Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a24d4d7d by Salvatore Bonaccorso at 2024-02-27T16:43:57+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -76,24 +76,42 @@ CVE-2021-46917 (In the Linux kernel, the following vulnerability has been resolv TODO: check CVE-2021-46916 (In the Linux kernel, the following vulnerability has been resolved: i ...) TODO: check -CVE-2021-46915 (In the Linux kernel, the following vulnerability has been resolved: n ...) - TODO: check CVE-2021-46914 (In the Linux kernel, the following vulnerability has been resolved: i ...) TODO: check -CVE-2021-46913 (In the Linux kernel, the following vulnerability has been resolved: n ...) - TODO: check -CVE-2021-46912 (In the Linux kernel, the following vulnerability has been resolved: n ...) - TODO: check -CVE-2021-46911 (In the Linux kernel, the following vulnerability has been resolved: c ...) - TODO: check -CVE-2021-46910 (In the Linux kernel, the following vulnerability has been resolved: A ...) - TODO: check -CVE-2021-46909 (In the Linux kernel, the following vulnerability has been resolved: A ...) - TODO: check -CVE-2021-46908 (In the Linux kernel, the following vulnerability has been resolved: b ...) - TODO: check -CVE-2021-46907 (In the Linux kernel, the following vulnerability has been resolved: K ...) - TODO: check +CVE-2021-46915 [netfilter: nft_limit: avoid possible divide error in nft_limit_init] + - linux 5.10.38-1 + [buster] - linux 4.19.194-1 + NOTE: https://git.kernel.org/linus/b895bdf5d643b6feb7c60856326dd4feb6981560 (5.12-rc8) +CVE-2021-46913 [netfilter: nftables: clone set element expression template] + - linux 5.14.6-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4d8f9065830e526c83199186c5f56a6514f457d2 (5.12-rc8) +CVE-2021-46912 [net: Make tcp_allowed_congestion_control readonly in non-init netns] + - linux 5.10.38-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/97684f0970f6e112926de631fdd98d9693c7e5c1 (5.12-rc8) +CVE-2021-46911 [ch_ktls: Fix kernel panic] + - linux 5.10.38-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1a73e427b824133940c2dd95ebe26b6dce1cbf10 (5.12-rc8) +CVE-2021-46910 [ARM: 9063/1: mm: reduce maximum number of CPUs if DEBUG_KMAP_LOCAL is enabled] + - linux 5.14.6-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d624833f5984d484c5e3196f34b926f9e71dafee (5.12-rc8) +CVE-2021-46909 [ARM: footbridge: fix PCI interrupt mapping] + - linux 5.10.38-1 + [buster] - linux 4.19.194-1 + NOTE: https://git.kernel.org/linus/30e3b4f256b4e366a61658c294f6a21b8626dda7 (5.12-rc8) +CVE-2021-46908 [bpf: Use correct permission flag for mixed signed bounds arithmetic] + - linux 5.10.38-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9601148392520e2e134936e76788fc2a6371e7be (5.12-rc8) +CVE-2021-46907 [KVM: VMX: Don't use vcpu->run->internal.ndata as an array index] + - linux 5.10.38-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a (5.12-rc8) CVE-2024-26144 [Possible Sensitive Session Information Leak in Active Storage] - rails <unfixed> NOTE: https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits