Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a200b01 by security tracker role at 2024-05-24T20:12:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,359 +1,423 @@
-CVE-2023-52880 [tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc]
+CVE-2024-5318 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
+ TODO: check
+CVE-2024-5315 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1
and al ...)
+ TODO: check
+CVE-2024-5314 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1
and al ...)
+ TODO: check
+CVE-2024-5312 (PHP Server Monitor, version 3.2.0, is vulnerable to an XSS via
the /ph ...)
+ TODO: check
+CVE-2024-5310 (A vulnerability classified as problematic has been found in
JFinalCMS ...)
+ TODO: check
+CVE-2024-4455 (The YITH WooCommerce Ajax Search plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2024-4037 (The WP Photo Album Plus plugin for WordPress is vulnerable to
arbitrar ...)
+ TODO: check
+CVE-2024-36049 (Aptos Wisal payroll accounting before 7.1.6 uses hardcoded
credentials ...)
+ TODO: check
+CVE-2024-35618 (PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer
dereferen ...)
+ TODO: check
+CVE-2024-35595 (An arbitrary file upload vulnerability in the File Preview
function of ...)
+ TODO: check
+CVE-2024-35593 (An arbitrary file upload vulnerability in the File preview
function of ...)
+ TODO: check
+CVE-2024-35592 (An arbitrary file upload vulnerability in the Upload function
of Box-I ...)
+ TODO: check
+CVE-2024-35591 (An arbitrary file upload vulnerability in O2OA v8.3.8 allows
attackers ...)
+ TODO: check
+CVE-2024-35396 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a har ...)
+ TODO: check
+CVE-2024-35395 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a har ...)
+ TODO: check
+CVE-2024-35388 (TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to
contain a st ...)
+ TODO: check
+CVE-2024-35387 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to
contain a stac ...)
+ TODO: check
+CVE-2024-35340 (Tenda FH1206 V1.2.0.8(8155) was discovered to contain a
command inject ...)
+ TODO: check
+CVE-2024-35339 (Tenda FH1206 V1.2.0.8(8155) was discovered to contain a
command inject ...)
+ TODO: check
+CVE-2024-34995 (svnWebUI v1.8.3 was discovered to contain an arbitrary file
deletion v ...)
+ TODO: check
+CVE-2024-33809 (PingCAP TiDB v7.5.1 was discovered to contain a buffer
overflow vulner ...)
+ TODO: check
+CVE-2024-33471 (An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0
allows ...)
+ TODO: check
+CVE-2024-33470 (An issue in the SMTP Email Settings of AVTECH Room Alert 4E
v4.4.0 all ...)
+ TODO: check
+CVE-2024-33427 (Buffer Overflow vulnerability in Squid version before v.6.10
allows a ...)
+ TODO: check
+CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote
attacker t ...)
+ TODO: check
+CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.)
+ TODO: check
+CVE-2023-49575 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
+ TODO: check
+CVE-2023-49574 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
+ TODO: check
+CVE-2023-49573 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
+ TODO: check
+CVE-2023-49572 (A vulnerability has been discovered in VX Search Enterprise
affecting ...)
+ TODO: check
+CVE-2023-47710 (IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to
cross-site ...)
+ TODO: check
+CVE-2023-46442 (An infinite loop in the retrieveActiveBody function of Soot
before v4. ...)
+ TODO: check
+CVE-2023-52880 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 6.6.8-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.216-1
NOTE:
https://git.kernel.org/linus/67c37756898a5a6b2941a13ae7260c89b54e0d88 (6.6-rc1)
-CVE-2021-47572 [net: nexthop: fix null pointer dereference when IPv6 is not
enabled]
+CVE-2021-47572 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1c743127cc54b112b155f434756bd4b5fa565a99 (5.16-rc3)
-CVE-2021-47571 [staging: rtl8192e: Fix use after free in
_rtl92e_pci_disconnect()]
+CVE-2021-47571 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/b535917c51acc97fb0761b1edec85f1f3d02bda4 (5.16-rc3)
-CVE-2021-47570 [staging: r8188eu: fix a memory leak in rtw_wx_read32()]
+CVE-2021-47570 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a (5.16-rc3)
-CVE-2021-47569 [io_uring: fail cancellation for EXITING tasks]
+CVE-2021-47569 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/617a89484debcd4e7999796d693cf0b77d2519de (5.16-rc3)
-CVE-2021-47568 [ksmbd: fix memleak in get_file_stream_info()]
+CVE-2021-47568 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/178ca6f85aa3231094467691f5ea1ff2f398aa8d (5.16-rc3)
-CVE-2021-47567 [powerpc/32: Fix hardlockup on vmap stack overflow]
+CVE-2021-47567 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5bb60ea611db1e04814426ed4bd1c95d1487678e (5.16-rc3)
-CVE-2021-47566 [proc/vmcore: fix clearing user buffer by properly using
clear_user()]
+CVE-2021-47566 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/c1e63117711977cc4295b2ce73de29dd17066c82 (5.16-rc2)
-CVE-2021-47565 [scsi: mpt3sas: Fix kernel panic during drive powercycle test]
+CVE-2021-47565 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/0ee4ba13e09c9d9c1cb6abb59da8295d9952328b (5.16-rc3)
-CVE-2021-47564 [net: marvell: prestera: fix double free issue on err path]
+CVE-2021-47564 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e8d032507cb7912baf1d3e0af54516f823befefd (5.16-rc3)
-CVE-2021-47563 [ice: avoid bpf_prog refcount underflow]
+CVE-2021-47563 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f65ee535df775a13a1046c0a0b2d72db342f8a5b (5.16-rc3)
-CVE-2021-47562 [ice: fix vsi->txq_map sizing]
+CVE-2021-47562 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/792b2086584f25d84081a526beee80d103c2a913 (5.16-rc3)
-CVE-2021-47561 [i2c: virtio: disable timeout handling]
+CVE-2021-47561 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/84e1d0bf1d7121759622dabf8fbef4c99ad597c5 (5.16-rc3)
-CVE-2021-47560 [mlxsw: spectrum: Protect driver from buggy firmware]
+CVE-2021-47560 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/63b08b1f6834bbb0b4f7783bf63b80c8c8e9a047 (5.16-rc3)
-CVE-2021-47559 [net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()]
+CVE-2021-47559 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
NOTE:
https://git.kernel.org/linus/587acad41f1bc48e16f42bb2aca63bf323380be8 (5.16-rc3)
-CVE-2021-47558 [net: stmmac: Disable Tx queues when reconfiguring the
interface]
+CVE-2021-47558 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b270bfe697367776eca2e6759a71d700fb8d82a2 (5.16-rc3)
-CVE-2021-47557 [net/sched: sch_ets: don't peek at classes beyond 'nbands']
+CVE-2021-47557 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/de6d25924c2a8c2988c6a385990cafbe742061bf (5.16-rc3)
-CVE-2021-47556 [ethtool: ioctl: fix potential NULL deref in
ethtool_set_coalesce()]
+CVE-2021-47556 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0276af2176c78771da7f311621a25d7608045827 (5.16-rc3)
-CVE-2021-47555 [net: vlan: fix underflow for the real_dev refcnt]
+CVE-2021-47555 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/01d9cc2dea3fde3bad6d27f464eff463496e2b00 (5.16-rc3)
-CVE-2021-47554 [vdpa_sim: avoid putting an uninitialized iova_domain]
+CVE-2021-47554 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/bb93ce4b150dde79f58e34103cbd1fe829796649 (5.16-rc3)
-CVE-2021-47553 [sched/scs: Reset task stack state in bringup_cpu()]
+CVE-2021-47553 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dce1ca0525bfdc8a69a9343bc714fbc19a2f04b3 (5.16-rc3)
-CVE-2021-47552 [blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue
and disk_release()]
+CVE-2021-47552 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 5.15.15-1
NOTE:
https://git.kernel.org/linus/2a19b28f7929866e1cec92a3619f4de9f2d20005 (5.16-rc2)
-CVE-2021-47551 [drm/amd/amdkfd: Fix kernel panic when reset failed and been
triggered again]
+CVE-2021-47551 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
NOTE:
https://git.kernel.org/linus/2cf49e00d40d5132e3d067b5aa6d84791929ab15 (5.16-rc2)
-CVE-2021-47550 [drm/amd/amdgpu: fix potential memleak]
+CVE-2021-47550 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
NOTE:
https://git.kernel.org/linus/27dfaedc0d321b4ea4e10c53e4679d6911ab17aa (5.16-rc2)
-CVE-2021-47549 [sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl]
+CVE-2021-47549 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/6c8ad7e8cf29eb55836e7a0215f967746ab2b504 (5.16-rc4)
-CVE-2021-47548 [ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
overflow in hns_dsaf_ge_srst_by_port()]
+CVE-2021-47548 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/a66998e0fbf213d47d02813b9679426129d0d114 (5.16-rc2)
-CVE-2021-47547 [net: tulip: de4x5: fix the problem that the array 'lp->phy[8]'
may be out of bound]
+CVE-2021-47547 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/61217be886b5f7402843677e4be7e7e83de9cb41 (5.16-rc2)
-CVE-2021-47546 [ipv6: fix memory leak in fib6_rule_suppress]
+CVE-2021-47546 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cdef485217d30382f3bf6448c54b4401648fe3f1 (5.16-rc4)
-CVE-2021-47545 [perf hist: Fix memory leak of a perf_hpp_fmt]
+CVE-2021-47545 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/0ca1f534a776cc7d42f2c33da4732b74ec2790cd (5.16-rc2)
-CVE-2021-47544 [tcp: fix page frag corruption on page fault]
+CVE-2021-47544 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
NOTE:
https://git.kernel.org/linus/dacb5d8875cc6cd3a553363b4d6f06760fcbe70c (5.16-rc4)
-CVE-2021-47543 [perf report: Fix memory leaks around perf_tip()]
+CVE-2021-47543 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
NOTE:
https://git.kernel.org/linus/d9fc706108c15f8bc2d4ccccf8e50f74830fabd9 (5.16-rc2)
-CVE-2021-47542 [net: qlogic: qlcnic: Fix a NULL pointer dereference in
qlcnic_83xx_add_rings()]
+CVE-2021-47542 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572 (5.16-rc4)
-CVE-2021-47541 [net/mlx4_en: Fix an use-after-free bug in
mlx4_en_try_alloc_resources()]
+CVE-2021-47541 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/addad7643142f500080417dd7272f49b7a185570 (5.16-rc4)
-CVE-2021-47540 [mt76: mt7915: fix NULL pointer dereference in
mt7915_get_phy_mode]
+CVE-2021-47540 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6e53d6d26920d5221d3f4d4f5ffdd629ea69aa5c (5.16-rc4)
-CVE-2021-47539 [rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()]
+CVE-2021-47539 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ca77fba821351190777b236ce749d7c4d353102e (5.16-rc4)
-CVE-2021-47538 [rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()]
+CVE-2021-47538 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/beacff50edbd6c9659a6f15fc7f6126909fade29 (5.16-rc4)
-CVE-2021-47537 [octeontx2-af: Fix a memleak bug in rvu_mbox_init()]
+CVE-2021-47537 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e07a097b4986afb8f925d0bb32612e1d3e88ce15 (5.16-rc4)
-CVE-2021-47536 [net/smc: fix wrong list_del in smc_lgr_cleanup_early]
+CVE-2021-47536 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/789b6cc2a5f9123b9c549b886fdc47c865cfe0ba (5.16-rc4)
-CVE-2021-47535 [drm/msm/a6xx: Allocate enough space for GMU registers]
+CVE-2021-47535 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b4d25abf9720b69a03465b09d0d62d1998ed6708 (5.16-rc4)
-CVE-2021-47534 [drm/vc4: kms: Add missing drm_crtc_commit_put]
+CVE-2021-47534 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/049cfff8d53a30cae3349ff71a4c01b7d9981bc2 (5.16-rc4)
-CVE-2021-47533 [drm/vc4: kms: Clear the HVS FIFO commit pointer once done]
+CVE-2021-47533 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d134c5ff71c7f2320fc7997f2fbbdedf0c76889a (5.16-rc4)
-CVE-2021-47532 [drm/msm/devfreq: Fix OPP refcnt leak]
+CVE-2021-47532 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/59ba1b2b4825342676300f66d785764be3fcb093 (5.16-rc4)
-CVE-2021-47531 [drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP]
+CVE-2021-47531 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3466d9e217b337bf473ee629c608e53f9f3ab786 (5.16-rc4)
-CVE-2021-47530 [drm/msm: Fix wait_fence submitqueue leak]
+CVE-2021-47530 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ea0006d390a28012f8187717aea61498b2b341e5 (5.16-rc4)
-CVE-2021-47529 [iwlwifi: Fix memory leaks in error handling path]
+CVE-2021-47529 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a571bc28326d9f3e13f5f2d9cda2883e0631b0ce (5.16-rc4)
-CVE-2021-47528 [usb: cdnsp: Fix a NULL pointer dereference in
cdnsp_endpoint_init()]
+CVE-2021-47528 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/37307f7020ab38dde0892a578249bf63d00bca64 (5.16-rc4)
-CVE-2021-47527 [serial: core: fix transmit-buffer reset and memleak]
+CVE-2021-47527 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.84-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/00de977f9e0aa9760d9a79d1e41ff780f74e3424 (5.16-rc4)
-CVE-2021-47526 [serial: liteuart: Fix NULL pointer dereference in ->remove()]
+CVE-2021-47526 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0f55f89d98c8b3e12b4f55f71c127a173e29557c (5.16-rc4)
-CVE-2021-47525 [serial: liteuart: fix use-after-free and memleak on unbind]
+CVE-2021-47525 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/05f929b395dec8957b636ff14e66b277ed022ed9 (5.16-rc4)
-CVE-2021-47524 [serial: liteuart: fix minor-number leak on probe errors]
+CVE-2021-47524 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dd5e90b16cca8a697cbe17b72e2a5f49291cabb2 (5.16-rc4)
-CVE-2021-47523 [IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr]
+CVE-2021-47523 (In the Linux kernel, the following vulnerability has been
resolved: I ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
NOTE:
https://git.kernel.org/linus/60a8b5a1611b4a26de4839ab9c1fc2a9cf3e17c1 (5.16-rc5)
-CVE-2021-47522 [HID: bigbenff: prevent null pointer dereference]
+CVE-2021-47522 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
NOTE:
https://git.kernel.org/linus/918aa1ef104d286d16b9e7ef139a463ac7a296f0 (5.16-rc5)
-CVE-2021-47521 [can: sja1000: fix use after free in ems_pcmcia_add_card()]
+CVE-2021-47521 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45 (5.16-rc5)
-CVE-2021-47520 [can: pch_can: pch_can_rx_normal: fix use after free]
+CVE-2021-47520 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/94cddf1e9227a171b27292509d59691819c458db (5.16-rc5)
-CVE-2021-47519 [can: m_can: m_can_read_fifo: fix memory leak in error branch]
+CVE-2021-47519 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/31cb32a590d62b18f69a9a6d433f4e69c74fdd56 (5.16-rc5)
-CVE-2021-47518 [nfc: fix potential NULL pointer deref in
nfc_genl_dump_ses_done]
+CVE-2021-47518 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/4cd8371a234d051f9c9557fcbb1f8c523b1c0d10 (5.16-rc5)
-CVE-2021-47517 [ethtool: do not perform operations on net devices being
unregistered]
+CVE-2021-47517 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dde91ccfa25fd58f64c397d91b81a4b393100ffa (5.16-rc5)
-CVE-2021-47516 [nfp: Fix memory leak in nfp_cpp_area_cache_add()]
+CVE-2021-47516 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/c56c96303e9289cc34716b1179597b6f470833de (5.16-rc5)
-CVE-2021-47515 [seg6: fix the iif in the IPv6 socket control block]
+CVE-2021-47515 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/ae68d93354e5bf5191ee673982251864ea24dd5c (5.16-rc5)
-CVE-2021-47514 [devlink: fix netns refcount leak in devlink_nl_cmd_reload()]
+CVE-2021-47514 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4dbb0dad8e63fcd0b5a117c2861d2abe7ff5f186 (5.16-rc5)
-CVE-2021-47513 [net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering]
+CVE-2021-47513 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e8b1d7698038e76363859fb47ae0a262080646f5 (5.16-rc5)
-CVE-2021-47512 [net/sched: fq_pie: prevent dismantle issue]
+CVE-2021-47512 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/61c2402665f1e10c5742033fce18392e369931d7 (5.16-rc5)
-CVE-2021-47511 [ALSA: pcm: oss: Fix negative period/buffer sizes]
+CVE-2021-47511 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/9d2479c960875ca1239bcb899f386970c13d9cfe (5.16-rc5)
-CVE-2021-47510 [btrfs: fix re-dirty process of tree-log nodes]
+CVE-2021-47510 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/84c25448929942edacba905cecc0474e91114e7a (5.16-rc5)
-CVE-2021-47509 [ALSA: pcm: oss: Limit the period size to 16MB]
+CVE-2021-47509 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/8839c8c0f77ab8fc0463f4ab8b37fca3f70677c2 (5.16-rc5)
-CVE-2021-47508 [btrfs: free exchange changeset on failures]
+CVE-2021-47508 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 5.15.15-1
NOTE:
https://git.kernel.org/linus/da5e817d9d75422eaaa05490d0b9a5e328fc1a51 (5.16-rc5)
-CVE-2021-47507 [nfsd: Fix nsfd startup race (again)]
+CVE-2021-47507 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b10252c7ae9c9d7c90552f88b544a44ee773af64 (5.16-rc5)
-CVE-2021-47506 [nfsd: fix use-after-free due to delegation race]
+CVE-2021-47506 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/548ec0805c399c65ed66c6641be467f717833ab5 (5.16-rc5)
-CVE-2021-47505 [aio: fix use-after-free due to missing POLLFREE handling]
+CVE-2021-47505 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/50252e4b5e989ce64555c7aef7516bdefc2fea72 (5.16-rc5)
-CVE-2021-47504 [io_uring: ensure task_work gets run as part of cancelations]
+CVE-2021-47504 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
NOTE:
https://git.kernel.org/linus/78a780602075d8b00c98070fa26e389b3b3efa72 (5.16-rc5)
-CVE-2021-47503 [scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()]
+CVE-2021-47503 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/653926205741add87a6cf452e21950eebc6ac10b (5.16-rc5)
-CVE-2021-47502 [ASoC: codecs: wcd934x: handle channel mappping list correctly]
+CVE-2021-47502 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/23ba28616d3063bd4c4953598ed5e439ca891101 (5.16-rc5)
-CVE-2021-47501 [i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc]
+CVE-2021-47501 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
NOTE:
https://git.kernel.org/linus/23ec111bf3549aae37140330c31a16abfc172421 (5.16-rc5)
-CVE-2021-47500 [iio: mma8452: Fix trigger reference couting]
+CVE-2021-47500 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
NOTE:
https://git.kernel.org/linus/cd0082235783f814241a1c9483fb89e405f4f892 (5.16-rc5)
-CVE-2021-47499 [iio: accel: kxcjk-1013: Fix possible memory leak in probe and
remove]
+CVE-2021-47499 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 5.15.15-1
[bullseye] - linux 5.10.92-1
[buster] - linux 4.19.232-1
@@ -370,7 +434,7 @@ CVE-2024-4211
NOT-FOR-US: Jenkins plugin
CVE-2024-4691
NOT-FOR-US: Jenkins plugin
-CVE-2024-5273
+CVE-2024-5273 (Jenkins Report Info Plugin 1.2 and earlier does not perform
path valid ...)
NOT-FOR-US: Jenkins plugin
CVE-2024-5299 (D-Link D-View execMonitorScript Exposed Dangerous Method Remote
Code E ...)
NOT-FOR-US: D-Link
@@ -447,6 +511,7 @@ CVE-2024-0867 (The Email Log plugin for WordPress is
vulnerable to Unauthenticat
CVE-2023-7259 (** DISPUTED ** A vulnerability was found in zzdevelop lenosp up
to 202 ...)
NOT-FOR-US: zzdevelop lenosp
CVE-2024-5274
+ {DSA-5697-1}
- chromium 125.0.6422.112-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -23737,7 +23802,7 @@ CVE-2023-33923 (Missing Authorization vulnerability in
HashThemes Viral News, Ha
NOT-FOR-US: WordPress theme
CVE-2020-36826 (A vulnerability was found in AwesomestCode LiveBot. It has
been classi ...)
NOT-FOR-US: AwesomestCode LiveBot
-CVE-2020-36825 (A vulnerability has been found in cyberaz0r WebRAT up to
20191222 and ...)
+CVE-2020-36825 (** UNSUPPORTED WHEN ASSIGNED ** ** DISPUTED ** A vulnerability
has bee ...)
NOT-FOR-US: cyberaz0r WebRAT
CVE-2024-27281 (An issue was discovered in RDoc 6.3.3 through 6.6.2, as
distributed in ...)
{DSA-5677-1}
@@ -31930,17 +31995,17 @@ CVE-2023-44379 (baserCMS is a website development
framework. Prior to version 5.
CVE-2023-37540 (Sametime Connect desktop chat client includes, but does not
use or req ...)
NOT-FOR-US: Sametime Connect
CVE-2024-26141 (Rack is a modular Ruby web server interface. Carefully crafted
Range h ...)
- {DLA-3800-1}
+ {DSA-5698-1 DLA-3800-1}
- ruby-rack 2.2.7-1.1 (bug #1064516)
NOTE: https://github.com/rack/rack/releases/tag/v2.2.8.1
NOTE:
https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b
(v2.2.8.1)
CVE-2024-25126 (Rack is a modular Ruby web server interface. Carefully crafted
content ...)
- {DLA-3800-1}
+ {DSA-5698-1 DLA-3800-1}
- ruby-rack 2.2.7-1.1 (bug #1064516)
NOTE: https://github.com/rack/rack/releases/tag/v2.2.8.1
NOTE:
https://github.com/rack/rack/commit/d9c163a443b8cadf4711d84bd2c58cb9ef89cf49
(v2.2.8.1)
CVE-2024-26146 (Rack is a modular Ruby web server interface. Carefully crafted
headers ...)
- {DLA-3800-1}
+ {DSA-5698-1 DLA-3800-1}
- ruby-rack 2.2.7-1.1 (bug #1064516)
NOTE: https://github.com/rack/rack/releases/tag/v2.2.8.1
NOTE:
https://github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd
(v2.2.8.1)
@@ -52944,14 +53009,17 @@ CVE-2018-25092 (A vulnerability was found in
Vaerys-Dawn DiscordSailv2 up to 2.1
CVE-2017-20187 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
Magnesium ...)
NOT-FOR-US: Magnesium-PHP
CVE-2023-47260 (Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via
thumbnails ...)
+ {DSA-5699-1}
- redmine <unfixed> (bug #1055474)
NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
NOTE:
https://github.com/redmine/redmine/commit/15d0ea8c596f306131de2bd7edd1ae28ff122103
(5.0-stable)
CVE-2023-47259 (Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the
Textile ...)
+ {DSA-5699-1}
- redmine <unfixed> (bug #1055474)
NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
NOTE:
https://github.com/redmine/redmine/commit/ea4bf1eba4b680159a873aa468364826f4d13385
(5.0-stable)
CVE-2023-47258 (Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a
Markdown ...)
+ {DSA-5699-1}
- redmine <unfixed> (bug #1055474)
NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
NOTE:
https://github.com/redmine/redmine/commit/03bcf782463c9b84c6fe53b17cb1b781df6d8771
(5.0-stable)
@@ -81174,7 +81242,7 @@ CVE-2023-30396
RESERVED
CVE-2023-30395
RESERVED
-CVE-2023-30394 (Progress Ipswitch MoveIT 1.1.11 was discovered to contain a
cross-site ...)
+CVE-2023-30394 (The MoveIt framework 1.1.11 for ROS allows cross-site
scripting (XSS) ...)
NOT-FOR-US: MoveIT
CVE-2023-30393
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a200b0116fe2c42f8a8d0917ad5b4bb8b618945
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a200b0116fe2c42f8a8d0917ad5b4bb8b618945
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
