd6fe19bb538eb575b39"
+ }
+ },
"4.19.144": {
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input",
@@ -32043,6 +32130,28 @@
"cmt_id": "44f69c96f8a147413c23c68cda4d6fb5e23137cd"
}
},
+ "4.19.295": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "6ca0ea6a46e7a2d70fb1b1f6a886efe2b2365e16"
+ },
+ "CVE-2023-4623": {
+ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
+ "cmt_id": "7c62e0c3c6e9c9c15ead63339db6a0e158d22a66"
+ },
+ "CVE-2023-4207": {
+ "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free",
+ "cmt_id": "4f38dc8496d1991e2c055a0068dd98fb48affcc6"
+ },
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "7ea1faa59c75336d86893378838ed1e6f20c0520"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "76ce657a5db97ff4e26b284fedc33e8591a4be17"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -32269,9 +32378,6 @@
"CVE-2023-4622": {
"cmt_msg": "unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES"
},
- "CVE-2023-4623": {
- "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve"
- },
"CVE-2022-3533": {
"cmt_msg": ""
},
@@ -32296,9 +32402,6 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
"CVE-2020-10708": {
"cmt_msg": ""
},
@@ -32653,9 +32756,6 @@
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
},
- "CVE-2023-4207": {
- "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free"
- },
"CVE-2023-3640": {
"cmt_msg": ""
}
@@ -34499,6 +34599,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-3061": {
"cmt_msg": "video: fbdev: i740fb: Error out if 'pixclock' equals zero"
},
@@ -35204,6 +35307,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -35213,6 +35319,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -37185,6 +37294,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2016-10044": {
"cmt_msg": "aio: mark AIO pseudo-fs noexec"
},
@@ -38868,6 +38980,9 @@
"CVE-2019-15214": {
"cmt_msg": "ALSA: core: Fix card races between register and disconnect"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -39606,6 +39721,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2018-1000028": {
"cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled"
},
@@ -41099,6 +41217,9 @@
"CVE-2019-20096": {
"cmt_msg": "dccp: Fix memleak in __feat_register_sp"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2016-10044": {
"cmt_msg": "aio: mark AIO pseudo-fs noexec"
},
@@ -42962,8 +43083,8 @@
"CVE-2021-20261": {
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
- "CVE-2021-20265": {
- "cmt_msg": "af_unix: fix struct pid memory leak"
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -42974,6 +43095,9 @@
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
+ "CVE-2021-20265": {
+ "cmt_msg": "af_unix: fix struct pid memory leak"
+ },
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
@@ -43769,6 +43893,9 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2018-1000028": {
"cmt_msg": "nfsd: auth: Fix gid sorting when rootsquash enabled"
},
@@ -48088,6 +48215,9 @@
"CVE-2021-20261": {
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
@@ -48547,12 +48677,18 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4244": {
"cmt_msg": "netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path"
},
@@ -49039,13 +49175,21 @@
"cmt_msg": "USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()",
"cmt_id": "b4a074b1fb222164ed7d5c0b8c922dc4a0840848"
},
+ "CVE-2023-4623": {
+ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
+ "cmt_id": "5293f466d41d6c2eaad8b833576ea3dbee630dc2"
+ },
"CVE-2023-25775": {
"cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration",
"cmt_id": "ceba966f1d6391800cab3c1c9ac1661b5166bc5b"
},
- "CVE-2023-4623": {
- "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
- "cmt_id": "5293f466d41d6c2eaad8b833576ea3dbee630dc2"
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cmt_id": "d59b6fc405549f7caf31f6aa5da1d6bef746b166"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "87f07ec534e39e29bc715753df2e77509e8fafc3"
}
},
"outstanding": {
@@ -49106,6 +49250,9 @@
"CVE-2016-8660": {
"cmt_msg": ""
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -49199,6 +49346,9 @@
"CVE-2022-3544": {
"cmt_msg": ""
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
@@ -49226,7 +49376,7 @@
"CVE-2023-4921": {
"cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
},
- "CVE-2023-26242": {
+ "CVE-2023-37454": {
"cmt_msg": ""
},
"CVE-2022-3642": {
@@ -49292,7 +49442,7 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2023-1194": {
+ "CVE-2023-26242": {
"cmt_msg": ""
},
"CVE-2023-1193": {
@@ -49310,9 +49460,6 @@
"CVE-2022-44034": {
"cmt_msg": ""
},
- "CVE-2023-37454": {
- "cmt_msg": ""
- },
"CVE-2021-3847": {
"cmt_msg": ""
},
@@ -52852,6 +52999,9 @@
"CVE-2021-20261": {
"cmt_msg": "floppy: fix lock_fdc() signal handling"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
@@ -53443,12 +53593,18 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4244": {
"cmt_msg": "netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path"
},
@@ -54216,6 +54372,9 @@
"CVE-2023-3090": {
"cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -54321,11 +54480,17 @@
"CVE-2017-13694": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
},
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
@@ -54369,6 +54534,9 @@
"CVE-2022-3544": {
"cmt_msg": ""
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
@@ -54483,6 +54651,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ },
"CVE-2022-45885": {
"cmt_msg": ""
},
@@ -54523,7 +54694,7 @@
"cmt_msg": ""
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-1193": {
"cmt_msg": ""
@@ -55151,6 +55322,10 @@
"cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop",
"cmt_id": "543c12c2644e772caa6880662c2a852cfdc5a10c"
},
+ "CVE-2023-1194": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()",
+ "cmt_id": "8f2984233c87a1d08f4c45f077130590c7a2c991"
+ },
"CVE-2023-38427": {
"cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()",
"cmt_id": "bf12d7fb63b365fb766655cedcb5d5f292b0c35e"
@@ -55346,6 +55521,30 @@
"CVE-2023-25775": {
"cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration",
"cmt_id": "f01cfec8d3456bf389918eb898eda11f46d8b1b7"
+ },
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cmt_id": "7ca0706c68adadf86a36b60dca090f5e9481e808"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "6678912b4df1bfac6f7c80642d56dc22e23419e4"
+ }
+ },
+ "6.1.54": {
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "a18349dc8d916a64d7c93f05da98953e3386d8e9"
+ },
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write",
+ "cmt_id": "d9ebfc0f21377690837ebbd119e679243e0099cc"
+ }
+ },
+ "6.1.55": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "b93aeb6352b0229e3c5ca5ca4ff015b015aff33c"
}
},
"outstanding": {
@@ -55406,15 +55605,15 @@
"CVE-2021-26934": {
"cmt_msg": ""
},
- "CVE-2023-37454": {
- "cmt_msg": ""
- },
"CVE-2016-8660": {
"cmt_msg": ""
},
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -55481,9 +55680,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
- },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -55517,6 +55713,9 @@
"CVE-2022-3544": {
"cmt_msg": ""
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
@@ -55547,10 +55746,7 @@
"CVE-2023-4134": {
"cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()"
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
- "CVE-2023-26242": {
+ "CVE-2023-37454": {
"cmt_msg": ""
},
"CVE-2022-3642": {
@@ -55622,7 +55818,7 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2023-1194": {
+ "CVE-2023-26242": {
"cmt_msg": ""
},
"CVE-2023-1193": {
@@ -56326,6 +56522,9 @@
"CVE-2017-13694": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
@@ -56335,8 +56534,11 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
},
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
@@ -56359,6 +56561,9 @@
"CVE-2022-4382": {
"cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2013-7445": {
"cmt_msg": ""
},
@@ -56401,6 +56606,9 @@
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-36402": {
"cmt_msg": ""
},
@@ -56690,7 +56898,7 @@
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-1193": {
"cmt_msg": ""
@@ -56737,6 +56945,9 @@
"CVE-2023-20941": {
"cmt_msg": ""
},
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ },
"CVE-2022-25265": {
"cmt_msg": ""
},
@@ -57018,6 +57229,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2016-10044": {
"cmt_msg": "aio: mark AIO pseudo-fs noexec"
},
@@ -59052,6 +59266,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -59955,6 +60172,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -64806,6 +65026,9 @@
"CVE-2022-3534": {
"cmt_msg": "libbpf: Fix use-after-free in btf_dump_name_dups"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
@@ -65148,12 +65371,18 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -65529,6 +65758,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
@@ -67515,6 +67747,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -68403,6 +68638,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -69104,6 +69342,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2016-10044": {
"cmt_msg": "aio: mark AIO pseudo-fs noexec"
},
@@ -71099,6 +71340,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -71993,6 +72237,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -75453,6 +75700,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
@@ -76140,6 +76390,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -76149,6 +76402,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -78008,6 +78264,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
@@ -78554,12 +78813,21 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -79114,6 +79382,9 @@
"CVE-2016-3951": {
"cmt_msg": "cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2016-10044": {
"cmt_msg": "aio: mark AIO pseudo-fs noexec"
},
@@ -81208,8 +81479,8 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
- "CVE-2021-20265": {
- "cmt_msg": "af_unix: fix struct pid memory leak"
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
},
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
@@ -81220,6 +81491,9 @@
"CVE-2023-28328": {
"cmt_msg": "media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()"
},
+ "CVE-2021-20265": {
+ "cmt_msg": "af_unix: fix struct pid memory leak"
+ },
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
},
@@ -82135,6 +82409,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -84013,6 +84290,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
},
@@ -84544,12 +84824,21 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -84920,6 +85209,10 @@
}
},
"5.8.6": {
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cmt_id": "72db989557d993793c01ba84eb98f3cbf2a7f4cf"
+ },
"CVE-2021-3428": {
"cmt_msg": "ext4: handle error of ext4_setup_system_zone() on remount",
"cmt_id": "6c30edde8a3a710c20b5689a921425a479501cb5"
@@ -86730,12 +87023,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -88413,6 +88715,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2021-21781": {
"cmt_msg": "ARM: ensure the signal page contains defined contents"
},
@@ -88839,12 +89144,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -90060,25 +90374,29 @@
}
},
"4.9.77": {
- "CVE-2017-13216": {
- "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl",
- "cmt_id": "c51d23dffc2e9ca05d611c86c440f9055541c62d"
- },
"CVE-2017-17741": {
"cmt_msg": "KVM: Fix stack-out-of-bounds read in write_mmio",
"cmt_id": "c781e3be97a1cbeef8c853101e8f266db556b0a3"
},
- "CVE-2018-5333": {
- "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op",
- "cmt_id": "ce31b6ac1111096ae9bb0b45f4ba564a909bb366"
- },
"CVE-2017-1000410": {
"cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element.",
"cmt_id": "6aebc2670ebfdda0762a6b471fbf8ca18dcf44f2"
},
+ "CVE-2018-5333": {
+ "cmt_msg": "RDS: null pointer dereference in rds_atomic_free_op",
+ "cmt_id": "ce31b6ac1111096ae9bb0b45f4ba564a909bb366"
+ },
"CVE-2018-5332": {
"cmt_msg": "RDS: Heap OOB write in rds_message_alloc_sgs()",
"cmt_id": "cebb382931c4fb341162eae80b696650260e4a2b"
+ },
+ "CVE-2017-13216": {
+ "cmt_msg": "staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl",
+ "cmt_id": "c51d23dffc2e9ca05d611c86c440f9055541c62d"
+ },
+ "CVE-2017-5715": {
+ "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]",
+ "cmt_id": "26323fb4d717e11a69484c6df02eeef90dba7ef2"
}
},
"4.9.78": {
@@ -91779,6 +92097,12 @@
"cmt_id": "b3ce6ca929dc677f7e443eb3012dfc7a433b1161"
}
},
+ "4.9.235": {
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cmt_id": "43f90dc5c73e0e9d2a459d904b71f9682fd54f1b"
+ }
+ },
"4.9.236": {
"CVE-2020-0465": {
"cmt_msg": "HID: core: Sanitize event code and type when mapping input",
@@ -93319,6 +93643,9 @@
"CVE-2021-4037": {
"cmt_msg": "xfs: fix up non-directory creation in SGID directories"
},
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ },
"CVE-2022-45884": {
"cmt_msg": ""
},
@@ -93490,6 +93817,9 @@
"CVE-2017-13694": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
@@ -93499,8 +93829,8 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
},
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
@@ -93592,8 +93922,8 @@
"CVE-2022-3303": {
"cmt_msg": "ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC"
},
- "CVE-2017-5715": {
- "cmt_msg": "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]"
+ "CVE-2022-36402": {
+ "cmt_msg": ""
},
"CVE-2023-0386": {
"cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up"
@@ -93745,9 +94075,6 @@
"CVE-2022-26373": {
"cmt_msg": "x86/speculation: Add RSB VM Exit protections"
},
- "CVE-2022-36402": {
- "cmt_msg": ""
- },
"CVE-2022-29900": {
"cmt_msg": "x86/kvm/vmx: Make noinstr clean"
},
@@ -94226,6 +94553,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
@@ -96200,6 +96530,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -97085,6 +97418,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -97811,6 +98147,9 @@
"CVE-2022-47520": {
"cmt_msg": "wifi: wilc1000: validate pairwise and authentication suite offsets"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2022-3643": {
"cmt_msg": "xen/netback: Ensure protocol headers don't fall in the non-linear area"
},
@@ -99701,6 +100040,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2017-18079": {
"cmt_msg": "Input: i8042 - fix crash at boot time"
},
@@ -100529,6 +100871,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -101581,6 +101926,9 @@
"CVE-2019-19070": {
"cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2022-23038": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
@@ -102823,6 +103171,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
},
@@ -103498,6 +103849,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -103507,6 +103861,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -104420,6 +104777,9 @@
"CVE-2019-19070": {
"cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2022-23038": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
@@ -105629,6 +105989,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
},
@@ -106310,6 +106673,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
@@ -106319,6 +106685,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -107230,6 +107599,9 @@
"CVE-2019-19070": {
"cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2022-23038": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
@@ -108361,6 +108733,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
},
@@ -109024,6 +109399,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
@@ -109033,6 +109411,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -110644,6 +111025,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1838": {
"cmt_msg": "Fix double fget() in vhost_net_set_backend()"
},
@@ -111010,12 +111394,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -111587,6 +111980,9 @@
"CVE-2021-3744": {
"cmt_msg": "crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2022-28390": {
"cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path"
},
@@ -112451,6 +112847,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1838": {
"cmt_msg": "Fix double fget() in vhost_net_set_backend()"
},
@@ -112817,12 +113216,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -115404,6 +115812,30 @@
"cmt_id": "bd30aa9c7febb6e709670cd5154194189ca3b7b5"
}
},
+ "5.10.195": {
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "746a8df5e4d235059b1adf02e8456e7ec132d2d8"
+ },
+ "CVE-2023-4623": {
+ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
+ "cmt_id": "b08cc6c0396fd5cfaac4ca044f2282367347c062"
+ },
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cmt_id": "83091f8ac03f118086596f17c9a52d31d6ca94b3"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "1186eaffd87ed9be6f18cbc7145ffdcb1f6982e0"
+ }
+ },
+ "5.10.197": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "8db844077ec9912d75952c80d76da71fc2412852"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -115498,9 +115930,6 @@
"CVE-2022-2209": {
"cmt_msg": ""
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
"CVE-2022-3595": {
"cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
@@ -115579,9 +116008,6 @@
"CVE-2023-4622": {
"cmt_msg": "unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES"
},
- "CVE-2023-4623": {
- "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve"
- },
"CVE-2022-3533": {
"cmt_msg": ""
},
@@ -115663,6 +116089,9 @@
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-36402": {
"cmt_msg": ""
},
@@ -117268,6 +117697,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1838": {
"cmt_msg": "Fix double fget() in vhost_net_set_backend()"
},
@@ -117643,12 +118075,21 @@
"CVE-2021-38199": {
"cmt_msg": "NFSv4: Initialise connection to the server in nfs4_alloc_client()"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -118415,6 +118856,9 @@
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2022-3628": {
"cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
@@ -118923,7 +119367,7 @@
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-20588": {
"cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0"
@@ -119126,6 +119570,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1838": {
"cmt_msg": "Fix double fget() in vhost_net_set_backend()"
},
@@ -119429,12 +119876,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -120056,6 +120512,9 @@
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2022-3628": {
"cmt_msg": "wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()"
},
@@ -120522,7 +120981,7 @@
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-20588": {
"cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0"
@@ -120716,6 +121175,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1382": {
"cmt_msg": "tipc: set con sock in tipc_conn_alloc"
},
@@ -120989,12 +121451,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -121483,6 +121954,9 @@
"CVE-2021-3669": {
"cmt_msg": "ipc: replace costly bailout check in sysvipc_find_ipc()"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2022-28390": {
"cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path"
},
@@ -122311,6 +122785,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1838": {
"cmt_msg": "Fix double fget() in vhost_net_set_backend()"
},
@@ -122644,12 +123121,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -124779,6 +125265,34 @@
"cmt_id": "075448a2eb753f813fe873cfa52853e9fef8eedb"
}
},
+ "5.15.132": {
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "6ea277b2c6263931798234e2eed892ecfbb85596"
+ },
+ "CVE-2023-4623": {
+ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
+ "cmt_id": "4cf994d3f4ff42d604fae2b461bdd5195a7dfabd"
+ },
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write",
+ "cmt_id": "1ad7b189cc1411048434e8595ffcbe7873b71082"
+ },
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cmt_id": "a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "3e48f741e98a0bd2dc1ad517eec1931ea3accbd7"
+ }
+ },
+ "5.15.133": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "08569c92f7f339de21b7a68d43d6795fc0aa24f2"
+ }
+ },
"outstanding": {
"CVE-2020-26556": {
"cmt_msg": ""
@@ -124882,6 +125396,9 @@
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -124942,9 +125459,6 @@
"CVE-2023-4622": {
"cmt_msg": "unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES"
},
- "CVE-2023-4623": {
- "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve"
- },
"CVE-2022-3533": {
"cmt_msg": ""
},
@@ -124975,9 +125489,6 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
- },
"CVE-2023-2176": {
"cmt_msg": "RDMA/core: Refactor rdma_bind_addr"
},
@@ -125014,6 +125525,9 @@
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-36402": {
"cmt_msg": ""
},
@@ -125047,9 +125561,6 @@
"CVE-2023-4134": {
"cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()"
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
"CVE-2023-26242": {
"cmt_msg": ""
},
@@ -125150,7 +125661,7 @@
"cmt_msg": "ksmbd: fix racy issue from session setup and logoff"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-1193": {
"cmt_msg": ""
@@ -125666,6 +126177,9 @@
"CVE-2019-19070": {
"cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2022-23038": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
@@ -126980,6 +127494,9 @@
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
},
@@ -127691,6 +128208,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -127700,6 +128220,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -128750,6 +129273,10 @@
}
},
"5.4.62": {
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure",
+ "cmt_id": "6734eeb6c2f07336f76bcf2c57e7bf8259ae0d40"
+ },
"CVE-2021-3428": {
"cmt_msg": "ext4: handle error of ext4_setup_system_zone() on remount",
"cmt_id": "8e63c86f658005a9d8bc672642e587a787c53a72"
@@ -130889,6 +131416,28 @@
"cmt_id": "8046beb890ebc83c5820188c650073e1c6066e67"
}
},
+ "5.4.257": {
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier",
+ "cmt_id": "42900fd140c8db99141b9f083bfe8de887190ed9"
+ },
+ "CVE-2023-4623": {
+ "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve",
+ "cmt_id": "da13749d5ff70bb033a8f35da32cfd6e88246b2f"
+ },
+ "CVE-2023-4921": {
+ "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()",
+ "cmt_id": "a6d11571b91d34fd7ce8451c2dfd112194c79ae2"
+ },
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c",
+ "cmt_id": "109e830585e89a03d554bf8ad0e668630d0a6260"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU",
+ "cmt_id": "3d54e99499307c3e5613a2fe2a5c9b97eef95ff4"
+ }
+ },
"outstanding": {
"CVE-2021-0929": {
"cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation"
@@ -130998,9 +131547,6 @@
"CVE-2022-2209": {
"cmt_msg": ""
},
- "CVE-2023-4921": {
- "cmt_msg": "net: sched: sch_qfq: Fix UAF in qfq_dequeue()"
- },
"CVE-2022-3595": {
"cmt_msg": "cifs: fix double-fault crash during ntlmssp"
},
@@ -131088,9 +131634,6 @@
"CVE-2023-4622": {
"cmt_msg": "unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES"
},
- "CVE-2023-4623": {
- "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve"
- },
"CVE-2022-3533": {
"cmt_msg": ""
},
@@ -131767,6 +132310,9 @@
"CVE-2023-0597": {
"cmt_msg": "x86/mm: Randomize per-cpu entry area"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2023-4622": {
"cmt_msg": "unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES"
},
@@ -132170,7 +132716,7 @@
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-20588": {
"cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0"
@@ -132361,6 +132907,9 @@
"CVE-2022-3542": {
"cmt_msg": "bnx2x: fix potential memory leak in bnx2x_tpa_stop()"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2023-1382": {
"cmt_msg": "tipc: set con sock in tipc_conn_alloc"
},
@@ -132625,12 +133174,21 @@
"CVE-2021-0399": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -133309,12 +133867,18 @@
"CVE-2023-35823": {
"cmt_msg": "media: saa7134: fix use after free bug in saa7134_finidev due to race condition"
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-45919": {
"cmt_msg": "media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221"
},
"CVE-2023-32258": {
"cmt_msg": "ksmbd: fix racy issue from smb2 close and logoff with multichannel"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2023-2006": {
"cmt_msg": "rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975]"
},
@@ -133435,6 +133999,9 @@
"CVE-2017-13694": {
"cmt_msg": ""
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2023-3161": {
"cmt_msg": "fbcon: Check font dimension limits"
},
@@ -133447,8 +134014,8 @@
"CVE-2022-42895": {
"cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory"
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
},
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
@@ -133886,7 +134453,7 @@
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`"
},
"CVE-2023-1194": {
- "cmt_msg": ""
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()"
},
"CVE-2023-1193": {
"cmt_msg": ""
@@ -133933,6 +134500,9 @@
"CVE-2023-20941": {
"cmt_msg": ""
},
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ },
"CVE-2023-4569": {
"cmt_msg": "netfilter: nf_tables: deactivate catchall elements in next generation"
},
@@ -133945,6 +134515,9 @@
"CVE-2023-3611": {
"cmt_msg": "net/sched: sch_qfq: account for stab overhead in qfq_enqueue"
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2023-4133": {
"cmt_msg": "cxgb4: fix use after free bugs caused by circular dependency problem"
},
@@ -134617,6 +135190,9 @@
"CVE-2019-19070": {
"cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe"
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
"CVE-2022-23038": {
"cmt_msg": "xen/grant-table: add gnttab_try_end_foreign_access()"
},
@@ -135295,8 +135871,8 @@
"CVE-2023-23454": {
"cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop"
},
- "CVE-2020-12771": {
- "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
+ "CVE-2021-37159": {
+ "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
},
"CVE-2020-16166": {
"cmt_msg": "random32: update the net random state on interrupt and activity"
@@ -135688,6 +136264,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2022-2977": {
"cmt_msg": "tpm: fix reference counting for struct tpm_chip"
},
@@ -136012,8 +136591,8 @@
"CVE-2023-1989": {
"cmt_msg": "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
},
- "CVE-2021-37159": {
- "cmt_msg": "usb: hso: fix error handling code of hso_create_net_device"
+ "CVE-2020-12771": {
+ "cmt_msg": "bcache: fix potential deadlock problem in btree_gc_coalesce"
},
"CVE-2020-12770": {
"cmt_msg": "scsi: sg: add sg_remove_request in sg_write"
@@ -136303,6 +136882,9 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-2732": {
"cmt_msg": "KVM: nVMX: Don't emulate instructions in guest mode"
},
@@ -136312,6 +136894,9 @@
"CVE-2022-1729": {
"cmt_msg": "perf: Fix sys_perf_event_open() race against self"
},
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -137987,6 +138572,9 @@
"CVE-2022-3535": {
"cmt_msg": "net: mvpp2: fix mvpp2 debugfs leak"
},
+ "CVE-2020-36766": {
+ "cmt_msg": "cec-api: prevent leaking memory through hole in structure"
+ },
"CVE-2021-22600": {
"cmt_msg": "net/packet: rx_owner_map depends on pg_vec"
},
@@ -138524,12 +139112,21 @@
"CVE-2020-36691": {
"cmt_msg": "netlink: limit recursion depth in policy validation"
},
+ "CVE-2023-42755": {
+ "cmt_msg": "net/sched: Retire rsvp classifier"
+ },
"CVE-2020-36516": {
"cmt_msg": "ipv4: avoid using shared IP generator for connected sockets"
},
"CVE-2012-4542": {
"cmt_msg": ""
},
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
+ },
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
},
@@ -138671,8 +139268,8 @@
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
- "CVE-2021-45486": {
- "cmt_msg": "inet: use bigger hash table for IP ID generation"
+ "CVE-2022-1280": {
+ "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector"
},
"CVE-2020-12888": {
"cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory"
@@ -138815,8 +139412,8 @@
"CVE-2022-40768": {
"cmt_msg": "scsi: stex: Properly zero out the passthrough command structure"
},
- "CVE-2022-1280": {
- "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector"
+ "CVE-2021-45486": {
+ "cmt_msg": "inet: use bigger hash table for IP ID generation"
},
"CVE-2021-3923": {
"cmt_msg": "RDMA/core: Don't infoleak GRH fields"
@@ -139036,6 +139633,10 @@
"cmt_msg": "ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop",
"cmt_id": "e9cb7be2fcbaee9e808b729e92948d38d52e5add"
},
+ "CVE-2023-1194": {
+ "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()",
+ "cmt_id": "61dfe01204daf5469f21cc639f710f9e28e929c8"
+ },
"CVE-2023-38427": {
"cmt_msg": "ksmbd: fix out-of-bound read in deassemble_neg_contexts()",
"cmt_id": "205279b96b5c40c60c6de4f9342416e02ee279f1"
@@ -139170,15 +139771,15 @@
"CVE-2021-26934": {
"cmt_msg": ""
},
- "CVE-2023-37454": {
- "cmt_msg": ""
- },
"CVE-2023-40283": {
"cmt_msg": "Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb"
},
"CVE-2016-8660": {
"cmt_msg": ""
},
+ "CVE-2023-5158": {
+ "cmt_msg": ""
+ },
"CVE-2020-15802": {
"cmt_msg": ""
},
@@ -139275,8 +139876,11 @@
"CVE-2012-4542": {
"cmt_msg": ""
},
- "CVE-2023-4881": {
- "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ "CVE-2023-42753": {
+ "cmt_msg": "netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c"
+ },
+ "CVE-2023-42752": {
+ "cmt_msg": "igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU"
},
"CVE-2023-4128": {
"cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free"
@@ -139314,6 +139918,9 @@
"CVE-2022-3544": {
"cmt_msg": ""
},
+ "CVE-2023-5197": {
+ "cmt_msg": "netfilter: nf_tables: disallow rule removal from chain binding"
+ },
"CVE-2022-3238": {
"cmt_msg": ""
},
@@ -139356,7 +139963,7 @@
"CVE-2023-1206": {
"cmt_msg": "tcp: Reduce chance of collisions in inet6_hashfn()."
},
- "CVE-2023-26242": {
+ "CVE-2023-37454": {
"cmt_msg": ""
},
"CVE-2022-3642": {
@@ -139404,6 +140011,9 @@
"CVE-2021-39800": {
"cmt_msg": ""
},
+ "CVE-2023-4881": {
+ "cmt_msg": "netfilter: nftables: exthdr: fix 4-byte stack OOB write"
+ },
"CVE-2022-45885": {
"cmt_msg": ""
},
@@ -139434,7 +140044,7 @@
"CVE-2015-2877": {
"cmt_msg": ""
},
- "CVE-2023-1194": {
+ "CVE-2023-26242": {
"cmt_msg": ""
},
"CVE-2023-20588": {
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index d356d48..5005cd2 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -11637,6 +11637,10 @@
"4.14": {
"cmt_id": "9298e868dddd820829f814cd25a0f28c92036af7",
"fixed_version": "4.14.14"
+ },
+ "4.9": {
+ "cmt_id": "26323fb4d717e11a69484c6df02eeef90dba7ef2",
+ "fixed_version": "4.9.77"
}
},
"CVE-2017-5753": {
@@ -25779,6 +25783,28 @@
"fixed_version": "5.4.86"
}
},
+ "CVE-2020-36766": {
+ "4.14": {
+ "cmt_id": "e6a62b5c4f7a05afec7ea4cfb040fb8512376259",
+ "fixed_version": "4.14.196"
+ },
+ "4.19": {
+ "cmt_id": "da489549711e61bd43f3fd6fe19bb538eb575b39",
+ "fixed_version": "4.19.143"
+ },
+ "4.9": {
+ "cmt_id": "43f90dc5c73e0e9d2a459d904b71f9682fd54f1b",
+ "fixed_version": "4.9.235"
+ },
+ "5.4": {
+ "cmt_id": "6734eeb6c2f07336f76bcf2c57e7bf8259ae0d40",
+ "fixed_version": "5.4.62"
+ },
+ "5.8": {
+ "cmt_id": "72db989557d993793c01ba84eb98f3cbf2a7f4cf",
+ "fixed_version": "5.8.6"
+ }
+ },
"CVE-2020-3702": {
"4.14": {
"cmt_id": "2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda",
@@ -36921,6 +36947,16 @@
"fixed_version": "6.3.4"
}
},
+ "CVE-2023-1194": {
+ "6.1": {
+ "cmt_id": "8f2984233c87a1d08f4c45f077130590c7a2c991",
+ "fixed_version": "6.1.34"
+ },
+ "6.3": {
+ "cmt_id": "61dfe01204daf5469f21cc639f710f9e28e929c8",
+ "fixed_version": "6.3.8"
+ }
+ },
"CVE-2023-1206": {
"4.14": {
"cmt_id": "ebfedbfb36eecab2d4bfa6faeaad763cbfe3a0e8",
@@ -40136,6 +40172,14 @@
}
},
"CVE-2023-4207": {
+ "4.14": {
+ "cmt_id": "530a85ea747965b7c275fa44a364916e0ec2efaa",
+ "fixed_version": "4.14.326"
+ },
+ "4.19": {
+ "cmt_id": "4f38dc8496d1991e2c055a0068dd98fb48affcc6",
+ "fixed_version": "4.19.295"
+ },
"5.10": {
"cmt_id": "a8d478200b104ff356f51e1f63499fe46ba8c9b8",
"fixed_version": "5.10.190"
@@ -40211,6 +40255,84 @@
"fixed_version": "6.4.10"
}
},
+ "CVE-2023-42752": {
+ "4.14": {
+ "cmt_id": "afd2657ba7af6d05afd6cc6b9315c091fafed14b",
+ "fixed_version": "4.14.326"
+ },
+ "4.19": {
+ "cmt_id": "76ce657a5db97ff4e26b284fedc33e8591a4be17",
+ "fixed_version": "4.19.295"
+ },
+ "5.10": {
+ "cmt_id": "1186eaffd87ed9be6f18cbc7145ffdcb1f6982e0",
+ "fixed_version": "5.10.195"
+ },
+ "5.15": {
+ "cmt_id": "3e48f741e98a0bd2dc1ad517eec1931ea3accbd7",
+ "fixed_version": "5.15.132"
+ },
+ "5.4": {
+ "cmt_id": "3d54e99499307c3e5613a2fe2a5c9b97eef95ff4",
+ "fixed_version": "5.4.257"
+ },
+ "6.1": {
+ "cmt_id": "6678912b4df1bfac6f7c80642d56dc22e23419e4",
+ "fixed_version": "6.1.53"
+ },
+ "6.4": {
+ "cmt_id": "87f07ec534e39e29bc715753df2e77509e8fafc3",
+ "fixed_version": "6.4.16"
+ }
+ },
+ "CVE-2023-42753": {
+ "5.10": {
+ "cmt_id": "83091f8ac03f118086596f17c9a52d31d6ca94b3",
+ "fixed_version": "5.10.195"
+ },
+ "5.15": {
+ "cmt_id": "a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14",
+ "fixed_version": "5.15.132"
+ },
+ "5.4": {
+ "cmt_id": "109e830585e89a03d554bf8ad0e668630d0a6260",
+ "fixed_version": "5.4.257"
+ },
+ "6.1": {
+ "cmt_id": "7ca0706c68adadf86a36b60dca090f5e9481e808",
+ "fixed_version": "6.1.53"
+ },
+ "6.4": {
+ "cmt_id": "d59b6fc405549f7caf31f6aa5da1d6bef746b166",
+ "fixed_version": "6.4.16"
+ }
+ },
+ "CVE-2023-42755": {
+ "4.14": {
+ "cmt_id": "a048f77ba9cf7f77a06b2ee60446c6cc061c2daf",
+ "fixed_version": "4.14.326"
+ },
+ "4.19": {
+ "cmt_id": "6ca0ea6a46e7a2d70fb1b1f6a886efe2b2365e16",
+ "fixed_version": "4.19.295"
+ },
+ "5.10": {
+ "cmt_id": "8db844077ec9912d75952c80d76da71fc2412852",
+ "fixed_version": "5.10.197"
+ },
+ "5.15": {
+ "cmt_id": "08569c92f7f339de21b7a68d43d6795fc0aa24f2",
+ "fixed_version": "5.15.133"
+ },
+ "5.4": {
+ "cmt_id": "42900fd140c8db99141b9f083bfe8de887190ed9",
+ "fixed_version": "5.4.257"
+ },
+ "6.1": {
+ "cmt_id": "b93aeb6352b0229e3c5ca5ca4ff015b015aff33c",
+ "fixed_version": "6.1.55"
+ }
+ },
"CVE-2023-4385": {
"4.14": {
"cmt_id": "070ddf59cf17faf6aae7d89f78e0510c94d07940",
@@ -40360,6 +40482,22 @@
}
},
"CVE-2023-4623": {
+ "4.19": {
+ "cmt_id": "7c62e0c3c6e9c9c15ead63339db6a0e158d22a66",
+ "fixed_version": "4.19.295"
+ },
+ "5.10": {
+ "cmt_id": "b08cc6c0396fd5cfaac4ca044f2282367347c062",
+ "fixed_version": "5.10.195"
+ },
+ "5.15": {
+ "cmt_id": "4cf994d3f4ff42d604fae2b461bdd5195a7dfabd",
+ "fixed_version": "5.15.132"
+ },
+ "5.4": {
+ "cmt_id": "da13749d5ff70bb033a8f35da32cfd6e88246b2f",
+ "fixed_version": "5.4.257"
+ },
"6.1": {
"cmt_id": "a1e820fc7808e42b990d224f40e9b4895503ac40",
"fixed_version": "6.1.53"
@@ -40368,5 +40506,41 @@
"cmt_id": "5293f466d41d6c2eaad8b833576ea3dbee630dc2",
"fixed_version": "6.4.16"
}
+ },
+ "CVE-2023-4881": {
+ "5.15": {
+ "cmt_id": "1ad7b189cc1411048434e8595ffcbe7873b71082",
+ "fixed_version": "5.15.132"
+ },
+ "6.1": {
+ "cmt_id": "d9ebfc0f21377690837ebbd119e679243e0099cc",
+ "fixed_version": "6.1.54"
+ }
+ },
+ "CVE-2023-4921": {
+ "4.14": {
+ "cmt_id": "d9f43fc5a78d1505733d3621cd4c044eaf71a02f",
+ "fixed_version": "4.14.326"
+ },
+ "4.19": {
+ "cmt_id": "7ea1faa59c75336d86893378838ed1e6f20c0520",
+ "fixed_version": "4.19.295"
+ },
+ "5.10": {
+ "cmt_id": "746a8df5e4d235059b1adf02e8456e7ec132d2d8",
+ "fixed_version": "5.10.195"
+ },
+ "5.15": {
+ "cmt_id": "6ea277b2c6263931798234e2eed892ecfbb85596",
+ "fixed_version": "5.15.132"
+ },
+ "5.4": {
+ "cmt_id": "a6d11571b91d34fd7ce8451c2dfd112194c79ae2",
+ "fixed_version": "5.4.257"
+ },
+ "6.1": {
+ "cmt_id": "a18349dc8d916a64d7c93f05da98953e3386d8e9",
+ "fixed_version": "6.1.54"
+ }
}
}
\ No newline at end of file
