data/6.4/6.4_security.txt - mirrors/github.com/nluedtke/linux_kernel_cves - Git at Google


 CVEs fixed in 6.4:
   CVE-2023-3610: 4bedf9eee016286c835e3d8fa981ddece5338795 netfilter: nf_tables: fix chain binding transaction logic
   CVE-2023-38432: 2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d ksmbd: validate command payload size

 CVEs fixed in 6.4.1:
   CVE-2023-3269: b11fa3d22ac0fbc0bfaa740b3b3669d43ec48503 mm: introduce new 'lock_mm_and_find_vma()' page fault helper

 CVEs fixed in 6.4.4:
   CVE-2023-2898: 5619e9aabbd2b369cde2114ad6f55f6eb3e0b5be f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
   CVE-2023-31248: 5e5e967e8505fbdabfb6497367ec1b808cadc356 netfilter: nf_tables: do not ignore genmask when looking up chain by id
   CVE-2023-33250: dbe65261fe1367dc307a89466a1a75c0d80b8233 iommufd: Call iopt_area_contig_done() under the lock
   CVE-2023-35001: b79c09c2bf2d7643902a6ef26152de602c5c5e4b netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
   CVE-2023-3863: e5207c1d69b1a9707615ab6ff9376e59fc096815 net: nfc: Fix use-after-free caused by nfc_llcp_find_local
   CVE-2023-4132: ae65238d3f5a2df48341a7112820e04fb1017422 media: usb: siano: Fix warning due to null work_func_t function pointer
   CVE-2023-4134: 28dc11949357f10712bd641b724ab373a92318de Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()

 CVEs fixed in 6.4.5:
   CVE-2023-3611: bd2333fa86dc520823e8c317980b29ba91ee6b87 net/sched: sch_qfq: account for stab overhead in qfq_enqueue
   CVE-2023-3776: 0a2e3f49febda459252f58cec2d659623d582800 net/sched: cls_fw: Fix improper refcount update leads to use-after-free

 CVEs fixed in 6.4.6:
   CVE-2023-20593: 9b8bb5c4e25678af895dc9dd4a1e82b2f948cacc x86/cpu/amd: Add a Zenbleed fix

 CVEs fixed in 6.4.7:
   CVE-2023-4004: 48dbb5d24c667bf26bc2fea8caa7fe51fcc6aa62 netfilter: nft_set_pipapo: fix improper element removal

 CVEs fixed in 6.4.8:
   CVE-2023-1206: 1e50c11ed44e28a57c6215a5e7643ae85c6297fa tcp: Reduce chance of collisions in inet6_hashfn().
   CVE-2023-4147: 14448359681062bf51d9c67e0264869548b79853 netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID

 CVEs fixed in 6.4.9:
   CVE-2022-40982: ff0642207e24f9a7011e8982ab7da1e16db75a38 x86/speculation: Add Gather Data Sampling mitigation
   CVE-2023-20569: d351cc7c14a6e2af73bfea4aa5ee093321f4c307 x86/bugs: Increase the x86 bugs vector size to two u32s
   CVE-2023-34319: cf482893f721f76ac60c0a43482a59b2f194156b xen/netback: Fix buffer overrun triggered by unusual packet

 CVEs fixed in 6.4.10:
   CVE-2023-20588: c9c0b889e2d33d49b06bb716b95a192ed3449173 x86/CPU/AMD: Do not leak quotient data after a division by 0
   CVE-2023-40283: 10426afe65c8bf7b24dd0c7be4dcc65f86fc99f9 Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   CVE-2023-4128: 4b717802428fa02cbcbb61209f638f65f9cd4710 net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
   CVE-2023-4194: 36161e7d40e7293d7f213e16d881042d15c8a53a net: tun_chr_open(): set sk_uid from current_fsuid()
   CVE-2023-4273: e1a73ba43cf883cb37f6331aca5a4c5be6350982 exfat: check if filename entries exceeds max filename length

 CVEs fixed in 6.4.11:
   CVE-2023-4155: ab8e9a874574ce511eca21caa5d7ef5426963a54 KVM: SEV: only access GHCB fields once

 CVEs fixed in 6.4.12:
   CVE-2023-3772: 53df4be4f5221e90dc7aa9ce745a9a21bb7024f4 xfrm: add NULL check in xfrm_update_ae_params
   CVE-2023-3773: a9020514f175ef15bb68eea9345782abfd9afea3 xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH

 Outstanding CVEs:
   CVE-2005-3660: (unk)
   CVE-2007-3719: (unk)
   CVE-2008-2544: (unk)
   CVE-2008-4609: (unk)
   CVE-2010-4563: (unk)
   CVE-2010-5321: (unk)
   CVE-2011-4916: (unk)
   CVE-2011-4917: (unk)
   CVE-2012-4542: (unk)
   CVE-2013-7445: (unk)
   CVE-2015-2877: (unk)
   CVE-2016-8660: (unk)
   CVE-2017-13693: (unk)
   CVE-2017-13694: (unk)
   CVE-2018-1121: (unk)
   CVE-2018-12928: (unk)
   CVE-2018-12929: (unk)
   CVE-2018-12930: (unk)
   CVE-2018-12931: (unk)
   CVE-2018-17977: (unk)
   CVE-2019-12456: (unk)
   CVE-2019-15239: (unk) unknown
   CVE-2019-15290: (unk)
   CVE-2019-15902: (unk) unknown
   CVE-2019-16089: (unk)
   CVE-2019-19378: (unk)
   CVE-2019-19814: (unk)
   CVE-2019-20794: (unk)
   CVE-2020-0347: (unk)
   CVE-2020-10708: (unk)
   CVE-2020-11725: (unk)
   CVE-2020-14304: (unk)
   CVE-2020-15802: (unk)
   CVE-2020-24502: (unk)
   CVE-2020-24503: (unk)
   CVE-2020-25220: (unk)
   CVE-2020-26140: (unk)
   CVE-2020-26142: (unk)
   CVE-2020-26143: (unk)
   CVE-2020-26556: (unk)
   CVE-2020-26557: (unk)
   CVE-2020-26559: (unk)
   CVE-2020-26560: (unk)
   CVE-2020-27418: (unk)
   CVE-2020-35501: (unk)
   CVE-2021-0399: (unk)
   CVE-2021-26934: (unk)
   CVE-2021-3542: (unk)
   CVE-2021-3714: (unk)
   CVE-2021-3847: (unk)
   CVE-2021-3864: (unk)
   CVE-2021-3892: (unk)
   CVE-2021-39800: (unk)
   CVE-2021-39801: (unk)
   CVE-2022-0400: (unk)
   CVE-2022-1116: (unk)
   CVE-2022-1247: (unk)
   CVE-2022-2209: (unk)
   CVE-2022-23825: (unk)
   CVE-2022-25265: (unk)
   CVE-2022-26878: (unk)
   CVE-2022-2961: (unk)
   CVE-2022-3238: (unk)
   CVE-2022-3533: (unk)
   CVE-2022-3544: (unk)
   CVE-2022-3606: (unk)
   CVE-2022-36402: (unk)
   CVE-2022-3642: (unk)
   CVE-2022-38096: (unk)
   CVE-2022-41848: (unk)
   CVE-2022-44032: (unk)
   CVE-2022-44033: (unk)
   CVE-2022-44034: (unk)
   CVE-2022-4543: (unk)
   CVE-2022-45884: (unk)
   CVE-2022-45885: (unk)
   CVE-2022-45886: (unk)
   CVE-2022-45887: (unk)
   CVE-2022-45919: (unk)
   CVE-2023-1193: (unk)
   CVE-2023-1194: (unk)
   CVE-2023-20941: (unk)
   CVE-2023-21400: (unk)
   CVE-2023-23039: (unk)
   CVE-2023-26242: (unk)
   CVE-2023-2640: (unk)
   CVE-2023-31081: (unk)
   CVE-2023-31082: (unk)
   CVE-2023-31083: (unk)
   CVE-2023-31085: (unk)
   CVE-2023-32629: (unk)
   CVE-2023-3397: (unk)
   CVE-2023-35827: (unk)
   CVE-2023-3640: (unk)
   CVE-2023-37453: (unk)
   CVE-2023-37454: (unk)
   CVE-2023-4010: (unk)

	CVEs fixed in 6.4:
	CVE-2023-3610: 4bedf9eee016286c835e3d8fa981ddece5338795 netfilter: nf_tables: fix chain binding transaction logic
	CVE-2023-38432: 2b9b8f3b68edb3d67d79962f02e26dbb5ae3808d ksmbd: validate command payload size

	CVEs fixed in 6.4.1:
	CVE-2023-3269: b11fa3d22ac0fbc0bfaa740b3b3669d43ec48503 mm: introduce new 'lock_mm_and_find_vma()' page fault helper

	CVEs fixed in 6.4.4:
	CVE-2023-2898: 5619e9aabbd2b369cde2114ad6f55f6eb3e0b5be f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
	CVE-2023-31248: 5e5e967e8505fbdabfb6497367ec1b808cadc356 netfilter: nf_tables: do not ignore genmask when looking up chain by id
	CVE-2023-33250: dbe65261fe1367dc307a89466a1a75c0d80b8233 iommufd: Call iopt_area_contig_done() under the lock
	CVE-2023-35001: b79c09c2bf2d7643902a6ef26152de602c5c5e4b netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
	CVE-2023-3863: e5207c1d69b1a9707615ab6ff9376e59fc096815 net: nfc: Fix use-after-free caused by nfc_llcp_find_local
	CVE-2023-4132: ae65238d3f5a2df48341a7112820e04fb1017422 media: usb: siano: Fix warning due to null work_func_t function pointer
	CVE-2023-4134: 28dc11949357f10712bd641b724ab373a92318de Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()

	CVEs fixed in 6.4.5:
	CVE-2023-3611: bd2333fa86dc520823e8c317980b29ba91ee6b87 net/sched: sch_qfq: account for stab overhead in qfq_enqueue
	CVE-2023-3776: 0a2e3f49febda459252f58cec2d659623d582800 net/sched: cls_fw: Fix improper refcount update leads to use-after-free

	CVEs fixed in 6.4.6:
	CVE-2023-20593: 9b8bb5c4e25678af895dc9dd4a1e82b2f948cacc x86/cpu/amd: Add a Zenbleed fix

	CVEs fixed in 6.4.7:
	CVE-2023-4004: 48dbb5d24c667bf26bc2fea8caa7fe51fcc6aa62 netfilter: nft_set_pipapo: fix improper element removal

	CVEs fixed in 6.4.8:
	CVE-2023-1206: 1e50c11ed44e28a57c6215a5e7643ae85c6297fa tcp: Reduce chance of collisions in inet6_hashfn().
	CVE-2023-4147: 14448359681062bf51d9c67e0264869548b79853 netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID

	CVEs fixed in 6.4.9:
	CVE-2022-40982: ff0642207e24f9a7011e8982ab7da1e16db75a38 x86/speculation: Add Gather Data Sampling mitigation
	CVE-2023-20569: d351cc7c14a6e2af73bfea4aa5ee093321f4c307 x86/bugs: Increase the x86 bugs vector size to two u32s
	CVE-2023-34319: cf482893f721f76ac60c0a43482a59b2f194156b xen/netback: Fix buffer overrun triggered by unusual packet

	CVEs fixed in 6.4.10:
	CVE-2023-20588: c9c0b889e2d33d49b06bb716b95a192ed3449173 x86/CPU/AMD: Do not leak quotient data after a division by 0
	CVE-2023-40283: 10426afe65c8bf7b24dd0c7be4dcc65f86fc99f9 Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
	CVE-2023-4128: 4b717802428fa02cbcbb61209f638f65f9cd4710 net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
	CVE-2023-4194: 36161e7d40e7293d7f213e16d881042d15c8a53a net: tun_chr_open(): set sk_uid from current_fsuid()
	CVE-2023-4273: e1a73ba43cf883cb37f6331aca5a4c5be6350982 exfat: check if filename entries exceeds max filename length

	CVEs fixed in 6.4.11:
	CVE-2023-4155: ab8e9a874574ce511eca21caa5d7ef5426963a54 KVM: SEV: only access GHCB fields once

	CVEs fixed in 6.4.12:
	CVE-2023-3772: 53df4be4f5221e90dc7aa9ce745a9a21bb7024f4 xfrm: add NULL check in xfrm_update_ae_params
	CVE-2023-3773: a9020514f175ef15bb68eea9345782abfd9afea3 xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH

	Outstanding CVEs:
	CVE-2005-3660: (unk)
	CVE-2007-3719: (unk)
	CVE-2008-2544: (unk)
	CVE-2008-4609: (unk)
	CVE-2010-4563: (unk)
	CVE-2010-5321: (unk)
	CVE-2011-4916: (unk)
	CVE-2011-4917: (unk)
	CVE-2012-4542: (unk)
	CVE-2013-7445: (unk)
	CVE-2015-2877: (unk)
	CVE-2016-8660: (unk)
	CVE-2017-13693: (unk)
	CVE-2017-13694: (unk)
	CVE-2018-1121: (unk)
	CVE-2018-12928: (unk)
	CVE-2018-12929: (unk)
	CVE-2018-12930: (unk)
	CVE-2018-12931: (unk)
	CVE-2018-17977: (unk)
	CVE-2019-12456: (unk)
	CVE-2019-15239: (unk) unknown
	CVE-2019-15290: (unk)
	CVE-2019-15902: (unk) unknown
	CVE-2019-16089: (unk)
	CVE-2019-19378: (unk)
	CVE-2019-19814: (unk)
	CVE-2019-20794: (unk)
	CVE-2020-0347: (unk)
	CVE-2020-10708: (unk)
	CVE-2020-11725: (unk)
	CVE-2020-14304: (unk)
	CVE-2020-15802: (unk)
	CVE-2020-24502: (unk)
	CVE-2020-24503: (unk)
	CVE-2020-25220: (unk)
	CVE-2020-26140: (unk)
	CVE-2020-26142: (unk)
	CVE-2020-26143: (unk)
	CVE-2020-26556: (unk)
	CVE-2020-26557: (unk)
	CVE-2020-26559: (unk)
	CVE-2020-26560: (unk)
	CVE-2020-27418: (unk)
	CVE-2020-35501: (unk)
	CVE-2021-0399: (unk)
	CVE-2021-26934: (unk)
	CVE-2021-3542: (unk)
	CVE-2021-3714: (unk)
	CVE-2021-3847: (unk)
	CVE-2021-3864: (unk)
	CVE-2021-3892: (unk)
	CVE-2021-39800: (unk)
	CVE-2021-39801: (unk)
	CVE-2022-0400: (unk)
	CVE-2022-1116: (unk)
	CVE-2022-1247: (unk)
	CVE-2022-2209: (unk)
	CVE-2022-23825: (unk)
	CVE-2022-25265: (unk)
	CVE-2022-26878: (unk)
	CVE-2022-2961: (unk)
	CVE-2022-3238: (unk)
	CVE-2022-3533: (unk)
	CVE-2022-3544: (unk)
	CVE-2022-3606: (unk)
	CVE-2022-36402: (unk)
	CVE-2022-3642: (unk)
	CVE-2022-38096: (unk)
	CVE-2022-41848: (unk)
	CVE-2022-44032: (unk)
	CVE-2022-44033: (unk)
	CVE-2022-44034: (unk)
	CVE-2022-4543: (unk)
	CVE-2022-45884: (unk)
	CVE-2022-45885: (unk)
	CVE-2022-45886: (unk)
	CVE-2022-45887: (unk)
	CVE-2022-45919: (unk)
	CVE-2023-1193: (unk)
	CVE-2023-1194: (unk)
	CVE-2023-20941: (unk)
	CVE-2023-21400: (unk)
	CVE-2023-23039: (unk)
	CVE-2023-26242: (unk)
	CVE-2023-2640: (unk)
	CVE-2023-31081: (unk)
	CVE-2023-31082: (unk)
	CVE-2023-31083: (unk)
	CVE-2023-31085: (unk)
	CVE-2023-32629: (unk)
	CVE-2023-3397: (unk)
	CVE-2023-35827: (unk)
	CVE-2023-3640: (unk)
	CVE-2023-37453: (unk)
	CVE-2023-37454: (unk)
	CVE-2023-4010: (unk)