Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f81473bc by Salvatore Bonaccorso at 2024-05-21T19:18:28+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,1202 @@ +CVE-2023-52879 [tracing: Have trace_event_file have ref counters] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4 (6.7-rc1) +CVE-2023-52878 [can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/6411959c10fe917288cbb1038886999148560057 (6.7-rc1) +CVE-2023-52877 [usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4987daf86c152ff882d51572d154ad12e4ff3a4b (6.7-rc1) +CVE-2023-52876 [clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0884393c63cc9a1772f7121a6645ba7bd76feeb9 (6.7-rc1) +CVE-2023-52875 [clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3 (6.7-rc1) +CVE-2023-52874 [x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5d092b66119d774853cc9308522620299048a662 (6.7-rc1) +CVE-2023-52873 [clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1f57f78fbacf630430bf954e5a84caafdfea30c0 (6.7-rc1) +CVE-2023-52872 [tty: n_gsm: fix race condition in status line change on dead connections] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3a75b205de43365f80a33b98ec9289785da56243 (6.7-rc1) +CVE-2023-52871 [soc: qcom: llcc: Handle a second device without data corruption] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/f1a1bc8775b26345aba2be278118999e7f661d3d (6.7-rc1) +CVE-2023-52870 [clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b82681042724924ae3ba0f2f2eeec217fa31e830 (6.7-rc1) +CVE-2023-52869 [pstore/platform: Add check for kstrdup] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c (6.7-rc1) +CVE-2023-52868 [thermal: core: prevent potential string overflow] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/c99626092efca3061b387043d4a7399bf75fbdd5 (6.7-rc1) +CVE-2023-52867 [drm/radeon: possible buffer overflow] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/dd05484f99d16715a88eedfca363828ef9a4c2d4 (6.7-rc1) +CVE-2023-52866 [HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6 (6.7-rc1) +CVE-2023-52865 [clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/606f6366a35a3329545e38129804d65ef26ed7d2 (6.7-rc1) +CVE-2023-52864 [platform/x86: wmi: Fix opening of char device] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/eba9ac7abab91c8f6d351460239108bef5e7a0b6 (6.7-rc1) +CVE-2023-52863 [hwmon: (axi-fan-control) Fix possible NULL pointer dereference] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0 (6.7-rc1) +CVE-2023-52862 [drm/amd/display: Fix null pointer dereference in error message] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0c3601a2fbfb265ce283651480e30c8e60459112 (6.7-rc1) +CVE-2023-52861 [drm: bridge: it66121: Fix invalid connector dereference] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d0375f6858c4ff7244b62b02eb5e93428e1916cd (6.7-rc1) +CVE-2023-52860 [drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/50b560783f7f71790bcf70e9e9855155fb0af8c1 (6.7-rc1) +CVE-2023-52859 [perf: hisi: Fix use-after-free when register pmu fails] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b805cafc604bfdb671fae7347a57f51154afa735 (6.7-rc1) +CVE-2023-52858 [clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2befa515c1bb6cdd33c262b909d93d1973a219aa (6.7-rc1) +CVE-2023-52857 [drm/mediatek: Fix coverity issue with unintentional integer overflow] + - linux 6.6.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b0b0d811eac6b4c52cb9ad632fa6384cf48869e7 (6.7-rc1) +CVE-2023-52856 [drm/bridge: lt8912b: Fix crash on bridge detach] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/44283993144a03af9df31934d6c32bbd42d1a347 (6.7-rc1) +CVE-2023-52855 [usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6 (6.7-rc1) +CVE-2023-52854 [padata: Fix refcnt handling in padata_free_shell()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/7ddc21e317b360c3444de3023bcc83b85fabae2f (6.7-rc1) +CVE-2023-52853 [hid: cp2112: Fix duplicate workqueue initialization] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/e3c2d2d144c082dd71596953193adf9891491f42 (6.7-rc1) +CVE-2023-52852 [f2fs: compress: fix to avoid use-after-free on dic] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b0327c84e91a0f4f0abced8cb83ec86a7083f086 (6.7-rc1) +CVE-2023-52851 [IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2ef422f063b74adcc4a4a9004b0a87bb55e0a836 (6.7-rc1) +CVE-2023-52850 [media: hantro: Check whether reset op is defined before use] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/88d4b23a629ebd34f682f770cb6c2116c851f7b8 (6.7-rc1) +CVE-2023-52849 [cxl/mem: Fix shutdown order] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/88d3917f82ed4215a2154432c26de1480a61b209 (6.7-rc1) +CVE-2023-52848 [f2fs: fix to drop meta_inode's page cache in f2fs_put_super()] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a4639380bbe66172df329f8b54aa7d2e943f0f64 (6.7-rc1) +CVE-2023-52847 [media: bttv: fix use after free error due to btv->timeout timer] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/bd5b50b329e850d467e7bcc07b2b6bde3752fbda (6.7-rc1) +CVE-2023-52846 [hsr: Prevent use after free in prp_create_tagged_frame()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/876f8ab52363f649bcc74072157dfd7adfbabc0d (6.7-rc1) +CVE-2023-52845 [tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/19b3f72a41a8751e26bffc093bb7e1cef29ad579 (6.7-rc1) +CVE-2023-52844 [media: vidtv: psi: Add check for kstrdup] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/76a2c5df6ca8bd8ada45e953b8c72b746f42918d (6.7-rc1) +CVE-2023-52843 [llc: verify mac len before reading mac header] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/7b3ba18703a63f6fd487183b9262b08e5632da1b (6.7-rc1) +CVE-2023-52842 [virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/34c4effacfc329aeca5635a69fd9e0f6c90b4101 (6.7-rc1) +CVE-2023-52841 [media: vidtv: mux: Add check and kfree for kstrdup] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1fd6eb12642e0c32692924ff359c07de4b781d78 (6.7-rc1) +CVE-2023-52840 [Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/eb988e46da2e4eae89f5337e047ce372fe33d5b1 (6.7-rc1) +CVE-2023-52839 [drivers: perf: Do not broadcast to other cpus when starting a counter] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/61e3d993c8bd3e80f8f1363ed5e04f88ab531b72 (6.7-rc1) +CVE-2023-52838 [fbdev: imsttfb: fix a resource leak in probe] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b (6.7-rc1) +CVE-2023-52837 [nbd: fix uaf in nbd_open] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/327462725b0f759f093788dfbcb2f1fd132f956b (6.7-rc1) +CVE-2023-52836 [locking/ww_mutex/test: Fix potential workqueue corruption] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/bccdd808902f8c677317cec47c306e42b93b849e (6.7-rc1) +CVE-2023-52835 [perf/core: Bail out early if the request AUX area is out of bound] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/54aee5f15b83437f23b2b2469bcf21bdd9823916 (6.7-rc1) +CVE-2023-52834 [atl1c: Work around the DMA RX overflow issue] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/86565682e9053e5deb128193ea9e88531bbae9cf (6.7-rc1) +CVE-2023-52833 [Bluetooth: btusb: Add date->evt_skb is NULL check] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/624820f7c8826dd010e8b1963303c145f99816e9 (6.7-rc1) +CVE-2023-52832 [wifi: mac80211: don't return unset power in ieee80211_get_tx_power()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/e160ab85166e77347d0cbe5149045cb25e83937f (6.7-rc1) +CVE-2023-52831 [cpu/hotplug: Don't offline the last non-isolated CPU] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/38685e2a0476127db766f81b1c06019ddc4c9ffa (6.7-rc1) +CVE-2023-52830 [Bluetooth: Fix double free in hci_conn_cleanup] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/a85fb91e3d728bdfc80833167e8162cce8bc7004 (6.7-rc1) +CVE-2023-52829 [wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/b302dce3d9edea5b93d1902a541684a967f3c63c (6.7-rc1) +CVE-2023-52828 [bpf: Detect IP == ksym.end as part of BPF program] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/66d9111f3517f85ef2af0337ece02683ce0faf21 (6.7-rc1) +CVE-2023-52827 [wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/1bc44a505a229bb1dd4957e11aa594edeea3690e (6.7-rc1) +CVE-2023-52826 [drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/f22def5970c423ea7f87d5247bd0ef91416b0658 (6.7-rc1) +CVE-2023-52825 [drm/amdkfd: Fix a race condition of vram buffer unref in svm code] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/709c348261618da7ed89d6c303e2ceb9e453ba74 (6.7-rc1) +CVE-2023-52824 [kernel: watch_queue: copy user-array safely] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/ca0776571d3163bd03b3e8c9e3da936abfaecbf6 (6.7-rc1) +CVE-2023-52823 [kernel: kexec: copy user-array safely] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/569c8d82f95eb5993c84fb61a649a9c4ddd208b3 (6.7-rc1) +CVE-2023-52822 [drm: vmwgfx_surface.c: copy user-array safely] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/06ab64a0d836ac430c5f94669710a78aa43942cb (6.7-rc1) +CVE-2023-52821 [drm/panel: fix a possible null pointer dereference] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/924e5814d1f84e6fa5cb19c6eceb69f066225229 (6.7-rc1) +CVE-2023-52820 [drm_lease.c: copy user-array safely] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/f37d63e219c39199a59b8b8a211412ff27192830 (6.7-rc1) +CVE-2023-52819 [drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/0f0e59075b5c22f1e871fbd508d6e4f495048356 (6.7-rc1) +CVE-2023-52818 [drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/760efbca74a405dc439a013a5efaa9fadc95a8c3 (6.7-rc1) +CVE-2023-52817 [drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad (6.7-rc1) +CVE-2023-52816 [drm/amdkfd: Fix shift out-of-bounds issue] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/282c1d793076c2edac6c3db51b7e8ed2b41d60a5 (6.7-rc1) +CVE-2023-52815 [drm/amdgpu/vkms: fix a possible null pointer dereference] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/cd90511557fdfb394bb4ac4c3b539b007383914c (6.7-rc1) +CVE-2023-52814 [drm/amdgpu: Fix potential null pointer derefernce] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/80285ae1ec8717b597b20de38866c29d84d321a1 (6.7-rc1) +CVE-2023-52813 [crypto: pcrypt - Fix hungtask for PADATA_RESET] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/8f4f68e788c3a7a696546291258bfa5fdb215523 (6.7-rc1) +CVE-2023-52812 [drm/amd: check num of link levels when update pcie param] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/406e8845356d18bdf3d3a23b347faf67706472ec (6.7-rc1) +CVE-2023-52811 [scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/b39f2d10b86d0af353ea339e5815820026bca48f (6.7-rc1) +CVE-2023-52810 [fs/jfs: Add check for negative db_l2nbperpage] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/525b861a008143048535011f3816d407940f4bfa (6.7-rc1) +CVE-2023-52809 [scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f (6.7-rc1) +CVE-2023-52808 [scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/6de426f9276c448e2db7238911c97fb157cb23be (6.7-rc1) +CVE-2023-52807 [net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/53aba458f23846112c0d44239580ff59bc5c36c3 (6.7-rc2) +CVE-2023-52806 [ALSA: hda: Fix possible null-ptr-deref when assigning a stream] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/f93dc90c2e8ed664985e366aa6459ac83cdab236 (6.7-rc1) +CVE-2023-52805 [jfs: fix array-index-out-of-bounds in diAlloc] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/05d9ea1ceb62a55af6727a69269a4fd310edf483 (6.7-rc1) +CVE-2023-52804 [fs/jfs: Add validity check for db_maxag and db_agpref] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/64933ab7b04881c6c18b21ff206c12278341c72e (6.7-rc1) +CVE-2023-52803 [SUNRPC: Fix RPC client cleaned up the freed pipefs dentries] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/bfca5fb4e97c46503ddfc582335917b0cc228264 (6.7-rc1) +CVE-2023-52802 [iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/3a23b384e7e3d64d5587ad10729a34d4f761517e (6.7-rc1) +CVE-2023-52801 [iommufd: Fix missing update of domains_itree after splitting iopt_area] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e7250ab7ca4998fe026f2149805b03e09dc32498 (6.7-rc1) +CVE-2023-52800 [wifi: ath11k: fix htt pktlog locking] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3f77c7d605b29df277d77e9ee75d96e7ad145d2d (6.7-rc1) +CVE-2023-52799 [jfs: fix array-index-out-of-bounds in dbFindLeaf] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/22cad8bc1d36547cdae0eef316c47d917ce3147c (6.7-rc1) +CVE-2023-52798 [wifi: ath11k: fix dfs radar event locking] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3b6c14833165f689cc5928574ebafe52bbce5f1e (6.7-rc1) +CVE-2023-52797 [drivers: perf: Check find_first_bit() return value] + - linux 6.6.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c6e316ac05532febb0c966fa9b55f5258ed037be (6.7-rc1) +CVE-2023-52796 [ipvlan: add ipvlan_route_v6_outbound() helper] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/18f039428c7df183b09c69ebf10ffd4e521035d2 (6.7-rc2) +CVE-2023-52795 [vhost-vdpa: fix use after free in vhost_vdpa_probe()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e07754e0a1ea2d63fb29574253d1fd7405607343 (6.7-rc2) +CVE-2023-52794 [thermal: intel: powerclamp: fix mismatch in get function for max_idle] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7 (6.7-rc1) +CVE-2023-52793 [samples/bpf: syscall_tp_user: Fix array out-of-bound access] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9220c3ef6fefbf18f24aeedb1142a642b3de0596 (6.7-rc1) +CVE-2023-52792 [cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0718588c7aaa7a1510b4de972370535b61dddd0d (6.7-rc1) +CVE-2023-52791 [i2c: core: Run atomic i2c xfer when !preemptible] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/aa49c90894d06e18a1ee7c095edbd2f37c232d02 (6.7-rc1) +CVE-2023-52790 [swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/53c87e846e335e3c18044c397cc35178163d7827 (6.7-rc1) +CVE-2023-52789 [tty: vcc: Add check for kstrdup() in vcc_probe()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/d81ffb87aaa75f842cd7aa57091810353755b3e6 (6.7-rc1) +CVE-2023-52788 [i915/perf: Fix NULL deref bugs with drm_dbg() calls] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/471aa951bf1206d3c10d0daa67005b8e4db4ff83 (6.7-rc1) +CVE-2023-52787 [blk-mq: make sure active queue usage is held for bio_integrity_prep()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.76-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b0077e269f6c152e807fdac90b58caf012cdbaab (6.7-rc2) +CVE-2023-52786 [ext4: fix racy may inline data check in dio write] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ce56d21355cd6f6937aca32f1f44ca749d1e4808 (6.7-rc1) +CVE-2023-52785 [scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/27900d7119c464b43cd9eac69c85884d17bae240 (6.7-rc2) +CVE-2023-52784 [bonding: stop the device in bond_setup_by_slave()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2 (6.7-rc2) +CVE-2023-52783 [net: wangxun: fix kernel panic due to null pointer] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8ba2c459668cfe2aaacc5ebcd35b4b9ef8643013 (6.7-rc3) +CVE-2023-52782 [net/mlx5e: Track xmit submission to PTP WQ after populating metadata map] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167 (6.7-rc2) +CVE-2023-52781 [usb: config: fix iteration issue in 'usb_get_bos_descriptor()'] + - linux 6.6.8-1 + [bookworm] - linux 6.1.66-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/974bba5c118f4c2baf00de0356e3e4f7928b4cbc (6.7-rc3) +CVE-2023-52780 [net: mvneta: fix calls to page_pool_get_stats] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ca8add922f9c7f6e2e3c71039da8e0dcc64b87ed (6.7-rc2) +CVE-2023-52779 [fs: Pass AT_GETATTR_NOSEC flag to getattr interface function] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf (6.7-rc3) +CVE-2023-52778 [mptcp: deal with large GSO size] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9fce92f050f448a0d1ddd9083ef967d9930f1e52 (6.7-rc2) +CVE-2023-52777 [wifi: ath11k: fix gtk offload status event locking] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1dea3c0720a146bd7193969f2847ccfed5be2221 (6.7-rc1) +CVE-2023-52776 [wifi: ath12k: fix dfs-radar and temperature event locking] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/69bd216e049349886405b1c87a55dce3d35d1ba7 (6.7-rc1) +CVE-2023-52775 [net/smc: avoid data corruption caused by decline] + - linux 6.6.8-1 + [bookworm] - linux 6.1.66-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563 (6.7-rc3) +CVE-2023-52774 [s390/dasd: protect device queue against concurrent access] + - linux 6.6.8-1 + [bookworm] - linux 6.1.66-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/db46cd1e0426f52999d50fa72cfa97fa39952885 (6.7-rc3) +CVE-2023-52773 [drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b71f4ade1b8900d30c661d6c27f87c35214c398c (6.7-rc2) +CVE-2023-52772 [af_unix: fix use-after-free in unix_stream_read_actor()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4b7b492615cf3017190f55444f7016812b66611d (6.7-rc2) +CVE-2023-52771 [cxl/port: Fix delete_endpoint() vs parent unregistration race] + - linux 6.6.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8d2ad999ca3c64cb08cf6a58d227b9d9e746d708 (6.7-rc1) +CVE-2023-52770 [f2fs: split initial and dynamic conditions for extent_cache] + - linux 6.6.8-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f803982190f0265fd36cf84670aa6daefc2b0768 (6.7-rc1) +CVE-2023-52769 [wifi: ath12k: fix htt mlo-offset event locking] + - linux 6.6.8-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6afc57ea315e0f660b1f870a681737bb7b71faef (6.7-rc1) +CVE-2023-52768 [wifi: wilc1000: use vmm_table as array in wilc struct] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/05ac1a198a63ad66bf5ae8b7321407c102d40ef3 (6.7-rc1) +CVE-2023-52767 [tls: fix NULL deref on tls_sw_splice_eof() with empty record] + - linux 6.6.8-1 + [bookworm] - linux 6.1.82-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/53f2cb491b500897a619ff6abd72f565933760f0 (6.7-rc3) +CVE-2023-52766 [i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/45a832f989e520095429589d5b01b0c65da9b574 (6.7-rc1) +CVE-2023-52765 [mfd: qcom-spmi-pmic: Fix revid implementation] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7b439aaa62fee474a0d84d67a25f4984467e7b95 (6.7-rc1) +CVE-2023-52764 [media: gspca: cpia1: shift-out-of-bounds in set_flicker] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/099be1822d1f095433f4b08af9cc9d6308ec1953 (6.7-rc1) +CVE-2023-52763 [i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/b53e9758a31c683fc8615df930262192ed5f034b (6.7-rc1) +CVE-2023-52762 [virtio-blk: fix implicit overflow on virtio_max_dma_size] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/fafb51a67fb883eb2dde352539df939a251851be (6.7-rc1) +CVE-2023-52761 [riscv: VMAP_STACK overflow detection thread-safe] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/be97d0db5f44c0674480cb79ac6f5b0529b84c76 (6.7-rc1) +CVE-2023-52760 [gfs2: Fix slab-use-after-free in gfs2_qd_dealloc] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/bdcb8aa434c6d36b5c215d02a9ef07551be25a37 (6.7-rc1) +CVE-2023-52759 [gfs2: ignore negated quota changes] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/4c6a08125f2249531ec01783a5f4317d7342add5 (6.7-rc1) +CVE-2023-52758 [i2c: dev: copy userspace array safely] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/cc9c54232f04aef3a5d7f64a0ece7df00f1aaa3d (6.7-rc1) +CVE-2023-52757 [smb: client: fix potential deadlock when releasing mids] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7 (6.7-rc1) +CVE-2023-52756 [pwm: Fix double shift bug] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/d27abbfd4888d79dd24baf50e774631046ac4732 (6.7-rc1) +CVE-2023-52755 [ksmbd: fix slab out of bounds write in smb_inherit_dacl()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/eebff19acaa35820cb09ce2ccb3d21bee2156ffb (6.7-rc1) +CVE-2023-52754 [media: imon: fix access to invalid resource for the second interface] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/a1766a4fd83befa0b34d932d532e7ebb7fab1fa7 (6.7-rc1) +CVE-2023-52753 [drm/amd/display: Avoid NULL dereference of timing generator] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + [buster] - linux 4.19.304-1 + NOTE: https://git.kernel.org/linus/b1904ed480cee3f9f4036ea0e36d139cb5fee2d6 (6.7-rc1) +CVE-2023-52752 [smb: client: fix use-after-free bug in cifs_debug_data_proc_show()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/d328c09ee9f15ee5a26431f5aad7c9239fa85e62 (6.7-rc1) +CVE-2023-52751 [smb: client: fix use-after-free in smb2_query_info_compound()] + - linux 6.6.8-1 + NOTE: https://git.kernel.org/linus/5c86919455c1edec99ebd3338ad213b59271a71b (6.7-rc1) +CVE-2023-52750 [arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/146a15b873353f8ac28dc281c139ff611a3c4848 (6.7-rc1) +CVE-2023-52749 [spi: Fix null dereference on suspend] + - linux 6.6.8-1 + [bookworm] - linux 6.1.66-1 + NOTE: https://git.kernel.org/linus/bef4a48f4ef798c4feddf045d49e53c8a97d5e37 (6.7-rc1) +CVE-2023-52748 [f2fs: avoid format-overflow warning] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + [bullseye] - linux 5.10.205-1 + NOTE: https://git.kernel.org/linus/e0d4e8acb3789c5a8651061fbab62ca24a45c063 (6.7-rc1) +CVE-2023-52747 [IB/hfi1: Restore allocated resources on failed copyout] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/6601fc0d15ffc20654e39486f9bef35567106d68 (6.2-rc8) +CVE-2023-52746 [xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b6ee896385380aa621102e8ea402ba12db1cabff (6.2-rc8) +CVE-2023-52745 [IB/IPoIB: Fix legacy IPoIB due to wrong number of queues] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/e632291a2dbce45a24cddeb5fe28fe71d724ba43 (6.2-rc8) +CVE-2023-52744 [RDMA/irdma: Fix potential NULL-ptr-dereference] + - linux 6.1.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5d9745cead1f121974322b94ceadfb4d1e67960e (6.2-rc8) +CVE-2023-52743 [ice: Do not use WQ_MEM_RECLAIM flag for workqueue] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/4d159f7884f78b1aacb99b4fc37d1e3cb1194e39 (6.2-rc8) +CVE-2023-52742 [net: USB: Fix wrong-direction WARNING in plusb.c] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/811d581194f7412eda97acc03d17fc77824b561f (6.2-rc8) +CVE-2023-52741 [cifs: Fix use-after-free in rdata->read_into_pages()] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/aa5465aeca3c66fecdf7efcf554aed79b4c4b211 (6.2-rc8) +CVE-2023-52740 [powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch] + - linux 6.1.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2ea31e2e62bbc4d11c411eeb36f1b02841dbcab1 (6.2-rc8) +CVE-2023-52739 [Fix page corruption caused by racy check in __free_pages] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/462a8e08e0e6287e5ce13187257edbf24213ed03 (6.2-rc8) +CVE-2023-52738 [drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini] + - linux 6.1.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5ad7bbf3dba5c4a684338df1f285080f2588b535 (6.2-rc8) +CVE-2023-52737 [btrfs: lock the inode in shared mode before starting fiemap] + - linux 6.1.15-1 + NOTE: https://git.kernel.org/linus/519b7e13b5ae8dd38da1e52275705343be6bb508 (6.2-rc8) +CVE-2023-52736 [ALSA: hda: Do not unset preset when cleaning up codec] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/87978e6ad45a16835cc58234451111091be3c59a (6.2-rc7) +CVE-2023-52735 [bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself] + - linux 6.1.15-1 + NOTE: https://git.kernel.org/linus/5b4a79ba65a1ab479903fff2e604865d229b70a9 (6.2-rc7) +CVE-2023-52734 [net: sched: sch: Bounds check priority] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/de5ca4c3852f896cacac2bf259597aab5e17d9e3 (6.2-rc7) +CVE-2023-52733 [s390/decompressor: specify __decompress() buf len to avoid overflow] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/7ab41c2c08a32132ba8c14624910e2fe8ce4ba4b (6.2-rc7) +CVE-2023-52732 [ceph: blocklist the kclient when receiving corrupted snap trace] + - linux 6.1.15-1 + NOTE: https://git.kernel.org/linus/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9 (6.2-rc7) +CVE-2023-52731 [fbdev: Fix invalid page access after closing deferred I/O devices] + - linux 6.1.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3efc61d95259956db25347e2a9562c3e54546e20 (6.2) +CVE-2023-52730 [mmc: sdio: fix possible resource leaks in some error paths] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/605d9fb9556f8f5fb4566f4df1480f280f308ded (6.2) +CVE-2023-52708 [mmc: mmc_spi: fix error handling in mmc_spi_probe()] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + NOTE: https://git.kernel.org/linus/cf4c9d2ac1e42c7d18b921bec39486896645b714 (6.2) +CVE-2023-52707 [sched/psi: Fix use-after-free in ep_remove_wait_queue()] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c2dbe32d5db5c4ead121cf86dabd5ab691fb47fe (6.2) +CVE-2023-52706 [gpio: sim: fix a memory leak] + - linux 6.1.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/79eeab1d85e0fee4c0bc36f3b6ddf3920f39f74b (6.2) +CVE-2023-52705 [nilfs2: fix underflow in second superblock position calculations] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/99b9402a36f0799f25feee4465bfa4b8dfa74b4d (6.2) +CVE-2023-52704 [freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL] + - linux 6.1.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d (6.2) +CVE-2023-52703 [net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/c68f345b7c425b38656e1791a0486769a8797016 (6.2) +CVE-2023-52702 [net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()] + - linux 6.1.15-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5 (6.2) +CVE-2023-52701 [net: use a bounce buffer for copying skb->mark] + - linux 6.1.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2558b8039d059342197610498c8749ad294adee5 (6.2) +CVE-2023-52700 [tipc: fix kernel warning when sending SYN message] + - linux 6.1.15-1 + NOTE: https://git.kernel.org/linus/11a4d6f67cf55883dc78e31c247d1903ed7feccc (6.2) +CVE-2022-48710 [drm/radeon: fix a possible null pointer dereference] + - linux 5.18.5-1 + [bullseye] - linux 5.10.127-1 + [buster] - linux 4.19.249-1 + NOTE: https://git.kernel.org/linus/a2b28708b645c5632dc93669ab06e97874c8244f (5.19-rc1) +CVE-2022-48709 [ice: switch: fix potential memleak in ice_add_adv_recipe()] + - linux 6.1.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4a606ce68426c88ff2563382b33cc34f3485fe57 (6.2-rc8) +CVE-2022-48708 [pinctrl: single: fix potential NULL dereference] + - linux 6.1.12-1 + [bullseye] - linux 5.10.178-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/d2d73e6d4822140445ad4a7b1c6091e0f5fe703b (6.2-rc8) +CVE-2022-48707 [cxl/region: Fix null pointer dereference for resetting decoder] + - linux 6.1.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4fa4302d6dc7de7e8e74dc7405611a2efb4bf54b (6.2-rc8) +CVE-2022-48706 [vdpa: ifcvf: Do proper cleanup if IFCVF init fails] + - linux 6.1.15-1 + NOTE: https://git.kernel.org/linus/6b04456e248761cf68f562f2fd7c04e591fcac94 (6.2-rc7) +CVE-2021-47432 [lib/generic-radix-tree.c: Don't overflow in peek()] + - linux 6.6.8-1 + [bookworm] - linux 6.1.64-1 + NOTE: https://git.kernel.org/linus/9492261ff2460252cf2d8de89cdf854c7e2b28a0 (6.7-rc1) +CVE-2021-47431 [drm/amdgpu: fix gart.bo pin_count leak] + - linux 5.14.16-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/66805763a97f8f7bdf742fc0851d85c02ed9411f (5.15-rc4) +CVE-2021-47430 [x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3958b9c34c2729597e182cc606cc43942fd19f7c (5.15-rc5) +CVE-2021-47429 [powerpc/64s: Fix unrecoverable MCE calling async handler from NMI] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f08fb25bc66986b0952724530a640d9970fa52c1 (5.15-rc5) +CVE-2021-47428 [powerpc/64s: fix program check interrupt emergency stack path] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3e607dc4df180b72a38e75030cb0f94d12808712 (5.15-rc5) +CVE-2021-47427 [scsi: iscsi: Fix iscsi_task use after free] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/258aad75c62146453d03028a44f2f1590d58e1f6 (5.15-rc5) +CVE-2021-47426 [bpf, s390: Fix potential memory leak about jit_data] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd (5.15-rc5) +CVE-2021-47425 [i2c: acpi: fix resource leak in reconfiguration device addition] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f (5.15-rc5) +CVE-2021-47424 [i40e: Fix freeing of uninitialized misc IRQ vector] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/2e5a20573a926302b233b0c2e1077f5debc7ab2e (5.15-rc5) +CVE-2021-47423 [drm/nouveau/debugfs: fix file release memory leak] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/f5a8703a9c418c6fc54eb772712dfe7641e3991c (5.15-rc5) +CVE-2021-47422 [drm/nouveau/kms/nv50-: fix file release memory leak] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (5.15-rc5) +CVE-2021-47421 [drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume] + - linux 5.14.12-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/248b061689a40f4fed05252ee2c89f87cf26d7d8 (5.15-rc5) +CVE-2021-47420 [drm/amdkfd: fix a potential ttm->sg memory leak] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b072ef1215aca33186e3a10109e872e528a9e516 (5.15-rc5) +CVE-2021-47419 [net/sched: sch_taprio: properly cancel timer from taprio_destroy()] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a56d447f196fa9973c568f54c0d76d5391c3b0c0 (5.15-rc5) +CVE-2021-47418 [net_sched: fix NULL deref in fifo_set_limit()] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/560ee196fe9e5037e5015e2cdb14b3aecb1cd7dc (5.15-rc5) +CVE-2021-47417 [libbpf: Fix memory leak in strset] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b0e875bac0fab3e7a7431c2eee36a8ccc0c712ac (5.15-rc5) +CVE-2021-47416 [phy: mdio: fix memory leak] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/ca6e11c337daf7925ff8a2aac8e84490a8691905 (5.15-rc5) +CVE-2021-47415 [iwlwifi: mvm: Fix possible NULL dereference] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/24d5f16e407b75bc59d5419b957a9cab423b2681 (5.15-rc5) +CVE-2021-47414 [riscv: Flush current cpu icache before other cpus] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/bb8958d5dc79acbd071397abb57b8756375fe1ce (5.15-rc5) +CVE-2021-47413 [usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8253a34bfae3278baca52fc1209b7c29270486ca (5.15-rc5) +CVE-2021-47412 [block: don't call rq_qos_ops->done_bio if the bio isn't tracked] + - linux 5.14.12-1 + NOTE: https://git.kernel.org/linus/a647a524a46736786c95cdb553a070322ca096e3 (5.15-rc3) +CVE-2021-47411 [io_uring: allow conditional reschedule for intensive iterators] + - linux 5.14.12-1 + NOTE: https://git.kernel.org/linus/8bab4c09f24ec8d4a7a78ab343620f89d3a24804 (5.15-rc3) +CVE-2021-47410 [drm/amdkfd: fix svm_migrate_fini warning] + - linux 5.14.12-1 + NOTE: https://git.kernel.org/linus/197ae17722e989942b36e33e044787877f158574 (5.15-rc3) +CVE-2021-47409 [usb: dwc2: check return value after calling platform_get_resource()] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/856e6e8e0f9300befa87dde09edb578555c99a82 (5.15-rc3) +CVE-2021-47408 [netfilter: conntrack: serialize hash resizes and cleanups] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/e9edc188fc76499b0b9bd60364084037f6d03773 (5.15-rc4) +CVE-2021-47407 [KVM: x86: Handle SRCU initialization failure during page track init] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/eb7511bf9182292ef1df1082d23039e856d1ddfb (5.15-rc4) +CVE-2021-47406 [ext4: add error checking to ext4_ext_replay_set_iblocks()] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1fd95c05d8f742abfe906620780aee4dbe1a2db0 (5.15-rc4) +CVE-2021-47405 [HID: usbhid: free raw_report buffers in usbhid_stop] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/f7744fa16b96da57187dc8e5634152d3b63d72de (5.15-rc1) +CVE-2021-47404 [HID: betop: fix slab-out-of-bounds Write in betop_probe] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/1e4ce418b1cb1a810256b5fb3fd33d22d1325993 (5.15-rc4) +CVE-2021-47403 [ipack: ipoctal: fix module reference leak] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/bb8a4fcb2136508224c596a7e665bdba1d7c3c27 (5.15-rc4) +CVE-2021-47402 [net: sched: flower: protect fl_walk() with rcu] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d5ef190693a7d76c5c192d108e8dec48307b46ee (5.15-rc4) +CVE-2021-47401 [ipack: ipoctal: fix stack information leak] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/a89936cce87d60766a75732a9e7e25c51164f47c (5.15-rc4) +CVE-2021-47400 [net: hns3: do not allow call hns3_nic_net_open repeatedly] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5b09e88e1bf7fe86540fab4b5f3eece8abead39e (5.15-rc4) +CVE-2021-47399 [ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/513e605d7a9ce136886cb42ebb2c40e9a6eb6333 (5.15-rc4) +CVE-2021-47398 [RDMA/hfi1: Fix kernel pointer leak] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7d5cfafe8b4006a75b55c2f1fdfdb363f9a5cc98 (5.15-rc4) +CVE-2021-47397 [sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/f7e745f8e94492a8ac0b0a26e25f2b19d342918f (5.15-rc4) +CVE-2021-47396 [mac80211-hwsim: fix late beacon hrtimer handling] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/313bbd1990b6ddfdaa7da098d0c56b098a833572 (5.15-rc4) +CVE-2021-47395 [mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/13cb6d826e0ac0d144b0d48191ff1a111d32f0c6 (5.15-rc4) +CVE-2021-47394 [netfilter: nf_tables: unlink table before deleting it] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a499b03bf36b0c2e3b958a381d828678ab0ffc5e (5.15-rc4) +CVE-2021-47393 [hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/e6fab7af6ba1bc77c78713a83876f60ca7a4a064 (5.15-rc4) +CVE-2021-47392 [RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ca465e1f1f9b38fe916a36f7d80c5d25f2337c81 (5.15-rc4) +CVE-2021-47391 [RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests] + - linux 5.14.12-1 + [bullseye] - linux 5.10.191-1 + NOTE: https://git.kernel.org/linus/305d568b72f17f674155a2a8275f865f207b3808 (5.15-rc4) +CVE-2021-47390 [KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2f9b68f57c6278c322793a06063181deded0ad69 (5.15-rc4) +CVE-2021-47389 [KVM: SVM: fix missing sev_decommission in sev_receive_start] + - linux 5.14.12-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f1815e0aa770f2127c5df31eb5c2f0e37b60fa77 (5.15-rc4) +CVE-2021-47388 [mac80211: fix use-after-free in CCMP/GCMP RX] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/94513069eb549737bcfc3d988d6ed4da948a2de8 (5.15-rc4) +CVE-2021-47387 [cpufreq: schedutil: Use kobject release() method to free sugov_tunables] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/e5c6b312ce3cc97e90ea159446e6bfa06645364d (5.15-rc1) +CVE-2021-47386 [hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/943c15ac1b84d378da26bba41c83c67e16499ac4 (5.15-rc4) +CVE-2021-47385 [hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/0f36b88173f028e372668ae040ab1a496834d278 (5.15-rc4) +CVE-2021-47384 [hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/dd4d747ef05addab887dc8ff0d6ab9860bbcd783 (5.15-rc4) +CVE-2021-47383 [tty: Fix out-of-bound vmalloc access in imageblit] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/3b0c406124719b625b1aba431659f5cdc24a982c (5.15-rc1) +CVE-2021-47382 [s390/qeth: fix deadlock during failing recovery] + - linux 5.14.12-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d2b59bd4b06d84a4eadb520b0f71c62fe8ec0a62 (5.15-rc3) +CVE-2021-47381 [ASoC: SOF: Fix DSP oops stack dump output contents] + - linux 5.14.12-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ac4dfccb96571ca03af7cac64b7a0b2952c97f3a (5.15-rc4) +CVE-2021-47380 [HID: amd_sfh: Fix potential NULL pointer dereference] + - linux 5.14.12-1 + NOTE: https://git.kernel.org/linus/d46ef750ed58cbeeba2d9a55c99231c30a172764 (5.15-rc4) +CVE-2021-47379 [blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + NOTE: https://git.kernel.org/linus/858560b27645e7e97aca37ee8f232cccd658fbd2 (5.15-rc2) +CVE-2021-47378 [nvme-rdma: destroy cm id before destroy qp to avoid use after free] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + NOTE: https://git.kernel.org/linus/9817d763dbe15327b9b3ff4404fa6f27f927e744 (5.15-rc2) +CVE-2021-47377 [xen/balloon: use a kernel thread instead a workqueue] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/8480ed9c2bbd56fc86524998e5f2e3e22f5038f6 (5.15-rc2) +CVE-2021-47376 [bpf: Add oversize check before call kvcalloc()] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + NOTE: https://git.kernel.org/linus/0e6491b559704da720f6da09dd0a52c4df44c514 (5.15-rc2) +CVE-2021-47375 [blktrace: Fix uaf in blk_trace access after removing by sysfs] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/5afedf670caf30a2b5a52da96eb7eac7dee6a9c9 (5.15-rc3) +CVE-2021-47374 [dma-debug: prevent an error message from causing runtime problems] + - linux 5.14.9-1 + NOTE: https://git.kernel.org/linus/510e1a724ab1bf38150be2c1acabb303f98d0047 (5.15-rc2) +CVE-2021-47373 [irqchip/gic-v3-its: Fix potential VPE leak on error] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/280bef512933b2dda01d681d8cbe499b98fc5bdd (5.15-rc3) +CVE-2021-47372 [net: macb: fix use after free on rmmod] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/d82d5303c4c539db86588ffb5dc5b26c3f1513e8 (5.15-rc2) +CVE-2021-47371 [nexthop: Fix memory leaks in nexthop notification chain listeners] + - linux 5.14.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3106a0847525befe3e22fc723909d1b21eb0d520 (5.15-rc3) +CVE-2021-47370 [mptcp: ensure tx skbs always have the MPTCP ext] + - linux 5.14.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/977d293e23b48a1129830d7968605f61c4af71a0 (5.15-rc3) +CVE-2021-47369 [s390/qeth: fix NULL deref in qeth_clear_working_pool_list()] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/248f064af222a1f97ee02c84a98013dfbccad386 (5.15-rc3) +CVE-2021-47368 [enetc: Fix illegal access when reading affinity_hint] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7237a494decfa17d0b9d0076e6cee3235719de90 (5.15-rc3) +CVE-2021-47367 [virtio-net: fix pages leaking when building skb in big mode] + - linux 5.14.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/afd92d82c9d715fb97565408755acad81573591a (5.15-rc3) +CVE-2021-47366 [afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server] + - linux 5.14.9-1 + NOTE: https://git.kernel.org/linus/b537a3c21775075395af475dcc6ef212fcf29db8 (5.15-rc3) +CVE-2021-47365 [afs: Fix page leak] + - linux 5.14.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/581b2027af0018944ba301d68e7af45c6d1128b5 (5.15-rc3) +CVE-2021-47364 [comedi: Fix memory leak in compat_insnlist()] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bb509a6ffed2c8b0950f637ab5779aa818ed1596 (5.15-rc3) +CVE-2021-47363 [nexthop: Fix division by zero while replacing a resilient group] + - linux 5.14.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/563f23b002534176f49524b5ca0e1d94d8906c40 (5.15-rc3) +CVE-2021-47362 [drm/amd/pm: Update intermediate power state for SI] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + NOTE: https://git.kernel.org/linus/ab39d3cef526ba09c4c6923b4cd7e6ec1c5d4faa (5.15-rc3) +CVE-2021-47361 [mcb: fix error handling in mcb_alloc_bus()] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/25a1433216489de4abc889910f744e952cb6dbae (5.15-rc3) +CVE-2021-47360 [binder: make sure fd closes complete] + - linux 5.14.9-1 + [bullseye] - linux 5.10.70-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5fdb55c1ac9585eb23bb2541d5819224429e103d (5.15-rc3) +CVE-2021-47359 [cifs: Fix soft lockup during fsstress] + - linux 5.14.9-1 + NOTE: https://git.kernel.org/linus/71826b068884050d5fdd37fda857ba1539c513d3 (5.15-rc3) +CVE-2020-36788 [drm/nouveau: avoid a use-after-free when BO init fails] + - linux 5.14.12-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bcf34aa5082ee2343574bc3f4d1c126030913e54 (5.15-rc5) CVE-2021-47220 [usb: dwc3: core: fix kernel panic when do reboot] - linux 5.10.46-1 [buster] - linux 4.19.208-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f81473bc0a59a0a211b62ea48e67691ac9da26a9 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f81473bc0a59a0a211b62ea48e67691ac9da26a9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
