Update 19May23
[ci skip]
diff --git a/CHANGES.md b/CHANGES.md
index ed787f2..69c8dcb 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,39 +1,35 @@
# **Linux Kernel CVE Changes**
-## Last Update - 12May23 10:09
+## Last Update - 19May23 13:14
### **New CVEs Added:**
-[CVE-2023-2156](cves/CVE-2023-2156)
-[CVE-2023-2598](cves/CVE-2023-2598)
-[CVE-2023-28410](cves/CVE-2023-28410)
-[CVE-2023-32233](cves/CVE-2023-32233)
-[CVE-2023-32269](cves/CVE-2023-32269)
+[CVE-2023-33203](cves/CVE-2023-33203)
### **New Versions Checked:**
-[5.15.111](streams/5.15)
-[6.1.28](streams/6.1)
-[6.2.15](streams/6.2)
+[4.14.315](streams/4.14)
+[4.19.283](streams/4.19)
+[5.10.180](streams/5.10)
+[5.15.112](streams/5.15)
+[5.4.243](streams/5.4)
+[6.1.29](streams/6.1)
+[6.2.16](streams/6.2)
### **Updated CVEs:**
-[CVE-2022-48425](cves/CVE-2022-48425)
+[CVE-2022-39189](cves/CVE-2022-39189)
[CVE-2023-1380](cves/CVE-2023-1380)
[CVE-2023-2002](cves/CVE-2023-2002)
+[CVE-2023-2269](cves/CVE-2023-2269)
+[CVE-2023-32233](cves/CVE-2023-32233)
+[CVE-2023-1195](cves/CVE-2023-1195)
+[CVE-2023-1859](cves/CVE-2023-1859)
[CVE-2023-21102](cves/CVE-2023-21102)
[CVE-2023-21106](cves/CVE-2023-21106)
[CVE-2023-2124](cves/CVE-2023-2124)
-[CVE-2023-2269](cves/CVE-2023-2269)
-[CVE-2023-2430](cves/CVE-2023-2430)
-[CVE-2023-2483](cves/CVE-2023-2483)
+[CVE-2023-2156](cves/CVE-2023-2156)
[CVE-2023-2513](cves/CVE-2023-2513)
-[CVE-2023-0045](cves/CVE-2023-0045)
-[CVE-2023-0458](cves/CVE-2023-0458)
-[CVE-2023-2235](cves/CVE-2023-2235)
-[CVE-2023-2236](cves/CVE-2023-2236)
-[CVE-2023-2248](cves/CVE-2023-2248)
-[CVE-2023-31436](cves/CVE-2023-31436)
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
index 9ff5006..2c6d073 100644
--- a/data/3.12/3.12_CVEs.txt
+++ b/data/3.12/3.12_CVEs.txt
@@ -1279,3 +1279,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
index 99fc6bf..45e5bef 100644
--- a/data/3.12/3.12_security.txt
+++ b/data/3.12/3.12_security.txt
@@ -1417,3 +1417,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
index afa4a29..7712a3a 100644
--- a/data/3.14/3.14_CVEs.txt
+++ b/data/3.14/3.14_CVEs.txt
@@ -1248,3 +1248,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
index 799d0cb..0186cc1 100644
--- a/data/3.14/3.14_security.txt
+++ b/data/3.14/3.14_security.txt
@@ -1382,3 +1382,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
index 18c6b28..9df47d6 100644
--- a/data/3.16/3.16_CVEs.txt
+++ b/data/3.16/3.16_CVEs.txt
@@ -1236,3 +1236,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt
index 4e94b3e..6d806f6 100644
--- a/data/3.16/3.16_security.txt
+++ b/data/3.16/3.16_security.txt
@@ -1342,3 +1342,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt
index 8eced37..a06920b 100644
--- a/data/3.18/3.18_CVEs.txt
+++ b/data/3.18/3.18_CVEs.txt
@@ -1222,3 +1222,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt
index 12214aa..7d61ec9 100644
--- a/data/3.18/3.18_security.txt
+++ b/data/3.18/3.18_security.txt
@@ -1456,3 +1456,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt
index ece47eb..d97107d 100644
--- a/data/3.2/3.2_CVEs.txt
+++ b/data/3.2/3.2_CVEs.txt
@@ -1246,3 +1246,4 @@
CVE-2023-31085: Fix unknown
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt
index d96a499..e84c1fb 100644
--- a/data/3.2/3.2_security.txt
+++ b/data/3.2/3.2_security.txt
@@ -1402,3 +1402,4 @@
CVE-2023-31085: (unk)
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt
index 675886f..8030205 100644
--- a/data/4.1/4.1_CVEs.txt
+++ b/data/4.1/4.1_CVEs.txt
@@ -1189,3 +1189,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt
index ced069a..1c5184d 100644
--- a/data/4.1/4.1_security.txt
+++ b/data/4.1/4.1_security.txt
@@ -1287,3 +1287,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt
index 1fa7cbc..4583fcd 100644
--- a/data/4.10/4.10_CVEs.txt
+++ b/data/4.10/4.10_CVEs.txt
@@ -1100,3 +1100,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt
index e98cf97..b0f59c2 100644
--- a/data/4.10/4.10_security.txt
+++ b/data/4.10/4.10_security.txt
@@ -1134,3 +1134,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt
index a317f7b..23a3468 100644
--- a/data/4.11/4.11_CVEs.txt
+++ b/data/4.11/4.11_CVEs.txt
@@ -1072,3 +1072,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt
index e1a6ef3..c872920 100644
--- a/data/4.11/4.11_security.txt
+++ b/data/4.11/4.11_security.txt
@@ -1094,3 +1094,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt
index ccefe1c..fcfcbdd 100644
--- a/data/4.12/4.12_CVEs.txt
+++ b/data/4.12/4.12_CVEs.txt
@@ -1059,3 +1059,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt
index 18155f1..cfbc2c6 100644
--- a/data/4.12/4.12_security.txt
+++ b/data/4.12/4.12_security.txt
@@ -1085,3 +1085,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt
index d9e401b..ba2d49f 100644
--- a/data/4.13/4.13_CVEs.txt
+++ b/data/4.13/4.13_CVEs.txt
@@ -1044,3 +1044,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt
index f18a943..43cdc76 100644
--- a/data/4.13/4.13_security.txt
+++ b/data/4.13/4.13_security.txt
@@ -1072,3 +1072,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt
index ac4a8b6..13b809a 100644
--- a/data/4.14/4.14_CVEs.txt
+++ b/data/4.14/4.14_CVEs.txt
@@ -967,7 +967,7 @@
CVE-2023-1118: Fixed with 4.14.308
CVE-2023-1249: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
-CVE-2023-1380: Fix not seen in stream
+CVE-2023-1380: Fixed with 4.14.315
CVE-2023-1382: Fix not seen in stream
CVE-2023-1390: Fixed with 4.14.217
CVE-2023-1513: Fixed with 4.14.306
@@ -980,7 +980,7 @@
CVE-2023-1859: Fixed with 4.14.313
CVE-2023-1989: Fixed with 4.14.312
CVE-2023-1990: Fixed with 4.14.311
-CVE-2023-2002: Fix not seen in stream
+CVE-2023-2002: Fixed with 4.14.315
CVE-2023-2007: Fix not seen in stream
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
@@ -989,7 +989,7 @@
CVE-2023-2176: Fix not seen in stream
CVE-2023-2194: Fixed with 4.14.312
CVE-2023-2248: Fixed with 4.14.314
-CVE-2023-2269: Fix not seen in stream
+CVE-2023-2269: Fixed with 4.14.315
CVE-2023-22995: Fix not seen in stream
CVE-2023-23000: Fix not seen in stream
CVE-2023-23039: Fix unknown
@@ -1013,5 +1013,6 @@
CVE-2023-31084: Fix unknown
CVE-2023-31085: Fix unknown
CVE-2023-31436: Fixed with 4.14.314
-CVE-2023-32233: Fix not seen in stream
+CVE-2023-32233: Fixed with 4.14.315
CVE-2023-32269: Fixed with 4.14.306
+CVE-2023-33203: Fixed with 4.14.312
diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt
index 7f210db..a3674ff 100644
--- a/data/4.14/4.14_security.txt
+++ b/data/4.14/4.14_security.txt
@@ -1312,6 +1312,7 @@
CVE-2023-23454: c4b1e702dc841a79664c5b8000fd99ffe9b3e9c2 net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-2483: aee129c0096e479eae92e2127f96f9d08f16ad8f net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-30772: bbf45f079f41efcf1e51bb65a0a45d2b31061bd5 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: aee129c0096e479eae92e2127f96f9d08f16ad8f net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 4.14.313:
CVE-2023-1859: b5664e929e2e19f644ea133ae8d87fbd5654ec5a 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
@@ -1321,6 +1322,12 @@
CVE-2023-2513: ae2c644049184f04f672e23d3fa8122631ef762e ext4: fix use-after-free in ext4_xattr_set_entry
CVE-2023-31436: 0616570ce23bbcc1ac842e97fb8e167235f1582d net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
+CVEs fixed in 4.14.315:
+ CVE-2023-1380: ac5305e5d227b9af3aae25fa83380d3ff0225b73 wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
+ CVE-2023-2002: 73ddc585228db650bd4ff10d5b59c831924fd9ba bluetooth: Perform careful capability checks in hci_sock_ioctl()
+ CVE-2023-2269: c9dfa8ba3b181e67970f06d80de18aa257d1ecda dm ioctl: fix nested locking in table_clear() to remove deadlock concern
+ CVE-2023-32233: 86572872505023e3bb461b271c2f25fdaa3dfcd7 netfilter: nf_tables: deactivate anonymous set from preparation phase
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1510,18 +1517,15 @@
CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry
CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
- CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc
CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry
CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls
CVE-2023-1838: (unk) Fix double fget() in vhost_net_set_backend()
- CVE-2023-2002: (unk) bluetooth: Perform careful capability checks in hci_sock_ioctl()
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2156: (unk)
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
- CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
CVE-2023-23039: (unk)
@@ -1534,4 +1538,3 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk)
CVE-2023-31085: (unk)
- CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt
index 366d7b7..f8b7e5d 100644
--- a/data/4.15/4.15_CVEs.txt
+++ b/data/4.15/4.15_CVEs.txt
@@ -967,3 +967,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt
index f82dedf..3f1bfe4 100644
--- a/data/4.15/4.15_security.txt
+++ b/data/4.15/4.15_security.txt
@@ -999,3 +999,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt
index 2728ebe..761f5aa 100644
--- a/data/4.16/4.16_CVEs.txt
+++ b/data/4.16/4.16_CVEs.txt
@@ -947,3 +947,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt
index 907c52c..2cabb63 100644
--- a/data/4.16/4.16_security.txt
+++ b/data/4.16/4.16_security.txt
@@ -979,3 +979,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt
index 666f192..fb4b6ba 100644
--- a/data/4.17/4.17_CVEs.txt
+++ b/data/4.17/4.17_CVEs.txt
@@ -929,3 +929,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt
index 4b67ddf..d69502b 100644
--- a/data/4.17/4.17_security.txt
+++ b/data/4.17/4.17_security.txt
@@ -961,3 +961,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt
index 993b71a..0dd4ba4 100644
--- a/data/4.18/4.18_CVEs.txt
+++ b/data/4.18/4.18_CVEs.txt
@@ -907,3 +907,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt
index 6dea63b..1a98932 100644
--- a/data/4.18/4.18_security.txt
+++ b/data/4.18/4.18_security.txt
@@ -939,3 +939,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt
index e992d29..c5d9877 100644
--- a/data/4.19/4.19_CVEs.txt
+++ b/data/4.19/4.19_CVEs.txt
@@ -836,7 +836,7 @@
CVE-2023-1118: Fixed with 4.19.276
CVE-2023-1249: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
-CVE-2023-1380: Fix not seen in stream
+CVE-2023-1380: Fixed with 4.19.283
CVE-2023-1382: Fixed with 4.19.268
CVE-2023-1390: Fixed with 4.19.170
CVE-2023-1513: Fixed with 4.19.273
@@ -850,7 +850,7 @@
CVE-2023-1859: Fixed with 4.19.281
CVE-2023-1989: Fixed with 4.19.280
CVE-2023-1990: Fixed with 4.19.279
-CVE-2023-2002: Fix not seen in stream
+CVE-2023-2002: Fixed with 4.19.283
CVE-2023-2007: Fix not seen in stream
CVE-2023-20941: Fix unknown
CVE-2023-2124: Fix not seen in stream
@@ -860,7 +860,7 @@
CVE-2023-2177: Fix not seen in stream
CVE-2023-2194: Fixed with 4.19.280
CVE-2023-2248: Fixed with 4.19.282
-CVE-2023-2269: Fix not seen in stream
+CVE-2023-2269: Fixed with 4.19.283
CVE-2023-22995: Fix not seen in stream
CVE-2023-23000: Fix not seen in stream
CVE-2023-23039: Fix unknown
@@ -885,5 +885,6 @@
CVE-2023-31084: Fix unknown
CVE-2023-31085: Fix unknown
CVE-2023-31436: Fixed with 4.19.282
-CVE-2023-32233: Fix not seen in stream
+CVE-2023-32233: Fixed with 4.19.283
CVE-2023-32269: Fixed with 4.19.273
+CVE-2023-33203: Fixed with 4.19.280
diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt
index 74e8f01..4076583 100644
--- a/data/4.19/4.19_security.txt
+++ b/data/4.19/4.19_security.txt
@@ -1129,6 +1129,7 @@
CVE-2023-23454: 8ed4c82571d848d76877c4d70687686e607766e3 net: sched: cbq: dont intepret cls results when asked to drop
CVE-2023-2483: 4bbc59ec4feb1ea8d5cb3d9d38d4cb1317943ea4 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-30772: 533d915899b4a5a7b5b5a99eec24b2920ccd1f11 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: 4bbc59ec4feb1ea8d5cb3d9d38d4cb1317943ea4 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 4.19.281:
CVE-2023-1859: c078fcd3f00ea5eadad07da169956d84f65af49b 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
@@ -1139,6 +1140,12 @@
CVE-2023-2513: 50c3bf3865da5b4c2fb3fedb79093d3ebcfcae21 ext4: fix use-after-free in ext4_xattr_set_entry
CVE-2023-31436: 6ef8120262dfa63d9ec517d724e6f15591473a78 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
+CVEs fixed in 4.19.283:
+ CVE-2023-1380: 39f9bd880abac6068bedb24a4e16e7bd26bf92da wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
+ CVE-2023-2002: 8d59548bae309000442c297bff3e54ab535f0ab7 bluetooth: Perform careful capability checks in hci_sock_ioctl()
+ CVE-2023-2269: b4b94b25c78ed03be0e07fa4e76fe51e64dac533 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
+ CVE-2023-32233: c6989314fd809c5eaf4980d6fa474f19fc653d6c netfilter: nf_tables: deactivate anonymous set from preparation phase
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1311,17 +1318,14 @@
CVE-2023-1077: (unk) sched/rt: pick_next_rt_entity(): check list_entry
CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
- CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry
CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls
- CVE-2023-2002: (unk) bluetooth: Perform careful capability checks in hci_sock_ioctl()
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2156: (unk)
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-2177: (unk) sctp: leave the err path free in sctp_stream_init to sctp_stream_free
- CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
CVE-2023-23039: (unk)
@@ -1334,4 +1338,3 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk)
CVE-2023-31085: (unk)
- CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt
index 6bda418..23be7a5 100644
--- a/data/4.20/4.20_CVEs.txt
+++ b/data/4.20/4.20_CVEs.txt
@@ -883,3 +883,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt
index a300915..a9533b9 100644
--- a/data/4.20/4.20_security.txt
+++ b/data/4.20/4.20_security.txt
@@ -915,3 +915,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt
index 8788dae..d57253d 100644
--- a/data/4.3/4.3_CVEs.txt
+++ b/data/4.3/4.3_CVEs.txt
@@ -1190,3 +1190,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt
index 17235e4..8ac26cd 100644
--- a/data/4.3/4.3_security.txt
+++ b/data/4.3/4.3_security.txt
@@ -1206,3 +1206,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt
index 6814927..3a5b4e9 100644
--- a/data/4.4/4.4_CVEs.txt
+++ b/data/4.4/4.4_CVEs.txt
@@ -1171,3 +1171,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt
index dabfe15..b9fe4da 100644
--- a/data/4.4/4.4_security.txt
+++ b/data/4.4/4.4_security.txt
@@ -1655,3 +1655,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt
index 925e1fa..3caec9e 100644
--- a/data/4.5/4.5_CVEs.txt
+++ b/data/4.5/4.5_CVEs.txt
@@ -1154,3 +1154,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt
index bddf2a7..f10aee8 100644
--- a/data/4.5/4.5_security.txt
+++ b/data/4.5/4.5_security.txt
@@ -1170,3 +1170,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt
index 98e67e4..082b4fa 100644
--- a/data/4.6/4.6_CVEs.txt
+++ b/data/4.6/4.6_CVEs.txt
@@ -1127,3 +1127,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt
index 9dfaa16..565f939 100644
--- a/data/4.6/4.6_security.txt
+++ b/data/4.6/4.6_security.txt
@@ -1145,3 +1145,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt
index d78f42f..6d19dfe 100644
--- a/data/4.7/4.7_CVEs.txt
+++ b/data/4.7/4.7_CVEs.txt
@@ -1110,3 +1110,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt
index b13ee02..e3a5a5e 100644
--- a/data/4.7/4.7_security.txt
+++ b/data/4.7/4.7_security.txt
@@ -1130,3 +1130,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt
index 0906de3..b9a2395 100644
--- a/data/4.8/4.8_CVEs.txt
+++ b/data/4.8/4.8_CVEs.txt
@@ -1114,3 +1114,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt
index 8b1498f..8fe6e9e 100644
--- a/data/4.8/4.8_security.txt
+++ b/data/4.8/4.8_security.txt
@@ -1144,3 +1144,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt
index dbbccb8..cc76937 100644
--- a/data/4.9/4.9_CVEs.txt
+++ b/data/4.9/4.9_CVEs.txt
@@ -1116,3 +1116,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt
index 3cf481e..fad115f 100644
--- a/data/4.9/4.9_security.txt
+++ b/data/4.9/4.9_security.txt
@@ -1660,3 +1660,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt
index df524ae..7a531d0 100644
--- a/data/5.0/5.0_CVEs.txt
+++ b/data/5.0/5.0_CVEs.txt
@@ -862,3 +862,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt
index d79769d..638c154 100644
--- a/data/5.0/5.0_security.txt
+++ b/data/5.0/5.0_security.txt
@@ -910,3 +910,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt
index a927626..b93e3df 100644
--- a/data/5.1/5.1_CVEs.txt
+++ b/data/5.1/5.1_CVEs.txt
@@ -840,3 +840,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt
index 852d7b5..449e589 100644
--- a/data/5.1/5.1_security.txt
+++ b/data/5.1/5.1_security.txt
@@ -876,3 +876,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt
index 4cc1f14..56aef2c 100644
--- a/data/5.10/5.10_CVEs.txt
+++ b/data/5.10/5.10_CVEs.txt
@@ -448,7 +448,7 @@
CVE-2022-38457: Fix not seen in stream
CVE-2022-3903: Fix not seen in stream
CVE-2022-39188: Fix not seen in stream
-CVE-2022-39189: Fix not seen in stream
+CVE-2022-39189: Fixed with 5.10.180
CVE-2022-39190: Fixed with 5.10.140
CVE-2022-39842: Fixed with 5.10.145
CVE-2022-40133: Fix not seen in stream
@@ -520,7 +520,7 @@
CVE-2023-1249: Fixed with 5.10.110
CVE-2023-1252: Fixed with 5.10.80
CVE-2023-1281: Fixed with 5.10.169
-CVE-2023-1380: Fix not seen in stream
+CVE-2023-1380: Fixed with 5.10.180
CVE-2023-1382: Fixed with 5.10.157
CVE-2023-1390: Fixed with 5.10.10
CVE-2023-1513: Fixed with 5.10.169
@@ -535,7 +535,7 @@
CVE-2023-1872: Fix not seen in stream
CVE-2023-1989: Fixed with 5.10.177
CVE-2023-1990: Fixed with 5.10.176
-CVE-2023-2002: Fix not seen in stream
+CVE-2023-2002: Fixed with 5.10.180
CVE-2023-2006: Fixed with 5.10.157
CVE-2023-2007: Fix not seen in stream
CVE-2023-2008: Fixed with 5.10.127
@@ -548,7 +548,7 @@
CVE-2023-2177: Fixed with 5.10.135
CVE-2023-2194: Fixed with 5.10.177
CVE-2023-2248: Fixed with 5.10.179
-CVE-2023-2269: Fix not seen in stream
+CVE-2023-2269: Fixed with 5.10.180
CVE-2023-22995: Fix not seen in stream
CVE-2023-22998: Fixed with 5.10.171
CVE-2023-23000: Fix not seen in stream
@@ -580,5 +580,6 @@
CVE-2023-31084: Fix unknown
CVE-2023-31085: Fix unknown
CVE-2023-31436: Fixed with 5.10.179
-CVE-2023-32233: Fix not seen in stream
+CVE-2023-32233: Fixed with 5.10.180
CVE-2023-32269: Fixed with 5.10.168
+CVE-2023-33203: Fixed with 5.10.177
diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt
index 4bf8d99..fb3fc66 100644
--- a/data/5.10/5.10_security.txt
+++ b/data/5.10/5.10_security.txt
@@ -690,6 +690,7 @@
CVE-2023-2483: cb5879efde4f9b4de4248b835890df7b6c49ffbc net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28466: 1fde5782f187daa05919d2bebd872df8ebcc00d1 net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-30772: 75e2144291e847009fbc0350e10ec588ff96e05a power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: cb5879efde4f9b4de4248b835890df7b6c49ffbc net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 5.10.178:
CVE-2023-1859: 9266e939d76279d8710196d86215ba2be6345041 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
@@ -699,6 +700,13 @@
CVE-2023-2513: 05cf34a2b6414a1172552d16159b3e17e9da36a3 ext4: fix use-after-free in ext4_xattr_set_entry
CVE-2023-31436: ddcf35deb8f2a1d9addc74b586cf4c5a1f5d6020 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
+CVEs fixed in 5.10.180:
+ CVE-2022-39189: 529f41f0eb1ef995bfa83c121c3cfe3a0720119a KVM: x86: do not report a vCPU as preempted outside instruction boundaries
+ CVE-2023-1380: 549825602e3e6449927ca1ea1a08fd89868439df wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
+ CVE-2023-2002: 98cfbad52fc286c2a1a75e04bf47b98d6489db1f bluetooth: Perform careful capability checks in hci_sock_ioctl()
+ CVE-2023-2269: ea827627a9249154b34b646b1e1007013402afea dm ioctl: fix nested locking in table_clear() to remove deadlock concern
+ CVE-2023-32233: e044a24447189419c3a7ccc5fa6da7516036dc55 netfilter: nf_tables: deactivate anonymous set from preparation phase
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -803,7 +811,6 @@
CVE-2022-38457: (unk) drm/vmwgfx: Remove rcu locks from user resources
CVE-2022-3903: (unk) media: mceusb: Use new usb_control_msg_*() routines
CVE-2022-39188: (unk) mmu_gather: Force tlb-flush VM_PFNMAP vmas
- CVE-2022-39189: (unk) KVM: x86: do not report a vCPU as preempted outside instruction boundaries
CVE-2022-40133: (unk) drm/vmwgfx: Remove rcu locks from user resources
CVE-2022-41848: (unk)
CVE-2022-4269: (unk) act_mirred: use the backlog for nested calls to mirred ingress
@@ -823,16 +830,13 @@
CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area
CVE-2023-0615: (unk)
CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry
- CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
CVE-2023-1872: (unk) io_uring: propagate issue_flags state down to file assignment
- CVE-2023-2002: (unk) bluetooth: Perform careful capability checks in hci_sock_ioctl()
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2156: (unk)
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
- CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
CVE-2023-23039: (unk)
@@ -845,4 +849,3 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk)
CVE-2023-31085: (unk)
- CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt
index f459588..e2cbc41 100644
--- a/data/5.11/5.11_CVEs.txt
+++ b/data/5.11/5.11_CVEs.txt
@@ -574,3 +574,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt
index d8c5a98..e6b20fd 100644
--- a/data/5.11/5.11_security.txt
+++ b/data/5.11/5.11_security.txt
@@ -614,3 +614,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt
index 084a931..75d5fe9 100644
--- a/data/5.12/5.12_CVEs.txt
+++ b/data/5.12/5.12_CVEs.txt
@@ -527,3 +527,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt
index cd331c2..0496dd3 100644
--- a/data/5.12/5.12_security.txt
+++ b/data/5.12/5.12_security.txt
@@ -559,3 +559,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt
index 694481f..f2e7406 100644
--- a/data/5.13/5.13_CVEs.txt
+++ b/data/5.13/5.13_CVEs.txt
@@ -496,3 +496,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt
index dcbb478..0544fbe 100644
--- a/data/5.13/5.13_security.txt
+++ b/data/5.13/5.13_security.txt
@@ -528,3 +528,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt
index 164ff57..167d255 100644
--- a/data/5.14/5.14_CVEs.txt
+++ b/data/5.14/5.14_CVEs.txt
@@ -470,3 +470,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt
index 7e6101b..70c06cf 100644
--- a/data/5.14/5.14_security.txt
+++ b/data/5.14/5.14_security.txt
@@ -504,3 +504,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt
index 4d450f6..5e5e080 100644
--- a/data/5.15/5.15_CVEs.txt
+++ b/data/5.15/5.15_CVEs.txt
@@ -457,3 +457,4 @@
CVE-2023-31436: Fixed with 5.15.109
CVE-2023-32233: Fixed with 5.15.111
CVE-2023-32269: Fixed with 5.15.93
+CVE-2023-33203: Fixed with 5.15.105
diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt
index f6484b7..cfedcb9 100644
--- a/data/5.15/5.15_security.txt
+++ b/data/5.15/5.15_security.txt
@@ -497,6 +497,7 @@
CVE-2023-2483: 8c4a180dc12303159592d15e8f077c20deeb1e55 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28466: 0b54d75aa43a1edebc8a3770901f5c3557ee0daa net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-30772: 0fdb1cc4fe5255d0198c332b961bc4c1f8787982 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: 8c4a180dc12303159592d15e8f077c20deeb1e55 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 5.15.106:
CVE-2023-1611: c976f9233ef926e090db5614a837824a0bcab3fb btrfs: fix race between quota disable and quota assign ioctls
diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt
index a0df93b..705986d 100644
--- a/data/5.16/5.16_CVEs.txt
+++ b/data/5.16/5.16_CVEs.txt
@@ -424,3 +424,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt
index 9714de5..a2ba6ec 100644
--- a/data/5.16/5.16_security.txt
+++ b/data/5.16/5.16_security.txt
@@ -460,3 +460,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt
index 0e93c04..bfe016a 100644
--- a/data/5.17/5.17_CVEs.txt
+++ b/data/5.17/5.17_CVEs.txt
@@ -366,3 +366,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt
index 22cf969..28af606 100644
--- a/data/5.17/5.17_security.txt
+++ b/data/5.17/5.17_security.txt
@@ -398,3 +398,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt
index 917f5d4..e057f59 100644
--- a/data/5.18/5.18_CVEs.txt
+++ b/data/5.18/5.18_CVEs.txt
@@ -316,3 +316,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt
index 1ef043c..577a461 100644
--- a/data/5.18/5.18_security.txt
+++ b/data/5.18/5.18_security.txt
@@ -350,3 +350,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt
index 5c1c96f..0a66e42 100644
--- a/data/5.19/5.19_CVEs.txt
+++ b/data/5.19/5.19_CVEs.txt
@@ -273,3 +273,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt
index 0598888..ec29afa 100644
--- a/data/5.19/5.19_security.txt
+++ b/data/5.19/5.19_security.txt
@@ -303,3 +303,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt
index 80046fb..33301bb 100644
--- a/data/5.2/5.2_CVEs.txt
+++ b/data/5.2/5.2_CVEs.txt
@@ -803,3 +803,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt
index b66af2e..c7b0c8f 100644
--- a/data/5.2/5.2_security.txt
+++ b/data/5.2/5.2_security.txt
@@ -841,3 +841,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt
index 4fc1b52..288807d 100644
--- a/data/5.3/5.3_CVEs.txt
+++ b/data/5.3/5.3_CVEs.txt
@@ -777,3 +777,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt
index 3850c21..69c5f00 100644
--- a/data/5.3/5.3_security.txt
+++ b/data/5.3/5.3_security.txt
@@ -813,3 +813,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt
index 096bce8..a9c2235 100644
--- a/data/5.4/5.4_CVEs.txt
+++ b/data/5.4/5.4_CVEs.txt
@@ -651,7 +651,7 @@
CVE-2023-1118: Fixed with 5.4.235
CVE-2023-1249: Fix not seen in stream
CVE-2023-1281: Fix not seen in stream
-CVE-2023-1380: Fix not seen in stream
+CVE-2023-1380: Fixed with 5.4.243
CVE-2023-1382: Fixed with 5.4.226
CVE-2023-1390: Fixed with 5.4.92
CVE-2023-1513: Fixed with 5.4.232
@@ -665,7 +665,7 @@
CVE-2023-1859: Fixed with 5.4.241
CVE-2023-1989: Fixed with 5.4.240
CVE-2023-1990: Fixed with 5.4.238
-CVE-2023-2002: Fix not seen in stream
+CVE-2023-2002: Fixed with 5.4.243
CVE-2023-2007: Fix not seen in stream
CVE-2023-2008: Fixed with 5.4.202
CVE-2023-20928: Fix not seen in stream
@@ -677,7 +677,7 @@
CVE-2023-2177: Fixed with 5.4.209
CVE-2023-2194: Fixed with 5.4.240
CVE-2023-2248: Fixed with 5.4.242
-CVE-2023-2269: Fix not seen in stream
+CVE-2023-2269: Fixed with 5.4.243
CVE-2023-22995: Fix not seen in stream
CVE-2023-23000: Fix not seen in stream
CVE-2023-23004: Fix not seen in stream
@@ -705,5 +705,6 @@
CVE-2023-31084: Fix unknown
CVE-2023-31085: Fix unknown
CVE-2023-31436: Fixed with 5.4.242
-CVE-2023-32233: Fix not seen in stream
+CVE-2023-32233: Fixed with 5.4.243
CVE-2023-32269: Fixed with 5.4.232
+CVE-2023-33203: Fixed with 5.4.240
diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt
index 52001c4..d14cd6d 100644
--- a/data/5.4/5.4_security.txt
+++ b/data/5.4/5.4_security.txt
@@ -894,6 +894,7 @@
CVE-2023-2483: 0e5c7d00ec4f2f359234044b809eb23b7032d9b0 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28466: 754838aa02050ff3d8675bef79d172097218ea71 net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE-2023-30772: 6fe078c2864b9defaa632733a5bae969b398b673 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: 0e5c7d00ec4f2f359234044b809eb23b7032d9b0 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 5.4.241:
CVE-2021-4037: e76bd6da51235ce86f5a8017dd6c056c76da64f9 xfs: fix up non-directory creation in SGID directories
@@ -904,6 +905,12 @@
CVE-2023-2513: 5a62248c58556c395c604d4161d53afae16b6fad ext4: fix use-after-free in ext4_xattr_set_entry
CVE-2023-31436: 35dceaeab97c9e5f3fda3b10ce7f8110df0feecd net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
+CVEs fixed in 5.4.243:
+ CVE-2023-1380: 425eea395f1f5ae349fb55f7fe51d833a5324bfe wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
+ CVE-2023-2002: 48cdcb40d589d990ccc1a99fb76843484ce732a0 bluetooth: Perform careful capability checks in hci_sock_ioctl()
+ CVE-2023-2269: 29a1ef57c3be1d53ecadb749d45b0636e8245a89 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
+ CVE-2023-32233: c8b6063f13add68f89540aa5030ceee875f48aa2 netfilter: nf_tables: deactivate anonymous set from preparation phase
+
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
@@ -1047,17 +1054,14 @@
CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry
CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note
CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu
- CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry
CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls
- CVE-2023-2002: (unk) bluetooth: Perform careful capability checks in hci_sock_ioctl()
CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver
CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-2156: (unk)
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
- CVE-2023-2269: (unk) dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core
CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function
CVE-2023-23004: (unk) malidp: Fix NULL vs IS_ERR() checking
@@ -1070,4 +1074,3 @@
CVE-2023-31083: (unk)
CVE-2023-31084: (unk)
CVE-2023-31085: (unk)
- CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt
index 9443db5..bdb627a 100644
--- a/data/5.5/5.5_CVEs.txt
+++ b/data/5.5/5.5_CVEs.txt
@@ -668,3 +668,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt
index ececbb6..fe689a5 100644
--- a/data/5.5/5.5_security.txt
+++ b/data/5.5/5.5_security.txt
@@ -702,3 +702,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt
index c410dee..ae8ebcd 100644
--- a/data/5.6/5.6_CVEs.txt
+++ b/data/5.6/5.6_CVEs.txt
@@ -646,3 +646,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt
index 2658efe..b00d80b 100644
--- a/data/5.6/5.6_security.txt
+++ b/data/5.6/5.6_security.txt
@@ -680,3 +680,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt
index b40339d..e439199 100644
--- a/data/5.7/5.7_CVEs.txt
+++ b/data/5.7/5.7_CVEs.txt
@@ -643,3 +643,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt
index 8327a53..c77b446 100644
--- a/data/5.7/5.7_security.txt
+++ b/data/5.7/5.7_security.txt
@@ -677,3 +677,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt
index d9f747e..d91e29a 100644
--- a/data/5.8/5.8_CVEs.txt
+++ b/data/5.8/5.8_CVEs.txt
@@ -627,3 +627,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt
index a7da673..5ae366f 100644
--- a/data/5.8/5.8_security.txt
+++ b/data/5.8/5.8_security.txt
@@ -661,3 +661,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt
index 3c584ad..1dd6b94 100644
--- a/data/5.9/5.9_CVEs.txt
+++ b/data/5.9/5.9_CVEs.txt
@@ -600,3 +600,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt
index 7cb9396..7254981 100644
--- a/data/5.9/5.9_security.txt
+++ b/data/5.9/5.9_security.txt
@@ -630,3 +630,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt
index 626d150..6d03c77 100644
--- a/data/6.0/6.0_CVEs.txt
+++ b/data/6.0/6.0_CVEs.txt
@@ -231,3 +231,4 @@
CVE-2023-31436: Fix not seen in stream
CVE-2023-32233: Fix not seen in stream
CVE-2023-32269: Fix not seen in stream
+CVE-2023-33203: Fix not seen in stream
diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt
index d7dff3c..06fa6dd 100644
--- a/data/6.0/6.0_security.txt
+++ b/data/6.0/6.0_security.txt
@@ -265,3 +265,4 @@
CVE-2023-31436: (unk) net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-32233: (unk) netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32269: (unk) netrom: Fix use-after-free caused by accept on already connected socket
+ CVE-2023-33203: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition
diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt
index 5aca183..9bbe812 100644
--- a/data/6.1/6.1_CVEs.txt
+++ b/data/6.1/6.1_CVEs.txt
@@ -177,3 +177,4 @@
CVE-2023-31436: Fixed with 6.1.26
CVE-2023-32233: Fixed with 6.1.28
CVE-2023-32269: Fixed with 6.1.11
+CVE-2023-33203: Fixed with 6.1.22
diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt
index 36e7eb6..e1ec218 100644
--- a/data/6.1/6.1_security.txt
+++ b/data/6.1/6.1_security.txt
@@ -107,6 +107,7 @@
CVE-2023-2483: 5fc2c4e311a9341a2b0e044ab5f33afa37b56226 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28866: b3168abd24245aa0775c5a387dcf94d36ca7e738 Bluetooth: HCI: Fix global-out-of-bounds
CVE-2023-30772: 47b2e1a67e6da172bb4cf69ef9dafde4458bde5f power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: 5fc2c4e311a9341a2b0e044ab5f33afa37b56226 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 6.1.23:
CVE-2023-1611: a38ff2024805a30d9b96f52557c6ea0bbc31252a btrfs: fix race between quota disable and quota assign ioctls
diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt
index 4ce0a67..d860356 100644
--- a/data/6.2/6.2_CVEs.txt
+++ b/data/6.2/6.2_CVEs.txt
@@ -126,3 +126,4 @@
CVE-2023-31085: Fix unknown
CVE-2023-31436: Fixed with 6.2.13
CVE-2023-32233: Fixed with 6.2.15
+CVE-2023-33203: Fixed with 6.2.9
diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt
index 307887a..6d19a2b 100644
--- a/data/6.2/6.2_security.txt
+++ b/data/6.2/6.2_security.txt
@@ -38,6 +38,7 @@
CVE-2023-2483: 514dc3d0f176d280dc2d3cd25e898a7ec329e878 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28866: 8497222b22b591c6b2d106e0e3c1672ffe4e10e0 Bluetooth: HCI: Fix global-out-of-bounds
CVE-2023-30772: a7d686b36aa8021ee96128290ac3b58c4c1f6297 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
+ CVE-2023-33203: 514dc3d0f176d280dc2d3cd25e898a7ec329e878 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVEs fixed in 6.2.10:
CVE-2023-1611: 4caab245b0469ce9258ba099a41e909f5d307b33 btrfs: fix race between quota disable and quota assign ioctls
diff --git a/data/CVEs.txt b/data/CVEs.txt
index 8b6a238..faa38c5 100644
--- a/data/CVEs.txt
+++ b/data/CVEs.txt
@@ -2401,3 +2401,4 @@
CVE-2023-31436: 3015f3d2a3cd9614294025849d3ed89fd2f3a7f5 - 3037933448f60f9acb705997eae62013ecb81e0d (v3.7-rc5 to v6.3)
CVE-2023-32233: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c1592a89942e9678f7d9c8030efa777c0d57edab (v2.6.12-rc2 to v6.4-rc1)
CVE-2023-32269: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 611792920925fb088ddccbe2783c7f92fdfb6b64 (v2.6.12-rc2 to v6.2-rc7)
+CVE-2023-33203: (n/a) - 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (unk to v6.3-rc4)
diff --git a/data/kernel_cves.json b/data/kernel_cves.json
index eeef430..65d9670 100644
--- a/data/kernel_cves.json
+++ b/data/kernel_cves.json
@@ -77562,7 +77562,7 @@
"cwe": "Unspecified",
"fixes": "6cd88243c7e03845a450795e134b488fc2afb736",
"last_affected_version": "5.18.16",
- "last_modified": "2023-01-02",
+ "last_modified": "2023-05-19",
"nvd_text": "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2022-39189",
@@ -80354,7 +80354,8 @@
"breaks": "7be3248f313930ff3d3436d4e9ddbe9fccc1f541",
"cmt_msg": "cifs: fix use-after-free caused by invalid pointer `hostname`",
"fixes": "153695d36ead0ccc4d0256953c751cabf673e621",
- "last_modified": "2023-03-09",
+ "last_modified": "2023-05-19",
+ "nvd_text": "A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1195",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-1195",
@@ -80469,7 +80470,7 @@
},
"fixes": "0da40e018fd034d87c9460123fa7f897b69fdee7",
"last_affected_version": "6.2.13",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"nvd_text": "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1380",
@@ -80835,7 +80836,8 @@
"cmt_msg": "9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition",
"fixes": "ea4f1009408efb4989a0f139b70fb338e7f687d0",
"last_affected_version": "6.2.11",
- "last_modified": "2023-05-05",
+ "last_modified": "2023-05-19",
+ "nvd_text": "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1859",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-1859",
@@ -80967,7 +80969,7 @@
"cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()",
"fixes": "25c150ac103a4ebeed0319994c742a90634ddf18",
"last_affected_version": "6.2.13",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2002",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-2002",
@@ -81212,7 +81214,8 @@
"cmt_msg": "efi: rt-wrapper: Add missing include",
"fixes": "18bba1843fc7f264f58c9345d00827d082f9c558",
"last_affected_version": "6.1.7",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
+ "nvd_text": "In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-21102",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-21102",
@@ -81228,7 +81231,8 @@
"cmt_msg": "drm/msm/gpu: Fix potential double-free",
"fixes": "a66f1efcf748febea7758c4c3c8b5bc5294949ef",
"last_affected_version": "6.1.8",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
+ "nvd_text": "In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-265016072References: Upstream kernel",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-21106",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-21106",
@@ -81243,7 +81247,8 @@
"breaks": "50d5c8d8e938e3c4c0d21db9fc7d64282dc7be20",
"cmt_msg": "xfs: verify buffer contents when we skip log replay",
"fixes": "22ed903eee23a5b174e240f1cdfa9acf393a5210",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
+ "nvd_text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2124",
"ExploitDB": "https://www.exploit-db.com/search?cve=2023-2124",
@@ -81256,8 +81261,20 @@
"CVE-2023-2156": {
"affected_versions": "unk to unk",
"breaks": "",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Network",
+ "Availability": "High",
+ "Confidentiality": "None",
+ "Integrity": "None",
+ "Privileges Required": "None",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "score": 7.5
+ },
"fixes": "",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"nvd_text": "A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2156",
@@ -81506,7 +81523,7 @@
},
"fixes": "3d32aaa7e66d5c1479a3c31d6c2c5d45dd0d3b89",
"last_affected_version": "6.2.14",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"nvd_text": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2269",
@@ -82070,9 +82087,21 @@
"affected_versions": "v2.6.19-rc2 to v6.0-rc1",
"breaks": "ac27a0ec112a089f1a5102bc8dffc79c8c815571",
"cmt_msg": "ext4: fix use-after-free in ext4_xattr_set_entry",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "High",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+ "score": 6.7
+ },
"fixes": "67d7d8ad99beccd9fe92d585b87f1760dc9018e3",
"last_affected_version": "5.18.17",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"nvd_text": "A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2513",
@@ -82682,9 +82711,21 @@
"affected_versions": "v2.6.12-rc2 to v6.4-rc1",
"breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
+ "cvss3": {
+ "Attack Complexity": "Low",
+ "Attack Vector": "Local",
+ "Availability": "High",
+ "Confidentiality": "High",
+ "Integrity": "High",
+ "Privileges Required": "Low",
+ "Scope": "Unchanged",
+ "User Interaction": "None",
+ "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "score": 7.8
+ },
"fixes": "c1592a89942e9678f7d9c8030efa777c0d57edab",
"last_affected_version": "6.2.14",
- "last_modified": "2023-05-12",
+ "last_modified": "2023-05-19",
"nvd_text": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.",
"ref_urls": {
"Debian": "https://security-tracker.debian.org/tracker/CVE-2023-32233",
@@ -82723,5 +82764,22 @@
"SUSE": "https://www.suse.com/security/cve/CVE-2023-32269",
"Ubuntu": "https://ubuntu.com/security/CVE-2023-32269"
}
+ },
+ "CVE-2023-33203": {
+ "affected_versions": "unk to v6.3-rc4",
+ "breaks": "",
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "fixes": "6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75",
+ "last_affected_version": "6.2.8",
+ "last_modified": "2023-05-19",
+ "nvd_text": "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.",
+ "ref_urls": {
+ "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-33203",
+ "ExploitDB": "https://www.exploit-db.com/search?cve=2023-33203",
+ "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-33203",
+ "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-33203",
+ "SUSE": "https://www.suse.com/security/cve/CVE-2023-33203",
+ "Ubuntu": "https://ubuntu.com/security/CVE-2023-33203"
+ }
}
}
\ No newline at end of file
diff --git a/data/stream_data.json b/data/stream_data.json
index b08280f..d47141d 100644
--- a/data/stream_data.json
+++ b/data/stream_data.json
@@ -2954,6 +2954,9 @@
"CVE-2015-8767": {
"cmt_msg": "sctp: Prevent soft lockup when sctp_accept() is called during a timeout event"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -5852,6 +5855,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -9225,6 +9231,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -12391,6 +12400,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -15523,6 +15535,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -20844,6 +20859,10 @@
"cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop",
"cmt_id": "c4b1e702dc841a79664c5b8000fd99ffe9b3e9c2"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "aee129c0096e479eae92e2127f96f9d08f16ad8f"
+ },
"CVE-2023-1670": {
"cmt_msg": "xirc2ps_cs: Fix use after free bug in xirc2ps_detach",
"cmt_id": "fe7eebebca51d56b900331c3052a6342731f1117"
@@ -20877,6 +20896,24 @@
"cmt_id": "0616570ce23bbcc1ac842e97fb8e167235f1582d"
}
},
+ "4.14.315": {
+ "CVE-2023-1380": {
+ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()",
+ "cmt_id": "ac5305e5d227b9af3aae25fa83380d3ff0225b73"
+ },
+ "CVE-2023-32233": {
+ "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
+ "cmt_id": "86572872505023e3bb461b271c2f25fdaa3dfcd7"
+ },
+ "CVE-2023-2002": {
+ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()",
+ "cmt_id": "73ddc585228db650bd4ff10d5b59c831924fd9ba"
+ },
+ "CVE-2023-2269": {
+ "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
+ "cmt_id": "c9dfa8ba3b181e67970f06d80de18aa257d1ecda"
+ }
+ },
"outstanding": {
"CVE-2023-0160": {
"cmt_msg": ""
@@ -20911,8 +20948,8 @@
"CVE-2018-20855": {
"cmt_msg": "IB/mlx5: Fix leaking stack memory to userspace"
},
- "CVE-2023-1380": {
- "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
+ "CVE-2023-2007": {
+ "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
},
"CVE-2023-0615": {
"cmt_msg": ""
@@ -20974,9 +21011,6 @@
"CVE-2022-1263": {
"cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push"
},
- "CVE-2023-32233": {
- "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
- },
"CVE-2021-35477": {
"cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4"
},
@@ -21217,9 +21251,6 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2023-2269": {
- "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
- },
"CVE-2019-19927": {
"cmt_msg": "drm/ttm: fix incrementing the page pointer for huge pages"
},
@@ -21301,9 +21332,6 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
- "CVE-2023-2007": {
- "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
- },
"CVE-2022-2327": {
"cmt_msg": "io_uring: remove any grabbing of context"
},
@@ -21513,9 +21541,6 @@
},
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
- },
- "CVE-2023-2002": {
- "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
}
}
},
@@ -22854,6 +22879,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -25713,6 +25741,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -30475,6 +30506,10 @@
"cmt_msg": "net: sched: cbq: dont intepret cls results when asked to drop",
"cmt_id": "8ed4c82571d848d76877c4d70687686e607766e3"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "4bbc59ec4feb1ea8d5cb3d9d38d4cb1317943ea4"
+ },
"CVE-2022-4744": {
"cmt_msg": "tun: avoid double free in tun_free_netdev",
"cmt_id": "8eb43d635950e27c29f1e9e49a23b31637f37757"
@@ -30516,6 +30551,24 @@
"cmt_id": "6ef8120262dfa63d9ec517d724e6f15591473a78"
}
},
+ "4.19.283": {
+ "CVE-2023-1380": {
+ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()",
+ "cmt_id": "39f9bd880abac6068bedb24a4e16e7bd26bf92da"
+ },
+ "CVE-2023-32233": {
+ "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
+ "cmt_id": "c6989314fd809c5eaf4980d6fa474f19fc653d6c"
+ },
+ "CVE-2023-2002": {
+ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()",
+ "cmt_id": "8d59548bae309000442c297bff3e54ab535f0ab7"
+ },
+ "CVE-2023-2269": {
+ "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
+ "cmt_id": "b4b94b25c78ed03be0e07fa4e76fe51e64dac533"
+ }
+ },
"outstanding": {
"CVE-2023-0160": {
"cmt_msg": ""
@@ -30550,9 +30603,6 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
- "CVE-2023-1380": {
- "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
- },
"CVE-2023-0615": {
"cmt_msg": ""
},
@@ -30622,9 +30672,6 @@
"CVE-2022-1263": {
"cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push"
},
- "CVE-2023-32233": {
- "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
- },
"CVE-2019-15222": {
"cmt_msg": "ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check"
},
@@ -30838,9 +30885,6 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2023-2269": {
- "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
- },
"CVE-2022-3903": {
"cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
@@ -31098,9 +31142,6 @@
},
"CVE-2019-5489": {
"cmt_msg": "Change mincore() to count \"mapped\" pages rather than \"cached\" pages"
- },
- "CVE-2023-2002": {
- "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
}
}
},
@@ -32408,6 +32449,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -36581,6 +36625,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -40509,6 +40556,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -45790,6 +45840,9 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -49875,6 +49928,9 @@
"CVE-2018-18690": {
"cmt_msg": "xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-3896": {
"cmt_msg": "isdn: cpai: check ctr->cnr to avoid array index out of bound"
},
@@ -51282,6 +51338,10 @@
"cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition",
"cmt_id": "a7d686b36aa8021ee96128290ac3b58c4c1f6297"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "514dc3d0f176d280dc2d3cd25e898a7ec329e878"
+ },
"CVE-2023-28866": {
"cmt_msg": "Bluetooth: HCI: Fix global-out-of-bounds",
"cmt_id": "8497222b22b591c6b2d106e0e3c1672ffe4e10e0"
@@ -51938,6 +51998,10 @@
"cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition",
"cmt_id": "47b2e1a67e6da172bb4cf69ef9dafde4458bde5f"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "5fc2c4e311a9341a2b0e044ab5f33afa37b56226"
+ },
"CVE-2023-28866": {
"cmt_msg": "Bluetooth: HCI: Fix global-out-of-bounds",
"cmt_id": "b3168abd24245aa0775c5a387dcf94d36ca7e738"
@@ -52919,6 +52983,9 @@
"CVE-2022-4129": {
"cmt_msg": "l2tp: Serialize access to sk_user_data with sk_callback_lock"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2023-2235": {
"cmt_msg": "perf: Fix check before add_event_to_groups() in perf_group_detach()"
},
@@ -54682,6 +54749,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -60750,6 +60820,9 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2023-26545": {
"cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename"
},
@@ -62874,6 +62947,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -66302,6 +66378,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -70656,6 +70735,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -73226,6 +73308,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -75910,6 +75995,9 @@
"CVE-2019-19533": {
"cmt_msg": "media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -78889,6 +78977,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -80901,6 +80992,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -82809,6 +82903,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -88223,6 +88320,9 @@
"CVE-2018-20509": {
"cmt_msg": "binder: refactor binder ref inc/dec for thread safety"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2023-2007": {
"cmt_msg": "scsi: dpt_i2o: Remove obsolete driver"
},
@@ -90009,6 +90109,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -93384,6 +93487,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2017-0627": {
"cmt_msg": "media: uvcvideo: Prevent heap overflow when accessing mapped controls"
},
@@ -96506,6 +96612,9 @@
"CVE-2020-12364": {
"cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -99138,6 +99247,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -101711,6 +101823,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -103868,6 +103983,9 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -105459,6 +105577,9 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -108227,6 +108348,10 @@
"cmt_msg": "btrfs: fix race between quota disable and quota assign ioctls",
"cmt_id": "5f6347034341bf45056ca1ec3fa72040152ecf83"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "cb5879efde4f9b4de4248b835890df7b6c49ffbc"
+ },
"CVE-2022-4379": {
"cmt_msg": "NFSD: fix use-after-free in __nfs42_ssc_open()",
"cmt_id": "01e4c9c03de8a9f8839cb7342bc4bccf9104efe5"
@@ -108268,6 +108393,28 @@
"cmt_id": "ddcf35deb8f2a1d9addc74b586cf4c5a1f5d6020"
}
},
+ "5.10.180": {
+ "CVE-2023-1380": {
+ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()",
+ "cmt_id": "549825602e3e6449927ca1ea1a08fd89868439df"
+ },
+ "CVE-2023-32233": {
+ "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
+ "cmt_id": "e044a24447189419c3a7ccc5fa6da7516036dc55"
+ },
+ "CVE-2023-2002": {
+ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()",
+ "cmt_id": "98cfbad52fc286c2a1a75e04bf47b98d6489db1f"
+ },
+ "CVE-2022-39189": {
+ "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries",
+ "cmt_id": "529f41f0eb1ef995bfa83c121c3cfe3a0720119a"
+ },
+ "CVE-2023-2269": {
+ "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
+ "cmt_id": "ea827627a9249154b34b646b1e1007013402afea"
+ }
+ },
"outstanding": {
"CVE-2023-0160": {
"cmt_msg": ""
@@ -108296,9 +108443,6 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
- "CVE-2023-1380": {
- "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
- },
"CVE-2023-0615": {
"cmt_msg": ""
},
@@ -108353,9 +108497,6 @@
"CVE-2022-1263": {
"cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push"
},
- "CVE-2023-32233": {
- "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
- },
"CVE-2021-3864": {
"cmt_msg": ""
},
@@ -108485,9 +108626,6 @@
"CVE-2013-7445": {
"cmt_msg": ""
},
- "CVE-2022-39189": {
- "cmt_msg": "KVM: x86: do not report a vCPU as preempted outside instruction boundaries"
- },
"CVE-2022-39188": {
"cmt_msg": "mmu_gather: Force tlb-flush VM_PFNMAP vmas"
},
@@ -108512,9 +108650,6 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2023-2269": {
- "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
- },
"CVE-2022-3523": {
"cmt_msg": "mm/memory.c: fix race when faulting a device private page"
},
@@ -108703,9 +108838,6 @@
},
"CVE-2023-23039": {
"cmt_msg": ""
- },
- "CVE-2023-2002": {
- "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
}
}
},
@@ -109673,6 +109805,9 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -111626,6 +111761,9 @@
"CVE-2022-33740": {
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2022-41850": {
"cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
@@ -112876,6 +113014,9 @@
"CVE-2022-33740": {
"cmt_msg": "xen/netfront: fix leaking data in shared pages"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2022-41850": {
"cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
@@ -113937,6 +114078,9 @@
"CVE-2022-0500": {
"cmt_msg": "bpf: Introduce MEM_RDONLY flag"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-4001": {
"cmt_msg": "bpf: Fix toctou on read-only map's constant scalar tracking"
},
@@ -116133,6 +116277,10 @@
"cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition",
"cmt_id": "0fdb1cc4fe5255d0198c332b961bc4c1f8787982"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "8c4a180dc12303159592d15e8f077c20deeb1e55"
+ },
"CVE-2022-4379": {
"cmt_msg": "NFSD: fix use-after-free in __nfs42_ssc_open()",
"cmt_id": "ec5b7814353532243e8a9147d232a32549174909"
@@ -117819,6 +117967,9 @@
"CVE-2022-28388": {
"cmt_msg": "can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -121762,6 +121913,10 @@
"cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition",
"cmt_id": "6fe078c2864b9defaa632733a5bae969b398b673"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition",
+ "cmt_id": "0e5c7d00ec4f2f359234044b809eb23b7032d9b0"
+ },
"CVE-2022-4744": {
"cmt_msg": "tun: avoid double free in tun_free_netdev",
"cmt_id": "0c0e566f0387490d16f166808c72e9c772027681"
@@ -121811,6 +121966,24 @@
"cmt_id": "35dceaeab97c9e5f3fda3b10ce7f8110df0feecd"
}
},
+ "5.4.243": {
+ "CVE-2023-1380": {
+ "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()",
+ "cmt_id": "425eea395f1f5ae349fb55f7fe51d833a5324bfe"
+ },
+ "CVE-2023-32233": {
+ "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase",
+ "cmt_id": "c8b6063f13add68f89540aa5030ceee875f48aa2"
+ },
+ "CVE-2023-2002": {
+ "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()",
+ "cmt_id": "48cdcb40d589d990ccc1a99fb76843484ce732a0"
+ },
+ "CVE-2023-2269": {
+ "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern",
+ "cmt_id": "29a1ef57c3be1d53ecadb749d45b0636e8245a89"
+ }
+ },
"outstanding": {
"CVE-2023-0160": {
"cmt_msg": ""
@@ -121845,9 +122018,6 @@
"CVE-2018-1121": {
"cmt_msg": ""
},
- "CVE-2023-1380": {
- "cmt_msg": "wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
- },
"CVE-2023-0615": {
"cmt_msg": ""
},
@@ -121911,9 +122081,6 @@
"CVE-2022-1263": {
"cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push"
},
- "CVE-2023-32233": {
- "cmt_msg": "netfilter: nf_tables: deactivate anonymous set from preparation phase"
- },
"CVE-2021-3864": {
"cmt_msg": ""
},
@@ -122088,9 +122255,6 @@
"CVE-2022-38096": {
"cmt_msg": ""
},
- "CVE-2023-2269": {
- "cmt_msg": "dm ioctl: fix nested locking in table_clear() to remove deadlock concern"
- },
"CVE-2022-3903": {
"cmt_msg": "media: mceusb: Use new usb_control_msg_*() routines"
},
@@ -122306,9 +122470,6 @@
},
"CVE-2020-27835": {
"cmt_msg": "IB/hfi1: Ensure correct mm is used at all times"
- },
- "CVE-2023-2002": {
- "cmt_msg": "bluetooth: Perform careful capability checks in hci_sock_ioctl()"
}
}
},
@@ -123121,6 +123282,9 @@
"CVE-2022-4129": {
"cmt_msg": "l2tp: Serialize access to sk_user_data with sk_callback_lock"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2022-41850": {
"cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
@@ -124024,6 +124188,9 @@
"CVE-2022-4129": {
"cmt_msg": "l2tp: Serialize access to sk_user_data with sk_callback_lock"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2022-41850": {
"cmt_msg": "HID: roccat: Fix use-after-free in roccat_read()"
},
@@ -125527,6 +125694,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
@@ -127691,6 +127861,9 @@
"CVE-2020-25639": {
"cmt_msg": "drm/nouveau: bail out of nouveau_channel_new if channel init fails"
},
+ "CVE-2023-33203": {
+ "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition"
+ },
"CVE-2021-0605": {
"cmt_msg": "af_key: pfkey_dump needs parameter validation"
},
diff --git a/data/stream_fixes.json b/data/stream_fixes.json
index e2989f7..63c3154 100644
--- a/data/stream_fixes.json
+++ b/data/stream_fixes.json
@@ -35200,6 +35200,10 @@
}
},
"CVE-2022-39189": {
+ "5.10": {
+ "cmt_id": "529f41f0eb1ef995bfa83c121c3cfe3a0720119a",
+ "fixed_version": "5.10.180"
+ },
"5.15": {
"cmt_id": "92343314d34e04da0923cefd3be67521d706fa35",
"fixed_version": "5.15.60"
@@ -36666,10 +36670,26 @@
}
},
"CVE-2023-1380": {
+ "4.14": {
+ "cmt_id": "ac5305e5d227b9af3aae25fa83380d3ff0225b73",
+ "fixed_version": "4.14.315"
+ },
+ "4.19": {
+ "cmt_id": "39f9bd880abac6068bedb24a4e16e7bd26bf92da",
+ "fixed_version": "4.19.283"
+ },
+ "5.10": {
+ "cmt_id": "549825602e3e6449927ca1ea1a08fd89868439df",
+ "fixed_version": "5.10.180"
+ },
"5.15": {
"cmt_id": "936a23293bbb3332bdf4cdb9c1496e80cb0bc2c8",
"fixed_version": "5.15.110"
},
+ "5.4": {
+ "cmt_id": "425eea395f1f5ae349fb55f7fe51d833a5324bfe",
+ "fixed_version": "5.4.243"
+ },
"6.1": {
"cmt_id": "e29661611e6e71027159a3140e818ef3b99f32dd",
"fixed_version": "6.1.27"
@@ -37062,10 +37082,26 @@
}
},
"CVE-2023-2002": {
+ "4.14": {
+ "cmt_id": "73ddc585228db650bd4ff10d5b59c831924fd9ba",
+ "fixed_version": "4.14.315"
+ },
+ "4.19": {
+ "cmt_id": "8d59548bae309000442c297bff3e54ab535f0ab7",
+ "fixed_version": "4.19.283"
+ },
+ "5.10": {
+ "cmt_id": "98cfbad52fc286c2a1a75e04bf47b98d6489db1f",
+ "fixed_version": "5.10.180"
+ },
"5.15": {
"cmt_id": "f1e6a14d5ae879d6ab6d90c58d2fde1b5716b389",
"fixed_version": "5.15.110"
},
+ "5.4": {
+ "cmt_id": "48cdcb40d589d990ccc1a99fb76843484ce732a0",
+ "fixed_version": "5.4.243"
+ },
"6.1": {
"cmt_id": "47e6893a5b0ad14c0b1c25983a1facb1cf667b6e",
"fixed_version": "6.1.27"
@@ -37304,10 +37340,26 @@
}
},
"CVE-2023-2269": {
+ "4.14": {
+ "cmt_id": "c9dfa8ba3b181e67970f06d80de18aa257d1ecda",
+ "fixed_version": "4.14.315"
+ },
+ "4.19": {
+ "cmt_id": "b4b94b25c78ed03be0e07fa4e76fe51e64dac533",
+ "fixed_version": "4.19.283"
+ },
+ "5.10": {
+ "cmt_id": "ea827627a9249154b34b646b1e1007013402afea",
+ "fixed_version": "5.10.180"
+ },
"5.15": {
"cmt_id": "e11765cea2050fa25fc3e03da858e83284c5ce79",
"fixed_version": "5.15.111"
},
+ "5.4": {
+ "cmt_id": "29a1ef57c3be1d53ecadb749d45b0636e8245a89",
+ "fixed_version": "5.4.243"
+ },
"6.1": {
"cmt_id": "9a94ebc74c3540aba5aa2c7b05032da4610a08c9",
"fixed_version": "6.1.28"
@@ -37874,10 +37926,26 @@
}
},
"CVE-2023-32233": {
+ "4.14": {
+ "cmt_id": "86572872505023e3bb461b271c2f25fdaa3dfcd7",
+ "fixed_version": "4.14.315"
+ },
+ "4.19": {
+ "cmt_id": "c6989314fd809c5eaf4980d6fa474f19fc653d6c",
+ "fixed_version": "4.19.283"
+ },
+ "5.10": {
+ "cmt_id": "e044a24447189419c3a7ccc5fa6da7516036dc55",
+ "fixed_version": "5.10.180"
+ },
"5.15": {
"cmt_id": "21c2a454486d5e9c1517ecca19266b3be3df73ca",
"fixed_version": "5.15.111"
},
+ "5.4": {
+ "cmt_id": "c8b6063f13add68f89540aa5030ceee875f48aa2",
+ "fixed_version": "5.4.243"
+ },
"6.1": {
"cmt_id": "4507918cd1f8b80f21a396fa0531d53e372bed66",
"fixed_version": "6.1.28"
@@ -37912,5 +37980,35 @@
"cmt_id": "5c2227f3f17782d5262ee0979ad30609b3e01f6e",
"fixed_version": "6.1.11"
}
+ },
+ "CVE-2023-33203": {
+ "4.14": {
+ "cmt_id": "aee129c0096e479eae92e2127f96f9d08f16ad8f",
+ "fixed_version": "4.14.312"
+ },
+ "4.19": {
+ "cmt_id": "4bbc59ec4feb1ea8d5cb3d9d38d4cb1317943ea4",
+ "fixed_version": "4.19.280"
+ },
+ "5.10": {
+ "cmt_id": "cb5879efde4f9b4de4248b835890df7b6c49ffbc",
+ "fixed_version": "5.10.177"
+ },
+ "5.15": {
+ "cmt_id": "8c4a180dc12303159592d15e8f077c20deeb1e55",
+ "fixed_version": "5.15.105"
+ },
+ "5.4": {
+ "cmt_id": "0e5c7d00ec4f2f359234044b809eb23b7032d9b0",
+ "fixed_version": "5.4.240"
+ },
+ "6.1": {
+ "cmt_id": "5fc2c4e311a9341a2b0e044ab5f33afa37b56226",
+ "fixed_version": "6.1.22"
+ },
+ "6.2": {
+ "cmt_id": "514dc3d0f176d280dc2d3cd25e898a7ec329e878",
+ "fixed_version": "6.2.9"
+ }
}
}
\ No newline at end of file
