[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
17679485 by Salvatore Bonaccorso at 2024-07-17T09:43:58+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,12 @@
+CVE-2024-41010 [bpf: Fix too early release of tcx_entry]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1cb6f0bae50441f4b4b32a28315853b279c7404e (6.10)
+CVE-2024-41009 [bpf: Fix overrunning reservations in ringbuf]
+   - linux 6.9.8-1
+   [bookworm] - linux 6.1.98-1
+   NOTE: 
https://git.kernel.org/linus/cfa1a2329a691ffd991fcf7248a57d752e712881 (6.10-rc6)
 CVE-2024-6779
- chromium 126.0.6478.182-1
[bullseye] - chromium  (see #1061268)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17679485d0e913f752186dafd3a04f015b68cf60

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17679485d0e913f752186dafd3a04f015b68cf60
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2cce469a by Salvatore Bonaccorso at 2024-07-16T18:34:58+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,383 @@
+CVE-2023-52886 [USB: core: Fix race by not overwriting udev->descriptor in 
hub_port_init()]
+   - linux 6.5.3-1
+   [bookworm] - linux 6.1.55-1
+   [bullseye] - linux 5.10.197-1
+   NOTE: 
https://git.kernel.org/linus/ff33299ec8bb80cdcc073ad9c506bd79bb2ed20b (6.6-rc1)
+CVE-2022-48866 [HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts]
+   - linux 5.16.18-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fc3ef2e3297b3c0e2006b5d7b3d66965e3392036 (5.17-rc8)
+CVE-2022-48865 [tipc: fix kernel panic when enabling bearer]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/be4977b847f5d5cedb64d50eaaf2218c3a55a3a3 (5.17-rc8)
+CVE-2022-48864 [vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET 
command]
+   - linux 5.16.18-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ed0f849fc3a63ed2ddf5e72cdb1de3bdbbb0f8eb (5.17-rc8)
+CVE-2022-48863 [mISDN: Fix memory leak in dsp_pipeline_build()]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/c6a502c2299941c8326d029cfc8a3bc8a4607ad5 (5.17-rc8)
+CVE-2022-48862 [vhost: fix hung thread due to erroneous iotlb entries]
+   - linux 5.16.18-1
+   NOTE: 
https://git.kernel.org/linus/e2ae38cf3d91837a493cb2093c87700ff3cbe667 (5.17-rc8)
+CVE-2022-48861 [vdpa: fix use-after-free on vp_vdpa_remove]
+   - linux 5.16.18-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/eb057b44dbe35ae14527830236a92f51de8f9184 (5.17-rc8)
+CVE-2022-48860 [ethernet: Fix error handling in xemaclite_of_probe]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/b19ab4b38b06aae12442b2de95ccf58b5dc53584 (5.17-rc8)
+CVE-2022-48859 [net: marvell: prestera: Add missing of_node_put() in 
prestera_switch_set_base_mac_addr]
+   - linux 5.16.18-1
+   NOTE: 
https://git.kernel.org/linus/c9ffa3e2bc451816ce0295e40063514fabf2bd36 (5.17-rc8)
+CVE-2022-48858 [net/mlx5: Fix a race on command flush flow]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/063bd355595428750803d8736a9bb7c8db67d42d (5.17-rc8)
+CVE-2022-48857 [NFC: port100: fix use-after-free in port100_send_complete]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/f80cfe2f26581f188429c12bd937eb905ad3ac7b (5.17-rc8)
+CVE-2022-48856 [gianfar: ethtool: Fix refcount leak in gfar_get_ts_info]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/2ac5b58e645c66932438bb021cb5b52097ce70b0 (5.17-rc8)
+CVE-2022-48855 [sctp: fix kernel-infoleak for SCTP sockets]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/633593a808980f82d251d0ca89730d8bb8b0220c (5.17-rc8)
+CVE-2022-48854 [net: arc_emac: Fix use after free in arc_mdio_probe()]
+   - linux 5.16.18-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/bc0e610a6eb0d46e4123fafdbe5e6141d9fff3be (5.17-rc8)
+CVE-2022-48853 [swiotlb: fix info leak with DMA_FROM_DEVICE]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.113-1
+   NOTE: 
https://git.kernel.org/linus/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e (5.17-rc6)
+CVE-2022-48852 [drm/vc4: hdmi: Unregister codec device on unbind]
+   - linux 5.16.18-1
+   NOTE: 
https://git.kernel.org/linus/e40945ab7c7f966d0c37b7bd7b0596497dfe228d (5.17-rc6)
+CVE-2022-48851 [staging: gdm724x: fix use after free in gdm_lte_rx()]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/fc7f750dc9d102c1ed7bbe4591f991e770c99033 (5.17-rc8)
+CVE-2022-48850 [net-sysfs: add check for netdevice being present to speed_show]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.106-1
+   NOTE: 
https://git.kernel.org/linus/4224cfd7fb6523f7a9d1c8bb91bb5df1e38eb624 (5.17-rc6)
+CVE-2022-48849 [drm/amdgpu: bypass tiling flag check in virtual display case 
(v2)]
+   - linux 5.16.18-1
+   NOTE: 
https://git.kernel.org/linus/e2b993302f40c4eb714ecf896dd9e1c5be7d4cd7 (5.17-rc6)
+CVE-2022-48848 [tracing/osnoise: Do not unregister events twice]
+   - linux 5.16.18-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e11c052f by Salvatore Bonaccorso at 2024-07-12T21:13:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,456 @@
+CVE-2024-41006 [netrom: Fix a memory leak in nr_heartbeat_expiry()]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/0b9130247f3b6a1122478471ff0e014ea96bb735 (6.10-rc5)
+CVE-2024-41005 [netpoll: Fix race condition in netpoll_owner_active]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/c2e6a872bde9912f1a7579639c5ca3adf1003916 (6.10-rc1)
+CVE-2024-41004 [tracing: Build event generation tests only as modules]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/3572bd5689b0812b161b40279e39ca5b66d73e88 (6.10-rc5)
+CVE-2024-41003 [bpf: Fix reg_set_min_max corruption of fake_reg]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/92424801261d1564a0bb759da3cf3ccd69fdf5a2 (6.10-rc5)
+CVE-2024-41002 [crypto: hisilicon/sec - Fix memory leak for sec resource 
release]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/bba4250757b4ae1680fea435a358d8093f254094 (6.10-rc1)
+CVE-2024-41001 [io_uring/sqpoll: work around a potential audit memory leak]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae (6.10-rc1)
+CVE-2024-41000 [block/ioctl: prefer different overflow check]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9 (6.10-rc1)
+CVE-2024-40999 [net: ena: Add validation for completion descriptors 
consistency]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7 (6.10-rc1)
+CVE-2024-40998 [ext4: fix uninitialized ratelimit_state->lock access in 
__ext4_fill_super()]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/b4b4fda34e535756f9e774fb2d09c4537b7dfd1c (6.10-rc1)
+CVE-2024-40997 [cpufreq: amd-pstate: fix memory leak on CPU EPP exit]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/cea04f3d9aeebda9d9c063c0dfa71e739c322c81 (6.10-rc1)
+CVE-2024-40996 [bpf: Avoid splat in pskb_pull_reason]
+   - linux 6.9.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2bbe3e5a2f4ef69d13be54f1cf895b4658287080 (6.10-rc5)
+CVE-2024-40995 [net/sched: act_api: fix possible infinite loop in 
tcf_idr_check_alloc()]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/d864319871b05fadd153e0aede4811ca7008f5d6 (6.10-rc5)
+CVE-2024-40994 [ptp: fix integer overflow in max_vclocks_store]
+   - linux 6.9.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/81d23d2a24012e448f651e007fac2cfd20a45ce0 (6.10-rc5)
+CVE-2024-40993 [netfilter: ipset: Fix suspicious rcu_dereference_protected()]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/8ecd06277a7664f4ef018abae3abd3451d64e7a6 (6.10-rc5)
+CVE-2024-40992 [RDMA/rxe: Fix responder length checking for UD request packets]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f67ac0061c7614c1548963d3ef1ee1606efd8636 (6.10-rc5)
+CVE-2024-40991 [dmaengine: ti: k3-udma-glue: Fix 
of_k3_udma_glue_parse_chn_by_id()]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ba27e9d2207784da748b19170a2e56bd7770bd81 (6.10-rc5)
+CVE-2024-40990 [RDMA/mlx5: Add check for srq max_sge attribute]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/36ab7ada64caf08f10ee5a114d39964d1f91e81d (6.10-rc5)
+CVE-2024-40989 [KVM: arm64: Disassociate vcpus from redistributor region on 
teardown]
+   - linux 6.9.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8 (6.10-rc5)
+CVE-2024-40988 [drm/radeon: fix UBSAN warning in kv_dpm.c]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/a498df5421fd737d11bfd152428ba6b1c8538321 (6.10-rc5)
+CVE-2024-40987 [drm/amdgpu: fix UBSAN warning in kv_dpm.c]
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/f0d576f840153392d04b2d52cf3adab8f62e8cb6 (6.10-rc5)
+CVE-2024-40986 [dmaengine: xilinx: xdma: Fix data synchronisation in 
xdma_channel_isr()]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b7f3cea9 by Salvatore Bonaccorso at 2024-07-10T09:54:26+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,29 @@
+CVE-2024-39493 [crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak]
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/d3b17c6d9dddc2db3670bc9be628b122416a3d26 (6.10-rc1)
+CVE-2024-39492 [mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox 
shutdown]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/747a69a119c469121385543f21c2d08562968ccc (6.10-rc1)
+CVE-2024-39491 [ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance]
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d344873c4cbde249b7152d36a273bcc45864001e (6.10-rc1)
+CVE-2024-39490 [ipv6: sr: fix missing sk_buff release in seg6_input_core]
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/5447f9708d9e4c17a647b16a9cb29e9e02820bd9 (6.10-rc1)
+CVE-2024-39489 [ipv6: sr: fix memleak in seg6_hmac_init_algo]
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/efb9f4f19f8e37fde43dfecebc80292d179f56c6 (6.10-rc1)
+CVE-2024-39488 [arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY]
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f (6.10-rc1)
 CVE-2024-6598 (A denial-of-service attack is possible through the execution 
functiona ...)
NOT-FOR-US: KNIME Business Hub
 CVE-2024-6527 (SQL Injection vulnerability in parameter "w" in file "druk.php" 
in Meg ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f3cea9d6858d543b9ea388e9e51c8ed53404de

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f3cea9d6858d543b9ea388e9e51c8ed53404de
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ddc3e9d4 by Salvatore Bonaccorso at 2024-07-05T21:22:01+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -7,33 +7,62 @@ CVE-2024-39936 (An issue was discovered in HTTP2 in Qt before 
5.15.18, 6.x befor
 CVE-2024-39935 (jc21 NGINX Proxy Manager before 2.11.3 allows 
backend/internal/certifi ...)
TODO: check
 CVE-2024-39485 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9537a8425a7a0222999d5839a0b394b1e8834b4a (6.10-rc1)
 CVE-2024-39484 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/55c421b364482b61c4c45313a535e61ed5ae4ea3 (6.10-rc1)
 CVE-2024-39483 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
TODO: check
+   NOTE: 
https://git.kernel.org/linus/b4bd556467477420ee3a91fbcba73c579669edc6 (6.10-rc3)
 CVE-2024-39482 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/3a861560ccb35f2a4f0a4b8207fa7c2a35fc7f31 (6.10-rc1)
 CVE-2024-39481 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8a9d420149c477e7c97fbd6453704e4612bdd3fa (6.10-rc1)
 CVE-2024-39480 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/e9730744bf3af04cda23799029342aa3cddbc454 (6.10-rc1)
 CVE-2024-39479 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/5bc9de065b8bb9b8dd8799ecb4592d0403b54281 (6.10-rc1)
 CVE-2024-39478 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
-   TODO: check
+   - linux 6.9.7-1
+   NOTE: 
https://git.kernel.org/linus/d7f01649f4eaf1878472d3d3f480ae1e50d98f6c (6.10-rc1)
 CVE-2024-39477 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8daf9c702ee7f825f0de8600abff764acfedea13 (6.10-rc3)
 CVE-2024-39476 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/151f66bb618d1fd0eeb84acb61b4a9fa5d8bb0fa (6.10-rc1)
 CVE-2024-39475 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/6ad959b6703e2c4c5d7af03b4cfd5ff608036339 (6.10-rc1)
 CVE-2024-39474 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8e0545c83d672750632f46e3f9ad95c48c91a0fc (6.10-rc1)
 CVE-2024-39473 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
-   TODO: check
+   - linux 6.9.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8 (6.10-rc2)
 CVE-2024-39472 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
-   TODO: check
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/45cf976008ddef4a9c9a30310c9b4fb2a9a6602a (6.10-rc1)
 CVE-2024-34481 (drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via 
comments, cap ...)
TODO: check
 CVE-2024-6513



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddc3e9d48a0e574751e866771d449e48ed1dc8a1

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
18e03b8b by Salvatore Bonaccorso at 2024-06-25T17:49:56+02:00
Merge Linux CVEs from kernel-sec

Signed-off-by: Salvatore Bonaccorso car...@debian.org

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,121 @@
+CVE-2024-39471 [drm/amdgpu: add error handle to avoid out-of-bounds]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/8b2faf1a4f3b6c748c0da36cda865a226534d520 (6.10-rc1)
+CVE-2024-39470 [eventfs: Fix a possible null pointer dereference in 
eventfs_find_events()]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d4e9a968738bf66d3bb852dd5588d4c7afd6d7f4 (6.10-rc1)
+CVE-2024-39469 [nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O 
errors]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/7373a51e7998b508af7136530f3a997b286ce81c (6.10-rc3)
+CVE-2024-39468 [smb: client: fix deadlock in smb2_find_smb_tcon()]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/02c418774f76a0a36a6195c9dbf8971eb4130a15 (6.10-rc3)
+CVE-2024-39467 [f2fs: fix to do sanity check on i_xattr_nid in 
sanity_check_inode()]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/20faaf30e55522bba2b56d9c46689233205d7717 (6.10-rc1)
+CVE-2024-39466 [thermal/drivers/qcom/lmh: Check for SCM availability at probe]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d9d3490c48df572edefc0b64655259eefdcbb9be (6.10-rc1)
+CVE-2024-39465 [media: mgb4: Fix double debugfs remove]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/825fc49497957310e421454fe3fb8b8d8d8e2dd2 (6.10-rc3)
+CVE-2024-39464 [media: v4l: async: Fix notifier list entry init]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6d8acd02c4c6a8f917eefac1de2e035521ca119d (6.10-rc1)
+CVE-2024-39463 [9p: add missing locking around taking dentry fid list]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c898afdc15645efb555acb6d85b484eb40a45409 (6.10-rc2)
+CVE-2024-39462 [clk: bcm: dvp: Assign ->num before accessing ->hws]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9368cdf90f52a68120d039887ccff74ff33b (6.10-rc1)
+CVE-2024-39461 [clk: bcm: rpi: Assign ->num before accessing ->hws]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6dc445c1905096b2ed4db1a84570375b4e00cc0f (6.10-rc1)
+CVE-2024-39371 [io_uring: check for non-NULL file pointer in 
io_file_can_poll()]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5fc16fa5f13b3c06fdb959ef262050bd810416a2 (6.10-rc3)
+CVE-2024-39362 [i2c: acpi: Unbind mux adapters before delete]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/3f858bbf04dbac934ac279aaee05d49eb9910051 (6.10-rc1)
+CVE-2024-39301 [net/9p: fix uninit-value in p9_client_rpc()]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/25460d6f39024cc3b8241b14c7ccf0d6f11a736a (6.10-rc2)
+CVE-2024-39298 [mm/memory-failure: fix handling of dissolved but not taken off 
from buddy pages]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8cf360b9d6a840700e06864236a01a883b34bbad (6.10-rc1)
+CVE-2024-39296 [bonding: fix oops during rmmod]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1c99fcef by Salvatore Bonaccorso at 2024-06-24T16:46:00+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,74 @@
+CVE-2024-39292 [um: Add winch to winch_handlers before registering winch IRQ]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/a0fbbd36c156b9f7b2276871d499c9943dfe5101 (6.10-rc1)
+CVE-2024-39291 [drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ 
cp_compute_microcode() and rlc_microcode()]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/acce6479e30f73ab0872e93a75aed1fb791d04ec (6.10-rc1)
+CVE-2024-38667 [riscv: prevent pt_regs corruption for secondary idle threads]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a638b0461b58aa3205cd9d5f14d6f703d795b4af (6.10-rc2)
+CVE-2024-38664 [drm: zynqmp_dpsub: Always register bridge]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/be3f3042391d061cfca2bd22630e0d101acea5fc (6.10-rc1)
+CVE-2024-38663 [blk-cgroup: fix list corruption from resetting io stat]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6da6680632792709cecf2b006f2fe3ca7857e791 (6.10-rc1)
+CVE-2024-38384 [blk-cgroup: fix list corruption from reorder of WRITE 
->lqueued]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d0aac2363549e12cc79b8e285f13d5a9f42fd08e (6.10-rc1)
+CVE-2024-37026 [drm/xe: Only use reserved BCS instances for usm migrate exec 
queue]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c8ea2c31f5ea437199b239d76ad5db27343edb0c (6.10-rc2)
+CVE-2024-37021 [fpga: manager: add owner module and take its refcount]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/4d4d2d4346857bf778fafaa97d6f76bb1663e3c9 (6.10-rc1)
+CVE-2024-36479 [fpga: bridge: add owner module and take its refcount]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/1da11f822042eb6ef4b6064dc048f157a7852529 (6.10-rc1)
+CVE-2024-35247 [fpga: region: add owner module and take its refcount]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   NOTE: 
https://git.kernel.org/linus/b7c0e1ecee403a43abc89eb3e75672b01ff2ece9 (6.10-rc1)
+CVE-2024-34030 [PCI: of_property: Return error for int_map allocation failure]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e6f7d27df5d208b50cae817a91d128fb434bb12c (6.10-rc1)
+CVE-2024-34027 [f2fs: compress: fix to cover 
{reserve,release}_compress_blocks() w/ cp_rwsem lock]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0a4ed2d97cb6d044196cc3e726b6699222b41019 (6.10-rc1)
+CVE-2024-33847 [f2fs: compress: don't allow unaligned truncation on released 
compress inode]
+   - linux 
+   [bookworm] - linux 6.1.94-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee (6.10-rc1)
+CVE-2024-32936 [media: ti: j721e-csi2rx: Fix races while restarting DMA]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ad79c9ecea5baa7b4f19677e4b1c881ed89b0c3b (6.10-rc1)
 CVE-2024-6280 (A vulnerability was found in SourceCodester Simple Online 
Bidding Syst ...)
NOT-FOR-US: SourceCodester Simple Online Bidding System
 CVE-2024-6279 (A vulnerability was found in lahirudanushka School Management 
System 1 ...)



View it on GitLab: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a020d079 by Salvatore Bonaccorso at 2024-06-21T21:16:54+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,173 @@
+CVE-2024-39277 [dma-mapping: benchmark: handle NUMA_NO_NODE correctly]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e64746e74f717961250a155e14c156616fcd981f (6.10-rc2)
+CVE-2024-38780 [dma-buf/sw-sync: don't enable IRQ from sync_print_obj()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/b794918961516f667b0c745aebdfebbb8a98df39 (6.10-rc2)
+CVE-2024-38662 [bpf: Allow delete from sockmap/sockhash only if update is 
allowed]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d (6.10-rc2)
+CVE-2024-38659 [enic: Validate length of nl attributes in enic_set_vf_port]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/e8021b94b0412c37bcc79027c2e382086b6ce449 (6.10-rc2)
+CVE-2024-38637 [greybus: lights: check return of get_channel_from_mode]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/a1ba19a1ae7cd1e324685ded4ab563e78fe68648 (6.10-rc1)
+CVE-2024-38636 [f2fs: multidev: fix to recognize valid zero block address]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5 (6.10-rc1)
+CVE-2024-38635 [soundwire: cadence: fix invalid PDI offset]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/8ee1b439b1540ae543149b15a2a61b9dff937d91 (6.10-rc1)
+CVE-2024-38634 [serial: max3100: Lock port->lock when calling 
uart_handle_cts_change()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/77ab53371a2066fdf9b895246505f5ef5a4b5d47 (6.10-rc1)
+CVE-2024-38633 [serial: max3100: Update uart_driver_registered on driver 
removal]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec (6.10-rc1)
+CVE-2024-38632 [vfio/pci: fix potential memory leak in vfio_intx_enable()]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2 (6.10-rc1)
+CVE-2024-38631 [iio: adc: PAC1934: fix accessing out of bounds array index]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33 (6.10-rc1)
+CVE-2024-38630 [watchdog: cpu5wdt.c: Fix use-after-free bug caused by 
cpu5wdt_trigger]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/573601521277119f2e2ba5f28ae6e87fc594f4d4 (6.10-rc1)
+CVE-2024-38629 [dmaengine: idxd: Avoid unnecessary destruction of file_ida]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/76e43fa6a456787bad31b8d0daeabda27351a480 (6.10-rc1)
+CVE-2024-38628 [usb: gadget: u_audio: Fix race condition use of controls after 
free during gadget unbind.]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1b739388aa3f8dfb63a9fca777e6dfa6912d0464 (6.10-rc1)
+CVE-2024-38627 [stm class: Fix a double free in stm_register_device()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/3df463865ba42b8f88a590326f4c9ea17a1ce459 (6.10-rc1)
+CVE-2024-38626 [fuse: clear FR_SENT when re-adding requests into pending list]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/246014876d782bbf2e652267482cd2e799fb5fcd (6.10-rc1)
+CVE-2024-38625 [fs/ntfs3: Check 'folio' pointer for NULL]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1cd6c96219c429ebcfa8e79a865277376c563803 (6.10-rc1)
+CVE-2024-38624 [fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e931f6b630ffb22d66caab202a52aa8cbb10c649 (6.10-rc1)
+CVE-2024-38623 [fs/ntfs3: Use variable length array instead of fixed size]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a9b4fc5d by Salvatore Bonaccorso at 2024-06-20T15:40:18+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,314 @@
+CVE-2023-52883 [drm/amdgpu: Fix possible null pointer dereference]
+   - linux 6.5.10-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/51b79f33817544e3b4df838d86e8e8e4388ff684 (6.6-rc7)
+CVE-2022-48771 [drm/vmwgfx: Fix stale file descriptors on failed usercopy]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/a0f90c8815706981c483a652a6aefca51a5e191c (5.17-rc2)
+CVE-2022-48770 [bpf: Guard against accessing NULL pt_regs in 
bpf_get_task_stack()]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b992f01e66150fc5e90be4a96f5eb8e634c8249e (5.17-rc2)
+CVE-2022-48769 [efi: runtime: avoid EFIv2 runtime services on Apple x86 
machines]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   NOTE: 
https://git.kernel.org/linus/f5390cd0b43c2e54c7cf5506c7da4a37c5cef746 (5.17-rc2)
+CVE-2022-48768 [tracing/histogram: Fix a potential memory leak for kstrdup()]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e629e7b525a179e29d53463d992bdee759c950fb (5.17-rc2)
+CVE-2022-48767 [ceph: properly put ceph_string reference after async create 
attempt]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/932a9b5870d38b87ba0a9923c804b1af7d3605b9 (5.17-rc2)
+CVE-2022-48766 [drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.]
+   - linux 5.16.7-1
+   NOTE: 
https://git.kernel.org/linus/25f1488bdbba63415239ff301fe61a8546140d9f (5.17-rc2)
+CVE-2022-48765 [KVM: LAPIC: Also cancel preemption timer during SET_LAPIC]
+   - linux 5.16.7-1
+   NOTE: 
https://git.kernel.org/linus/35fe7cfbab2e81f1afb23fc4212210b1de6d9633 (5.17-rc2)
+CVE-2022-48764 [KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN 
KVM_SET_CPUID{,2}]
+   - linux 5.16.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/811f95ff95270e6048197821434d9301e3d7f07c (5.17-rc2)
+CVE-2022-48763 [KVM: x86: Forcibly leave nested virt when SMM state is toggled]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   NOTE: 
https://git.kernel.org/linus/f7e570780efc5cec9b2ed1e0472a7da14e864fdb (5.17-rc2)
+CVE-2022-48762 [arm64: extable: fix load_unaligned_zeropad() reg indices]
+   - linux 5.16.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3758a6c74e08bdc15d6872a6ad37d165239a (5.17-rc2)
+CVE-2022-48761 [usb: xhci-plat: fix crash when suspend if remote wake enable]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   NOTE: 
https://git.kernel.org/linus/9df478463d9feb90dae24f183383961cf123a0ec (5.17-rc2)
+CVE-2022-48760 [USB: core: Fix hang in usb_kill_urb by adding memory barriers]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/26fbe9772b8c459687930511444ce443011f86bf (5.17-rc2)
+CVE-2022-48759 [rpmsg: char: Fix race between the release of rpmsg_ctrldev and 
cdev]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/b7fb2dad571d1e21173c06cef0bced77b323990a (5.17-rc2)
+CVE-2022-48758 [scsi: bnx2fc: Flush destroy_work queue before calling 
bnx2fc_interface_put()]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/847f9ea4c5186fdb7b84297e3eeed9e340e83fce (5.17-rc2)
+CVE-2022-48757 [net: fix information leakage in /proc/net/ptype]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/47934e06b65637c88a762d9c98329ae6e323 (5.17-rc2)
+CVE-2022-48756 [drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable]
+   - linux 5.16.7-1
+   [bullseye] - linux 5.10.103-1
+   [buster] - linux 4.19.232-1
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2d753ae0 by Salvatore Bonaccorso at 2024-06-19T19:16:58+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,212 @@
+CVE-2021-47616 [RDMA: Fix use-after-free in rxe_queue_cleanup]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/84b01721e8042cdd1e8ffeb648844a09cd4213e0 (5.16-rc5)
+CVE-2021-47615 [RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f0ae4afe3d35e67db042c58a52909e06262b740f (5.16-rc5)
+CVE-2021-47614 [RDMA/irdma: Fix a user-after-free in add_pble_prm]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1e11a39a82e95ce86f849f40dda0d9c0498cebd9 (5.16-rc5)
+CVE-2021-47613 [i2c: virtio: fix completion handling]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b503de239f62eca898cfb7e820d9a35499137d22 (5.16-rc5)
+CVE-2021-47612 [nfc: fix segfault in nfc_genl_dump_devices_done]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/fd79a0cbf0b2e34bcc45b13acf962e2032a82203 (5.16-rc5)
+CVE-2021-47611 [mac80211: validate extended element ID is present]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/768c0b19b50665e337c96858aa2b7928d6dcf756 (5.16-rc6)
+CVE-2021-47610 [drm/msm: Fix null ptr access msm_ioctl_gem_submit()]
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/26d776fd0f79f093a5d0ce1a4c7c7a992bc3264c (5.16-rc4)
+CVE-2021-47609 [firmware: arm_scpi: Fix string overflow in SCPI genpd driver]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/865ed67ab955428b9aa771d8b4f1e4fb7fd08945 (5.16-rc6)
+CVE-2021-47608 [bpf: Fix kernel address leakage in atomic fetch]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/7d3baf0afa3aa9102d6a521a8e4c41888bb79882 (5.16-rc6)
+CVE-2021-47607 [bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a82fe085f344ef20b452cd5f481010ff96b5c4cd (5.16-rc6)
+CVE-2021-47606 [net: netlink: af_netlink: Prevent empty skb by adding a check 
on len.]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/f123cffdd8fe8ea6c7fded4b88516a42798797d0 (5.16-rc4)
+CVE-2021-47605 [vduse: fix memory corruption in vduse_dev_ioctl()]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ff9f9c6e74848170fcb45c8403c80d661484c8c9 (5.16-rc6)
+CVE-2021-47604 [vduse: check that offset is within bounds in get_config()]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/dc1db0060c02d119fd4196924eff2d1129e9a442 (5.16-rc6)
+CVE-2021-47603 [audit: improve robustness of the audit queue handling]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/f4b3ee3c85551d2d343a3ba159304066523f730f (5.16-rc6)
+CVE-2021-47602 [mac80211: track only QoS data frames for admission control]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/d5e568c3a4ec2ddd23e7dc5ad5b0c64e4f22981a (5.16-rc6)
+CVE-2021-47601 [tee: amdtee: fix an IS_ERR() vs NULL bug]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9d7482771fac8d8e38e763263f2ca0ca12dd22c6 (5.16-rc6)
+CVE-2021-47600 [dm btree remove: fix use after free in rebalance_children()]
+   - linux 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
32bd762d by Salvatore Bonaccorso at 2024-06-19T16:33:07+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,338 @@
+CVE-2024-38618 [ALSA: timer: Set lower bound of start tick time]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/4a63bd179fa8d3fcc44a0d9d71d941ddd62f0c4e (6.10-rc1)
+CVE-2024-38617 [kunit/fortify: Fix mismatched kvalloc()/vfree() usage]
+   - linux 6.8.12-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/998b18072ceb0613629c256b409f4d299829c7ec (6.10-rc1)
+CVE-2024-38616 [wifi: carl9170: re-fix fortified-memset warning]
+   - linux 6.8.12-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/066afafc10c9476ee36c47c9062527a17e763901 (6.10-rc1)
+CVE-2024-38615 [cpufreq: exit() callback is optional]
+   - linux 6.8.12-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b8f85833c05730d631576008daaa34096bc7f3ce (6.10-rc1)
+CVE-2024-38614 [openrisc: traps: Don't send signals to kernel mode threads]
+   - linux 6.8.12-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c88cfb5cea5f8f9868ef02cc9ce9183a26dcf20f (6.10-rc1)
+CVE-2024-38613 [m68k: Fix spinlock race in kernel thread creation]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/da89ce46f02470ef08f0f580755d14d547da59ed (6.10-rc1)
+CVE-2024-38612 [ipv6: sr: fix invalid unregister error path]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/160e9d2752181fcf18c662e74022d77d3164cd45 (6.10-rc1)
+CVE-2024-38611 [media: i2c: et8ek8: Don't strip remove function when driver is 
builtin]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/545b215736c5c4b354e182d99c578a472ac9bfce (6.10-rc1)
+CVE-2024-38610 [drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()]
+   - linux 6.8.12-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3d6586008f7b638f91f3332602592caa8b00b559 (6.10-rc1)
+CVE-2024-38609 [wifi: mt76: connac: check for null before dereferencing]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cb47c7be0e93dd5acda078163799401ac3a78e10 (6.10-rc1)
+CVE-2024-38608 [net/mlx5e: Fix netif state handling]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/3d5918477f94e4c2f064567875c475468e264644 (6.10-rc1)
+CVE-2024-38607 [macintosh/via-macii: Fix "BUG: sleeping function called from 
invalid context"]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/d301a71c76ee4c384b4e03cdc320a55f5cf1df05 (6.10-rc1)
+CVE-2024-38606 [crypto: qat - validate slices count returned by FW]
+   - linux 6.8.12-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/483fd65ce29317044d1d00757e3fd23503b6b04c (6.10-rc1)
+CVE-2024-38605 [ALSA: core: Fix NULL module pointer assignment at card init]
+   - linux 6.8.12-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/39381fe7394e5eafac76e7e9367e7351138a29c1 (6.10-rc1)
+CVE-2024-38604 [block: refine the EOF check in blkdev_iomap_begin]
+   - linux 6.8.12-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0c12028aec837f5a002009bbf68d179d506510e8 (6.10-rc1)
+CVE-2024-38603 [drivers/perf: hisi: hns3: Actually use 
devm_add_action_or_reset()]
+   - linux 6.8.12-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/582c1aeee0a9e73010cf1c4cef338709860deeb0 (6.10-rc1)
+CVE-2024-38602 [ax25: Fix reference count leak issues of ax25_dev]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/b505e0319852b08a3a716b64620168eab21f4ced (6.10-rc1)
+CVE-2024-38601 [ring-buffer: Fix a race between readers and resize checks]
+   - linux 6.8.12-1
+   NOTE: 
https://git.kernel.org/linus/c2274b908db05529980ec056359fae916939fdaa (6.10-rc1)

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c90160b8 by Salvatore Bonaccorso at 2024-06-08T21:11:02+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,25 @@
+CVE-2024-36970 [wifi: iwlwifi: Use request_module_nowait]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3d913719df14c28c4d3819e7e6d150760222bda4 (6.10-rc1)
+CVE-2024-36969 [drm/amd/display: Fix division by zero in setup_dsc_config]
+   - linux 6.8.11-1
+   NOTE: 
https://git.kernel.org/linus/130afc8a886183a94cf6eab7d24f300014ff87ba (6.10-rc1)
+CVE-2024-36968 [Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()]
+   - linux 6.8.11-1
+   NOTE: 
https://git.kernel.org/linus/a5b862c6a221459d54e494e88965b48dcfa6cc44 (6.10-rc1)
+CVE-2024-36967 [KEYS: trusted: Fix memory leak in tpm2_key_encode()]
+   - linux 6.8.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ffcaa2172cc1a85ddb8b783de96d38ca8855e248 (6.10-rc1)
+CVE-2024-36966 [erofs: reliably distinguish block based and fscache mode]
+   - linux 6.8.11-1
+   NOTE: 
https://git.kernel.org/linus/7af2ae1b1531feab5d38ec9c8f472dc6cceb4606 (6.9-rc7)
+CVE-2024-36965 [remoteproc: mediatek: Make sure IPI buffer fits in L2TCM]
+   - linux 6.8.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/331f91d86f71d0bb89a44217cc0b2a22810bbd42 (6.10-rc1)
 CVE-2024-5742
- nano 8.0-1
[bookworm] - nano  (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90160b85bb006d3d69a2378d8e18b13782d8633

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90160b85bb006d3d69a2378d8e18b13782d8633
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
75ef2a52 by Salvatore Bonaccorso at 2024-06-03T10:25:40+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -7,15 +7,30 @@ CVE-2024-5311 (DigiWin EasyFlow .NET lacks validation for 
certain input paramete
 CVE-2024-37031 (The Active Admin (aka activeadmin) framework before 3.2.2 for 
Ruby on  ...)
TODO: check
 CVE-2024-36964 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
-   TODO: check
+   - linux 6.8.11-1
+   [bullseye] - linux 5.10.218-1
+   NOTE: 
https://git.kernel.org/linus/cd25e15e57e68a6b18dc9323047fe9c68b99290b (6.9-rc5)
 CVE-2024-36963 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
-   TODO: check
+   - linux 6.8.11-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/baa23a8d4360d981a49913841a726edede5cdd54 (6.9-rc7)
 CVE-2024-36962 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.8.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e0863634bf9f7cf36291ebb5bfa2d16632f79c49 (6.9)
 CVE-2024-36961 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
-   TODO: check
+   - linux 6.8.11-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c7f7c37271787a7f77d7eedc132b0b419a76b4c8 (6.9-rc7)
 CVE-2024-36960 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
+   - linux 6.8.11-1
+   [bullseye] - linux 5.10.218-1
+   NOTE: 
https://git.kernel.org/linus/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c (6.9-rc7)
 CVE-2024-36042 (Silverpeas before 6.3.5 allows authentication bypass by 
omitting the P ...)
TODO: check
 CVE-2024-35643 (Cross Site Scripting (XSS) vulnerability in Xabier Miranda WP 
Back But ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ef2a52f9e55850c50803a77492f171c101c70e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ef2a52f9e55850c50803a77492f171c101c70e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c8b2075c by Salvatore Bonaccorso at 2024-05-24T17:33:15+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,358 @@
+CVE-2021-47572 [net: nexthop: fix null pointer dereference when IPv6 is not 
enabled]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1c743127cc54b112b155f434756bd4b5fa565a99 (5.16-rc3)
+CVE-2021-47571 [staging: rtl8192e: Fix use after free in 
_rtl92e_pci_disconnect()]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/b535917c51acc97fb0761b1edec85f1f3d02bda4 (5.16-rc3)
+CVE-2021-47570 [staging: r8188eu: fix a memory leak in rtw_wx_read32()]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a (5.16-rc3)
+CVE-2021-47569 [io_uring: fail cancellation for EXITING tasks]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/617a89484debcd4e7999796d693cf0b77d2519de (5.16-rc3)
+CVE-2021-47568 [ksmbd: fix memleak in get_file_stream_info()]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/178ca6f85aa3231094467691f5ea1ff2f398aa8d (5.16-rc3)
+CVE-2021-47567 [powerpc/32: Fix hardlockup on vmap stack overflow]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5bb60ea611db1e04814426ed4bd1c95d1487678e (5.16-rc3)
+CVE-2021-47566 [proc/vmcore: fix clearing user buffer by properly using 
clear_user()]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/c1e63117711977cc4295b2ce73de29dd17066c82 (5.16-rc2)
+CVE-2021-47565 [scsi: mpt3sas: Fix kernel panic during drive powercycle test]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/0ee4ba13e09c9d9c1cb6abb59da8295d9952328b (5.16-rc3)
+CVE-2021-47564 [net: marvell: prestera: fix double free issue on err path]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e8d032507cb7912baf1d3e0af54516f823befefd (5.16-rc3)
+CVE-2021-47563 [ice: avoid bpf_prog refcount underflow]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f65ee535df775a13a1046c0a0b2d72db342f8a5b (5.16-rc3)
+CVE-2021-47562 [ice: fix vsi->txq_map sizing]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/792b2086584f25d84081a526beee80d103c2a913 (5.16-rc3)
+CVE-2021-47561 [i2c: virtio: disable timeout handling]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/84e1d0bf1d7121759622dabf8fbef4c99ad597c5 (5.16-rc3)
+CVE-2021-47560 [mlxsw: spectrum: Protect driver from buggy firmware]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/63b08b1f6834bbb0b4f7783bf63b80c8c8e9a047 (5.16-rc3)
+CVE-2021-47559 [net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/587acad41f1bc48e16f42bb2aca63bf323380be8 (5.16-rc3)
+CVE-2021-47558 [net: stmmac: Disable Tx queues when reconfiguring the 
interface]
+   - linux 5.15.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b270bfe697367776eca2e6759a71d700fb8d82a2 (5.16-rc3)
+CVE-2021-47557 [net/sched: sch_ets: don't peek at classes beyond 'nbands']
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/de6d25924c2a8c2988c6a385990cafbe742061bf (5.16-rc3)
+CVE-2021-47556 [ethtool: ioctl: fix potential NULL deref in 
ethtool_set_coalesce()]
+   - linux 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ecfc3181 by Salvatore Bonaccorso at 2024-05-22T10:59:02+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,119 @@
+CVE-2021-47498 [dm rq: don't queue request to blk-mq during DM suspend]
+   - linux 5.14.16-1
+   NOTE: 
https://git.kernel.org/linus/b4459b11e84092658fa195a2587aff3b9637f0e7 (5.15-rc6)
+CVE-2021-47497 [nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9 (5.15-rc6)
+CVE-2021-47496 [net/tls: Fix flipped sign in tls_err_abort() calls]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/da353fac65fede6b8b4cfe207f0d9408e3121105 (5.15)
+CVE-2021-47495 [usbnet: sanity check for maxpacket]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/397430b50a363d8b7bdda00522123f82df6adc5e (5.15-rc7)
+CVE-2021-47494 [cfg80211: fix management registrations locking]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/09b1d5dc6ce1c9151777f6c4e128a59457704c97 (5.15)
+CVE-2021-47493 [ocfs2: fix race between searching chunks and release 
journal_head from buffer_head]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/6f1b228529ae49b0f85ab89bcdb6c365df401558 (5.15)
+CVE-2021-47492 [mm, thp: bail out early in collapse_file for writeback page]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/74c42e1baacf206338b1dd6b6199ac964512b5bb (5.15)
+CVE-2021-47491 [mm: khugepaged: skip huge page collapse for special files]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a4aeaa06d45e90f9b279f0b09de84bd6e733 (5.15)
+CVE-2021-47490 [drm/ttm: fix memleak in ttm_transfered_destroy]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/0db55f9a1bafbe3dac750ea669de9134922389b5 (5.15)
+CVE-2021-47489 [drm/amdgpu: Fix even more out of bound writes from debugfs]
+   - linux 5.15.3-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5 (5.15)
+CVE-2021-47488 [cgroup: Fix memory leak caused by missing cgroup_bpf_offline]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/04f8ef5643bcd8bcde25dfdebef998aea480b2ba (5.15)
+CVE-2021-47487 [drm/amdgpu: fix out of bounds write]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/5afa7898ab7a0ec9c28556a91df714bf3c2f725e (5.15)
+CVE-2021-47486 [riscv, bpf: Fix potential NULL dereference]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/27de809a3d83a6199664479ebb19712533d6fd9b (5.15)
+CVE-2021-47485 [IB/qib: Protect from buffer overflow in struct 
qib_user_sdma_pkt fields]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/d39bf40e55e666b5905fdbd46a0dced030ce87be (5.15)
+CVE-2021-47484 [octeontx2-af: Fix possible null pointer dereference.]
+   - linux 5.15.3-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c2d4c543f74c90f883e8ec62a31973ae8807d354 (5.15)
+CVE-2021-47483 [regmap: Fix possible double-free in regcache_rbtree_exit()]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/55e6d8037805b3400096d621091dfbf713f97e83 (5.15)
+CVE-2021-47482 [net: batman-adv: fix error handling]
+   - linux 5.15.3-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/6f68cd634856f8ca93bafd623ba5357e0f648c68 (5.15)
+CVE-2021-47481 [RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR]
+   - linux 5.15.3-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5508546631a0f555d7088203dec2614e41b5106e (5.15)

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
94fda6f3 by Salvatore Bonaccorso at 2024-05-22T08:57:43+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,195 @@
+CVE-2021-47473 [scsi: qla2xxx: Fix a memory leak in an error path of 
qla2x00_process_els()]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad (5.15-rc7)
+CVE-2021-47472 [net: mdiobus: Fix memory leak in __mdiobus_register]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/ab609f25d19858513919369ff3d9a63c02cd9e2e (5.15-rc4)
+CVE-2021-47471 [drm: mxsfb: Fix NULL pointer dereference crash on unload]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a (5.15-rc7)
+CVE-2021-47470 [mm, slub: fix potential use-after-free in slab_debugfs_fops]
+   - linux 5.14.16-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/67823a544414def2a36c212abadb55b23bcda00c (5.15-rc7)
+CVE-2021-47469 [spi: Fix deadlock when adding SPI controllers on SPI buses]
+   - linux 5.14.16-1
+   NOTE: 
https://git.kernel.org/linus/6098475d4cb48d821bdf453c61118c56e26294f0 (5.15-rc6)
+CVE-2021-47468 [isdn: mISDN: Fix sleeping function called from invalid context]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/6510e80a0b81b5d814e3aea6297ba42f5e76f73c (5.15-rc6)
+CVE-2021-47467 [kunit: fix reference count leak in kfree_at_end]
+   - linux 5.14.16-1
+   NOTE: 
https://git.kernel.org/linus/f62314b1ced25c58b86e044fc951cd6a1ea234cf (5.15-rc6)
+CVE-2021-47466 [mm, slub: fix potential memoryleak in kmem_cache_open()]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/9037c57681d25e4dcc442d940d6dbe24dd31f461 (5.15-rc7)
+CVE-2021-47465 [KVM: PPC: Book3S HV: Fix stack handling in 
idle_kvm_start_guest()]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9b4416c5095c20e110c82ae602c254099b83b72f (5.15-rc6)
+CVE-2021-47464 [audit: fix possible null-pointer dereference in 
audit_filter_rules]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6e3ee990c90494561921c756481d0e2125d8b895 (5.15-rc7)
+CVE-2021-47463 [mm/secretmem: fix NULL page->mapping dereference in 
page_is_secretmem()]
+   - linux 5.14.16-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/79f9bc5843142b649575f887dccdf1c07ad75c20 (5.15-rc7)
+CVE-2021-47462 [Description:]
+   - linux 5.14.16-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c (5.15-rc7)
+CVE-2021-47461 [userfaultfd: fix a race between writeprotect and exit_mmap()]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca (5.15-rc7)
+CVE-2021-47460 [ocfs2: fix data corruption after conversion from inline format]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/5314454ea3ff6fc746eaf71b9a7ceebed52888fa (5.15-rc7)
+CVE-2021-47459 [can: j1939: j1939_netdev_start(): fix UAF for rx_kref of 
j1939_priv]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d9d52a3ebd284882f5562c88e55991add5d01586 (5.15-rc7)
+CVE-2021-47458 [ocfs2: mount fails with buffer overflow in strlen]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/b15fa9224e6e1239414525d8d556d824701849fc (5.15-rc7)
+CVE-2021-47457 [can: isotp: isotp_sendmsg(): add result check for 
wait_event_interruptible()]
+   - linux 5.14.16-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f81473bc by Salvatore Bonaccorso at 2024-05-21T19:18:28+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,1202 @@
+CVE-2023-52879 [tracing: Have trace_event_file have ref counters]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4 (6.7-rc1)
+CVE-2023-52878 [can: dev: can_put_echo_skb(): don't crash kernel if 
can_priv::echo_skb is accessed out of bounds]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/6411959c10fe917288cbb1038886999148560057 (6.7-rc1)
+CVE-2023-52877 [usb: typec: tcpm: Fix NULL pointer dereference in 
tcpm_pd_svdm()]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4987daf86c152ff882d51572d154ad12e4ff3a4b (6.7-rc1)
+CVE-2023-52876 [clk: mediatek: clk-mt7629-eth: Add check for 
mtk_alloc_clk_data]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0884393c63cc9a1772f7121a6645ba7bd76feeb9 (6.7-rc1)
+CVE-2023-52875 [clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/0d6e24b422a2166a9297a8286ff2e6ab9a5e8cd3 (6.7-rc1)
+CVE-2023-52874 [x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro]
+   - linux 6.6.8-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5d092b66119d774853cc9308522620299048a662 (6.7-rc1)
+CVE-2023-52873 [clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1f57f78fbacf630430bf954e5a84caafdfea30c0 (6.7-rc1)
+CVE-2023-52872 [tty: n_gsm: fix race condition in status line change on dead 
connections]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3a75b205de43365f80a33b98ec9289785da56243 (6.7-rc1)
+CVE-2023-52871 [soc: qcom: llcc: Handle a second device without data 
corruption]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   NOTE: 
https://git.kernel.org/linus/f1a1bc8775b26345aba2be278118999e7f661d3d (6.7-rc1)
+CVE-2023-52870 [clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b82681042724924ae3ba0f2f2eeec217fa31e830 (6.7-rc1)
+CVE-2023-52869 [pstore/platform: Add check for kstrdup]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a19d48f7c5d57c0f0405a7d4334d1d38fe9d3c1c (6.7-rc1)
+CVE-2023-52868 [thermal: core: prevent potential string overflow]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/c99626092efca3061b387043d4a7399bf75fbdd5 (6.7-rc1)
+CVE-2023-52867 [drm/radeon: possible buffer overflow]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/dd05484f99d16715a88eedfca363828ef9a4c2d4 (6.7-rc1)
+CVE-2023-52866 [HID: uclogic: Fix user-memory-access bug in 
uclogic_params_ugee_v2_init_event_hooks()]
+   - linux 6.6.8-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6 (6.7-rc1)
+CVE-2023-52865 [clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data]
+   - linux 6.6.8-1
+   

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e52dd50 by Salvatore Bonaccorso at 2024-05-21T17:37:03+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,583 @@
+CVE-2021-47220 [usb: dwc3: core: fix kernel panic when do reboot]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/4bf584a03eec674975ee9fe36c8583d9d470dab1 (5.13-rc7)
+CVE-2021-47221 [mm/slub: actually fix freelist pointer vs redzoning]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e41a49fadbc80b60b48d3c095d9e2ee7ef7c9a8e (5.13-rc7)
+CVE-2021-47222 [net: bridge: fix vlan tunnel dst refcnt when egressing]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/cfc579f9d89af4ada58c69b03bcaa4887840f3b3 (5.13-rc7)
+CVE-2021-47223 [net: bridge: fix vlan tunnel dst null pointer dereference]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/58e2071742e38f29f051b709a5cca014ba51166f (5.13-rc7)
+CVE-2021-47224 [net: ll_temac: Make sure to free skb when it is completely 
used]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/6aa32217a9a446275440ee8724b1ecaf1838df47 (5.13-rc7)
+CVE-2021-47225 [mac80211: fix deadlock in AP/VLAN handling]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d5befb224edbe53056c2c18999d630dafb4a08b9 (5.13-rc7)
+CVE-2021-47226 [x86/fpu: Invalidate FPU state after a failed XRSTOR from a 
user buffer]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d8778e393afa421f1f117471144f8ce6deb6953a (5.13-rc7)
+CVE-2021-47227 [x86/fpu: Prevent state corruption in __fpu__restore_sig()]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/484cea4f362e1eeb5c869abbfb5f90eae6421b38 (5.13-rc7)
+CVE-2021-47228 [x86/ioremap: Map EFI-reserved memory as encrypted for SEV]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8d651ee9c71bb12fc0c8eb2786b66cbe5aa3e43b (5.13-rc7)
+CVE-2021-47229 [PCI: aardvark: Fix kernel panic during PIO transfer]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/f18139966d072dab8e4398c95ce955a9742e04f7 (5.13-rc7)
+CVE-2021-47230 [KVM: x86: Immediately reset the MMU context when the SMM flag 
is cleared]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/78fcb2c91adfec8ce3a2ba6b4d0dda89f2f4a7c6 (5.13-rc7)
+CVE-2021-47231 [can: mcba_usb: fix memory leak in mcba_usb]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/91c02557174be7f72e46ed7311e3bea1939840b0 (5.13-rc7)
+CVE-2021-47232 [can: j1939: fix Use-after-Free, hold skb ref while in use]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2030043e616cab40f510299f09b636285e0a3678 (5.13-rc7)
+CVE-2021-47233 [regulator: rt4801: Fix NULL pointer dereference if 
priv->enable_gpios is NULL]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/cb2381cbecb81a8893b2d1e1af29bc2e5531df27 (5.13-rc6)
+CVE-2021-47234 [phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/aaac9a1bd370338ce372669eb9a6059d16b929aa (5.13-rc6)
+CVE-2021-47235 [net: ethernet: fix potential use-after-free in ec_bhf_remove]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/9cca0c2d70149160407bda9a9446ce0c29b6e6c6 (5.13-rc7)
+CVE-2021-47236 [net: cdc_eem: fix tx fixup skb leak]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7 (5.13-rc7)
+CVE-2021-47237 [net: hamradio: fix memory leak in mkiss_close]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/7edcc682301492380fbdd604b4516af5ae667a13 (5.13-rc7)
+CVE-2021-47238 [net: ipv4: fix memory leak in ip_mc_add1_src]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/d8e2973029b8b2ce477b564824431f3385c77083 (5.13-rc7)
+CVE-2021-47239 [net: usb: fix possible use-after-free in smsc75xx_bind]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/56b786d86694e079d8aad9b314e015cd4ac02a3d 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1b2d3975 by Salvatore Bonaccorso at 2024-05-20T16:04:33+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,332 @@
+CVE-2024-36009 [ax25: Fix netdev refcount issue]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b (6.9-rc6)
+CVE-2024-36008 [ipv4: check for NULL idev in ip_route_use_hint()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/58a4c9b1e5a3e53c9148e80b90e1e43897ce77d1 (6.9-rc6)
+CVE-2024-36007 [mlxsw: spectrum_acl_tcam: Fix warning during rehash]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/743edc8547a92b6192aa1f1b6bb78233fa21dc9b (6.9-rc6)
+CVE-2024-36006 [mlxsw: spectrum_acl_tcam: Fix incorrect list API usage]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b377add0f0117409c418ddd6504bd682ebe0bf79 (6.9-rc6)
+CVE-2024-36005 [netfilter: nf_tables: honor table dormant flag from netdev 
release event path]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8e30abc9ace4f0add4cd761dfdbfaebae5632dd2 (6.9-rc6)
+CVE-2024-36004 [i40e: Do not use WQ_MEM_RECLAIM flag for workqueue]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/2cc7d150550cc981aceedf008f5459193282425c (6.9-rc6)
+CVE-2024-36003 [ice: fix LAG and VF lock dependency in ice_reset_vf()]
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/96fdd1f6b4ed72a741fb0eb705c0e13049b8721f (6.9-rc6)
+CVE-2024-36002 [dpll: fix dpll_pin_on_pin_register() for multiple parent pins]
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/38d7b94e81d068b8d8c8392f421cfd2c3bbfd1a6 (6.9-rc6)
+CVE-2024-36001 [netfs: Fix the pre-flush when appending to a file in 
writethrough mode]
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c97f59e276d4e93480f29a70accbd0d7273cf3f5 (6.9-rc6)
+CVE-2024-36000 [mm/hugetlb: fix missing hugetlb_lock for resv uncharge]
+   - linux 6.8.9-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b76b46902c2d0395488c8412e1116c2486cdfcb2 (6.9-rc6)
+CVE-2024-35999 [smb3: missing lock when picking channel]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/8094a600245e9b28eb36a13036f202ad67c1f887 (6.9-rc6)
+CVE-2024-35998 [smb3: fix lock ordering potential deadlock in 
cifs_sync_mid_result]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/8861fd5180476f45f9e8853db154600469a0284f (6.9-rc6)
+CVE-2024-35997 [HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent 
lock-up]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/9c0f59e47a90c54d0153f8ddc0f80d7a36207d0e (6.9-rc6)
+CVE-2024-35996 [cpu: Re-enable CPU mitigations by default for !X86 
architectures]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fe42754b94a42d08cf9501790afc25c4f6a5f631 (6.9-rc6)
+CVE-2024-35995 [ACPI: CPPC: Use access_width over bit_width for system memory 
accesses]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/2f4a4d63a193be6fd530d180bb13c3592052904c (6.9-rc1)
+CVE-2024-35994 [firmware: qcom: uefisecapp: Fix memory related IO errors and 
crashes]
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
50b45cb1 by Salvatore Bonaccorso at 2024-05-19T13:26:35+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,427 @@
+CVE-2024-35946 [wifi: rtw89: fix null pointer access when abort scan]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/7e11a2966f51695c0af0b1f976a32d64dee243b2 (6.9-rc1)
+CVE-2024-35945 [net: phy: phy_device: Prevent nullptr exceptions on ISR]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/61c81872815f46006982bb80460c0c80a949b35b (6.9-rc1)
+CVE-2024-35944 [VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/19b070fefd0d024af3daa7329cbc0d00de5302ec (6.9-rc1)
+CVE-2024-35943 [pmdomain: ti: Add a null pointer check to the 
omap_prm_domain_init]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/5d7f58ee08434a33340f75ac7ac5071eea9673b3 (6.9-rc1)
+CVE-2024-35942 [pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to 
hdmimix domain]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/697624ee8ad557ab5417f985d2c804241a7ad30d (6.9-rc1)
+CVE-2024-35941 [net: skbuff: add overflow debug check to pull/push helpers]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/219eee9c0d16f1b754a8b85275854ab17df0850a (6.9-rc1)
+CVE-2024-35940 [pstore/zone: Add a null pointer check to the psz_kmsg_read]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/98bc7e26e14fbb26a6abf97603d59532475e97f8 (6.9-rc1)
+CVE-2024-35939 [dma-direct: Leak pages on dma_set_decrypted() failure]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf (6.9-rc1)
+CVE-2024-35938 [wifi: ath11k: decrease MHI channel buffer length to 8KB]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/1cca1bddf9ef080503c15378cecf4877f7510015 (6.9-rc1)
+CVE-2024-35937 [wifi: cfg80211: check A-MSDU format more carefully]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/9ad7974856926129f190ffbe3beea78460b3b7cc (6.9-rc1)
+CVE-2024-35936 [btrfs: handle chunk tree lookup error in 
btrfs_relocate_sys_chunks()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/7411055db5ce64f836aaffd422396af0075fdc99 (6.9-rc1)
+CVE-2024-35935 [btrfs: send: handle path ref underflow in header 
iterate_inode_ref()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/3c6ee34c6f9cd12802326da26631232a61743501 (6.9-rc1)
+CVE-2024-35934 [net/smc: reduce rtnl pressure in 
smc_pnet_create_pnetids_list()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/00af2aa93b76b1bade471ad0d0525d4d29ca5cc0 (6.9-rc1)
+CVE-2024-35933 [Bluetooth: btintel: Fix null ptr deref in btintel_read_version]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/b79e040910101b020931ba0c9a6b77e81ab7f645 (6.9-rc1)
+CVE-2024-35932 [drm/vc4: don't check if plane->state->fb == state->fb]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9 (6.9-rc1)
+CVE-2024-35931 [drm/amdgpu: Skip do PCI error slot reset during RAS recovery]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/601429cca96b4af3be44172c3b64e4228515dbe1 (6.9-rc1)
+CVE-2024-35930 [scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/2ae917d4bcab80ab304b774d492e2fcd6c52c06b (6.9-rc1)
+CVE-2024-35929 [rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()]
+   - linux 6.8.9-1
+   NOTE: 
https://git.kernel.org/linus/dda98810b552fc6bf650f4270edeebdc2f28bd3f (6.9-rc1)
+CVE-2024-35928 [drm/amd/amdgpu: Fix potential ioremap() memory leaks in 
amdgpu_device_init()]
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   NOTE: 
https://git.kernel.org/linus/eb4f139888f636614dab3bcce97ff61cefc4b3a7 (6.9-rc1)
+CVE-2024-35927 [drm: Check output polling initialized before disabling]
+   - linux 6.8.9-1
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d2ccf403 by Salvatore Bonaccorso at 2024-05-17T23:56:50+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -49,157 +49,404 @@ CVE-2024-3290 (A race condition vulnerability exists 
where an authenticated, loc
 CVE-2024-3289 (When installing Nessus to a directory outside of the default 
location  ...)
TODO: check
 CVE-2024-35859 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9617cd6f24b294552a817f80f5225431ef67b540 (6.9-rc6)
 CVE-2024-35858 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9f898fc2c31fbf0ac5ecd289f528a716464cb005 (6.9-rc6)
 CVE-2024-35857 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c58e88d49097bd12dfcfef4f075b43f5d5830941 (6.9-rc6)
 CVE-2024-35856 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d (6.9-rc6)
 CVE-2024-35855 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4 (6.9-rc6)
 CVE-2024-35854 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5422599931467a9b55fdbef534079b665519 (6.9-rc6)
 CVE-2024-35853 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8ca3f7a7b61393804c46f170743c3b839df13977 (6.9-rc6)
 CVE-2024-35852 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fb4e2b70a7194b209fc7320bbf33b375f7114bd5 (6.9-rc6)
 CVE-2024-35851 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/73e87c0a49fda31d7b589edccf4c72e924411371 (6.9-rc6)
 CVE-2024-35850 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/7ddb9de6af0f1c71147785b12fd7c8ec3f06cc86 (6.9-rc6)
 CVE-2024-35849 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   TODO: check
+   - linux 6.8.9-1
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/2f7ef5bb4a2f3e481ef05fab946edb97c84f67cf (6.9-rc6)
 CVE-2024-35848 (In the Linux kernel, the following vulnerability has been 
resolved:  e ...)
-   TODO: check
+   - linux 6.8.9-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f42c97027fb75776e2e9358d16bf4a99aeb04cf2 (6.9-rc6)

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bcc1c6ec by Salvatore Bonaccorso at 2024-05-13T17:52:58+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,27 @@
+CVE-2024-27401 [firewire: nosy: ensure user_length is taken into account when 
fetching packet contents]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/38762a0763c10c24a4915feee722d7aa6e73eb98 (6.9-rc7)
+CVE-2024-27400 [drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() 
v2]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d3a9331a6591e9df64791e076f6591f440af51c3 (6.9-rc7)
+CVE-2024-27399 [Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/adf0398cee86643b8eacde95f17d073d022f782c (6.9)
+CVE-2024-27398 [Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/483bc08181827fc475643272ffb69c533007e546 (6.9)
+CVE-2023-52656 [io_uring: drop any code related to SCM_RIGHTS]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/6e5e6d274956305f1fc0340522b38f5f5be74bdb (6.8-rc1)
+CVE-2023-52655 [usb: aqc111: check packet for fixup for true limit]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.69-1
+   [bullseye] - linux 5.10.205-1
+   NOTE: 
https://git.kernel.org/linus/ccab434e674ca95d483788b1895a70c21b7f016a (6.7-rc3)
 CVE-2024-25581 [Transfer requests received over DoH can lead to a denial of 
service in DNSdist]
- dnsdist 
[bookworm] - dnsdist  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc1c6ec1b2402e02468b4a8dd9b468f0b4cb082

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc1c6ec1b2402e02468b4a8dd9b468f0b4cb082
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
16021d47 by Salvatore Bonaccorso at 2024-05-08T21:55:42+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,33 @@
+CVE-2024-27397 [netfilter: nf_tables: use timestamp to check for set element 
timeout]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/7395dfacfff65e9938ac0889dafa1ab01e987d15 (6.8-rc4)
+CVE-2024-27396 [net: gtp: Fix Use-After-Free in gtp_dellink]
+   - linux 
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/f2a904107ee2b647bb7794a1a82b67740d7c8a64 (6.9-rc6)
+CVE-2024-27395 [net: openvswitch: Fix Use-After-Free in ovs_ct_exit]
+   - linux 
+   [bookworm] - linux 6.1.90-1
+   [bullseye] - linux 5.10.216-1
+   NOTE: 
https://git.kernel.org/linus/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 (6.9-rc6)
+CVE-2024-27394 [tcp: Fix Use-After-Free in tcp_ao_connect_init]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/80e679b352c3ce5158f3f778cfb77eb767e586fb (6.9-rc6)
+CVE-2024-27393 [xen-netfront: Add missing skb_mark_for_recycle]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/037965402a010898d34f4e35327d22c0a95cd51f (6.9-rc3)
+CVE-2023-52654 [io_uring/af_unix: disable sending io_uring over sockets]
+   - linux 6.6.8-1
+   [bookworm] - linux 6.1.69-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/705318a99a138c29a512a72c3e0043b3cd7f55f4 (6.7-rc5)
 CVE-2024-24787
- golang-1.22  (Specific to MacOS)
- golang-1.21  (Specific to MacOS)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16021d477293cdb799c7eed19ebc20646508ba2c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16021d477293cdb799c7eed19ebc20646508ba2c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e536736b by Salvatore Bonaccorso at 2024-05-03T20:51:17+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,96 @@
+CVE-2022-48705 [wifi: mt76: mt7921e: fix crash in chip reset fail]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fa3fbe64037839f448dc569212bafc5a495d8219 (6.0-rc5)
+CVE-2022-48704 [drm/radeon: add a force flush to delay work when radeon]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/f461950fdc374a3ada5a63c669d997de4600dffe (6.0-rc3)
+CVE-2022-48703 [thermal/int340x_thermal: handle data_vault when the value is 
ZERO_SIZE_PTR]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/7931e28098a4c1a2a6802510b0cbe57546d2049d (6.0-rc3)
+CVE-2022-48702 [ALSA: emu10k1: Fix out of bounds access in 
snd_emu10k1_pcm_channel_alloc()]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/d29f59051d3a07b81281b2df2b8c9dfe4716067f (6.0-rc5)
+CVE-2022-48701 [ALSA: usb-audio: Fix an out-of-bounds bug in 
__snd_usb_parse_audio_interface()]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/e53f47f6c1a56d2af728909f1cb894da6b43d9bf (6.0-rc5)
+CVE-2022-48700 [vfio/type1: Unpin zero pages]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   NOTE: 
https://git.kernel.org/linus/873aefb376bbc0ed1dd2381ea1d6ec88106fdbd4 (6.0-rc5)
+CVE-2022-48699 [sched/debug: fix dentry leak in update_sched_domain_debugfs]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/c2e406596571659451f4b95e37ddfd5a8ef1d0dc (6.0-rc5)
+CVE-2022-48698 [drm/amd/display: fix memory leak when using debugfs_lookup()]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/cbfac7fa491651c57926c99edeb7495c6c1aeac2 (6.0-rc5)
+CVE-2022-48697 [nvmet: fix a use-after-free]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/6a02a61e81c231cc5c680c5dbf8665275147ac52 (6.0-rc5)
+CVE-2022-48696 [regmap: spi: Reserve space for register address/padding]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f5723cfc01932c7a8d5c78dbf7e067e537c91439 (6.0-rc5)
+CVE-2022-48695 [scsi: mpt3sas: Fix use-after-free warning]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34 (6.0-rc5)
+CVE-2022-48694 [RDMA/irdma: Fix drain SQ hang with no completion]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ead54ced6321099978d30d62dc49c282a6e70574 (6.0-rc5)
+CVE-2022-48693 [soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/1085f5080647f0c9f357c270a537869191f7f2a1 (6.0-rc5)
+CVE-2022-48692 [RDMA/srp: Set scmnd->result only when scmnd is not NULL]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/12f35199a2c0551187edbf8eb01379f0598659fa (6.0-rc5)
+CVE-2022-48691 [netfilter: nf_tables: clean up hook list when offload flags 
check fails]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/77972a36ecc4db7fc7c68f0e80714263c5f03f65 (6.0-rc5)
+CVE-2022-48690 [ice: Fix DMA mappings leak]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/7e753eb675f0523207b184558638ee2eed6c9ac2 (6.0-rc5)
+CVE-2022-48689 [tcp: TX zerocopy should not sense pfmemalloc status]
+   - linux 5.19.11-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3261400639463a853ba2b3be8bd009c2a8089775 (6.0-rc5)
+CVE-2022-48688 [i40e: Fix kernel crash during module removal]
+   - 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
19b150a2 by Salvatore Bonaccorso at 2024-05-03T17:42:07+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,27 @@
+CVE-2022-48675 [IB/core: Fix a nested dead lock as part of ODP flow]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/85eaeb5058f0f04dffb124c97c86b4f18db0b833 (6.0-rc5)
+CVE-2022-48674 [erofs: fix pcluster use-after-free on UP platforms]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/2f44013e39984c127c6efedf70e6b5f4e9dcf315 (6.0-rc5)
+CVE-2022-48673 [net/smc: Fix possible access to freed memory in link clear]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/e9b1a4f867ae9c1dbd1d71cd09cbdb3239fb4968 (6.0-rc5)
+CVE-2022-48672 [of: fdt: fix off-by-one error in unflatten_dt_nodes()]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/2f945a792f67815abca26fa8a5e863ccf3fa1181 (6.0-rc6)
+CVE-2022-48671 [cgroup: Add missing cpus_read_lock() to 
cgroup_attach_task_all()]
+   - linux 5.19.11-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.282-1
+   NOTE: 
https://git.kernel.org/linus/43626dade36fa74d3329046f4ae2d7fdefe401c6 (6.0-rc3)
+CVE-2022-48670 [peci: cpu: Fix use-after-free in adev_release()]
+   - linux 5.19.11-1
+   NOTE: 
https://git.kernel.org/linus/1c11289b34ab67ed080bbe0f1855c4938362d9cf (6.0-rc4)
 CVE-2024-4418 [stack use-after-free in virNetClientIOEventLoop()]
- libvirt 
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2278616



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19b150a20b913a1e5f2d9aa63018313d50d8ba39

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19b150a20b913a1e5f2d9aa63018313d50d8ba39
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
83c72f90 by Salvatore Bonaccorso at 2024-05-01T20:48:30+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,349 @@
+CVE-2024-27392 [nvme: host: fix double-free of struct nvme_id_ns in 
ns_update_nuse()]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8d0d2447394b13fb22a069f0330f9c49b7fff9d3 (6.9-rc1)
+CVE-2024-27391 [wifi: wilc1000: do not realloc workqueue everytime an 
interface is added]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/328efda22af81130c2ad981c110518cb29ff2f1d (6.9-rc1)
+CVE-2024-27390 [ipv6: mcast: remove one synchronize_net() barrier in 
ipv6_mc_down()]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/17ef8efc00b34918b966388b2af0993811895a8c (6.9-rc1)
+CVE-2024-27389 [pstore: inode: Only d_invalidate() is needed]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a43e0fc5e9134a46515de2f2f8d4100b74e50de3 (6.9-rc1)
+CVE-2024-27388 [SUNRPC: fix some memleaks in gssx_dec_option_array]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/3cfcfc102a5e57b021b786a755a38935e357797d (6.9-rc1)
+CVE-2024-27080 [btrfs: fix race when detecting delalloc ranges during fiemap]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/978b63f7464abcfd364a6c95f734282c50f3decf (6.9-rc1)
+CVE-2024-27079 [iommu/vt-d: Fix NULL domain on device release]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/81e921fd321614c2ad8ac333b041aae1da7a1c6d (6.9-rc1)
+CVE-2024-27078 [media: v4l2-tpg: fix some memleaks in tpg_alloc]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/8cf9c5051076e0eb958f4361d50d8b0c3ee6691c (6.9-rc1)
+CVE-2024-27077 [media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/8f94b49a5b5d386c038e355bef6347298aabd211 (6.9-rc1)
+CVE-2024-27076 [media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4797a3dd46f220e6d83daf54d70c5b33db6deb01 (6.9-rc1)
+CVE-2024-27075 [media: dvb-frontends: avoid stack overflow warnings with clang]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/7a4cf27d1f0538f779bf31b8c99eda394e277119 (6.9-rc1)
+CVE-2024-27074 [media: go7007: fix a memleak in go7007_load_encoder]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/b9b683844b01d171a72b9c0419a2d760d946ee12 (6.9-rc1)
+CVE-2024-27073 [media: ttpci: fix two memleaks in budget_av_attach]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/d0b07f712bf61e1a3cf23c87c663791c42e50837 (6.9-rc1)
+CVE-2024-27072 [media: usbtv: Remove useless locks in usbtv_video_free()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/65e6a2773d655172143cc0b927cdc89549842895 (6.9-rc1)
+CVE-2024-27071 [backlight: hx8357: Fix potential NULL pointer dereference]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b1ba8bcb2d1ffce11b308ce166c9cc28d989e3b9 (6.9-rc1)
+CVE-2024-27070 [f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/eb70d5a6c932d9d23f4bb3e7b83782c21ac4b064 (6.9-rc1)
+CVE-2024-27069 [ovl: relax WARN_ON in 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b04723da by Salvatore Bonaccorso at 2024-04-28T16:53:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,193 @@
+CVE-2024-26928 [smb: client: fix potential UAF in cifs_debug_files_proc_show()]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/ca545b7f0823f19db0f1148d59bc5e1a56634502 (6.9-rc3)
+CVE-2024-26927 [ASoC: SOF: Add some bounds checking to firmware data]
+   - linux 6.7.12-1
+   [bookworm] - linux 6.1.85-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/98f681b0f84cfc3a1d83287b77697679e0398306 (6.9-rc1)
+CVE-2022-48668 [smb3: fix temporary data corruption in collapse range]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 (6.0-rc4)
+CVE-2022-48667 [smb3: fix temporary data corruption in insert range]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9c8b7a293f50253e694f19161c045817a938e551 (6.0-rc4)
+CVE-2022-48666 [scsi: core: Fix a use-after-free]
+   - linux 6.0.2-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8fe4ce5836e932f5766317cb651c1ff2a4cd0506 (6.0-rc5)
+CVE-2022-48665 [exfat: fix overflow for large capacity partition]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62 (6.0-rc7)
+CVE-2022-48664 [btrfs: fix hang during unmount when stopping a space reclaim 
worker]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.148-1
+   NOTE: 
https://git.kernel.org/linus/a362bb864b8db4861977d00bd2c3222503ccc34b (6.0-rc7)
+CVE-2022-48663 [gpio: mockup: fix NULL pointer dereference when removing 
debugfs]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68 (6.0-rc7)
+CVE-2022-48662 [drm/i915/gem: Really move i915_gem_context.link under ref 
protection]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d119888b09bd567e07c6b93a07f175df88857e02 (6.0-rc7)
+CVE-2022-48661 [gpio: mockup: Fix potential resource leakage when register a 
chip]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/02743c4091ccfb246f5cdbbe3f44b152d5d12933 (6.0-rc7)
+CVE-2022-48660 [gpiolib: cdev: Set lineevent_state::irq after IRQ register 
successfully]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 (6.0-rc7)
+CVE-2022-48659 [mm/slub: fix to return errno if kmalloc() fails]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/7e9c323c52b379d261a72dc7bd38120a761a93cd (6.0-rc7)
+CVE-2022-48658 [mm: slub: fix flush_cpu_slab()/__free_slab() invocations in 
task context.]
+   - linux 6.0.2-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e45cc288724f0cfd497bb5920bcfa60caa335729 (6.0-rc7)
+CVE-2022-48657 [arm64: topology: fix possible overflow in amu_fie_setup()]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.158-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d4955c0ad77dbc684fc716387070ac24801b8bca (6.0-rc7)
+CVE-2022-48656 [dmaengine: ti: k3-udma-private: Fix refcount leak bug in 
of_xudma_dev_get()]
+   - linux 6.0.2-1
+   [bullseye] - linux 5.10.148-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87e (6.0-rc7)
+CVE-2022-48655 [firmware: arm_scmi: Harden accesses to the reset domains]
+   - linux 6.0.2-1
+   NOTE: 
https://git.kernel.org/linus/e9076ffbcaed5da6c182b144ef9f6e24554af268 (6.0-rc7)
+CVE-2022-48654 [netfilter: nfnetlink_osf: fix possible bogus match 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fee5bb2d by Salvatore Bonaccorso at 2024-04-25T08:42:32+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,18 @@
+CVE-2024-26926 [binder: check offset alignment in binder_get_object()]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/aaef73821a3b0194a01bd23ca4f704a04d40 (6.9-rc5)
+CVE-2024-26925 [netfilter: nf_tables: release mutex after nft_gc_seq_end from 
abort path]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0d459e2ffb541841714839e8228b845458ed3b27 (6.9-rc3)
+CVE-2024-26924 [netfilter: nft_set_pipapo: do not free live element]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3cfc9ec039af60dbd8965ae085b2c2ccdcfbe1cc (6.9-rc5)
+CVE-2024-26923 [af_unix: Fix garbage collector racing against connect()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/47d8ac011fe1c9251070e1bd64cb10b48193ec51 (6.9-rc4)
 CVE-2024-4060
- chromium 
[bullseye] - chromium  (see #1061268)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fee5bb2d1db671dc986dd7b6e3bb2ed8dd88c447

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fee5bb2d1db671dc986dd7b6e3bb2ed8dd88c447
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a0cad4cb by Salvatore Bonaccorso at 2024-04-17T19:46:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,518 @@
+CVE-2024-26920 [tracing/trigger: Fix to return error if failed to alloc 
snapshot]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   NOTE: 
https://git.kernel.org/linus/0958b33ef5a04ed91f61cef4760ac412080c4e08 (6.8-rc3)
+CVE-2024-26919 [usb: ulpi: Fix debugfs directory leak]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368 (6.8-rc3)
+CVE-2024-26918 [PCI: Fix active state requirement in PME polling]
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/41044d5360685e78a869d40a168491a70cdb7e73 (6.8-rc5)
+CVE-2024-26917 [scsi: Revert "scsi: fcoe: Fix potential deadlock on 
Description:fip->ctlr_lock"]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   NOTE: 
https://git.kernel.org/linus/977fe773dcc7098d8eaf4ee6382cb51e13e784cb (6.8-rc5)
+CVE-2024-26916 [Revert "drm/amd: flush any delayed gfxoff on suspend entry"]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/916361685319098f696b798ef1560f69ed96e934 (6.8-rc5)
+CVE-2024-26915 [drm/amdgpu: Reset IH OVERFLOW_CLEAR bit]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   NOTE: 
https://git.kernel.org/linus/7330256268664ea0a7dd5b07a3fed363093477dd (6.8-rc3)
+CVE-2024-26914 [drm/amd/display: fix incorrect mpc_combine array size]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/39079fe8e660851abbafa90cd55cbf029210661f (6.8-rc3)
+CVE-2024-26913 [drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/faf51b201bc42adf500945732abb6220c707d6f3 (6.8-rc3)
+CVE-2024-26912 [drm/nouveau: fix several DMA buffer leaks]
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/042b5f83841fbf7ce39474412db3b5e4765a7ea7 (6.8-rc4)
+CVE-2024-26911 [drm/buddy: Fix alloc_range() error handling code]
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8746c6c9dfa31d269c65dd52ab42fde0720b7d91 (6.8-rc5)
+CVE-2024-26910 [netfilter: ipset: fix performance regression in swap operation]
+   - linux 6.7.7-1
+   [bookworm] - linux 6.1.82-1
+   NOTE: 
https://git.kernel.org/linus/97f7cf1cd80eeed3b7c808b7c12463295c751001 (6.8-rc3)
+CVE-2024-26909 [soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free]
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b979f2d50a099f3402418d7ff5f26c3952fb08bb (6.8-rc7)
+CVE-2024-26908 [x86/xen: Add some null pointer checking to smp.c]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/3693bb4465e6e32a204a5b86d3ec7e6b9f7e67c2 (6.8-rc5)
+CVE-2024-26907 [RDMA/mlx5: Fix fortify source warning while accessing Eth 
segment]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/4d5e86a56615cc387d21c629f9af8fb0e958d350 (6.8-rc6)
+CVE-2024-26906 [x86/mm: Disallow vsyscall page read for 
copy_from_kernel_nofault()]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/32019c659ecfe1d92e3bf9fcdfbb11a7c70acd58 (6.8-rc6)
+CVE-2024-26905 [btrfs: fix data races when accessing the reserved amount of 
block reserves]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/e06cc89475eddc1f3a7a4d471524256152c68166 (6.8-rc7)
+CVE-2024-26904 [btrfs: fix data race at btrfs_use_block_rsv() when accessing 
block reserve]
+   - linux 
+   [bookworm] - linux 6.1.85-1
+   NOTE: 
https://git.kernel.org/linus/c7bb26b847e5b97814f522686068c5628e2b3646 (6.8-rc7)
+CVE-2024-26903 [Bluetooth: rfcomm: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
81f80a42 by Salvatore Bonaccorso at 2024-04-10T21:52:59+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,169 @@
+CVE-2021-47219 [scsi: scsi_debug: Fix out-of-bound read in 
resp_report_tgtpgs()]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/f347c26836c270199de1599c3cd466bb7747caa9 (5.16-rc1)
+CVE-2021-47218 [selinux: fix NULL-pointer dereference when hashtab allocation 
fails]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/dc27f3c5d10c58069672215787a96b4fae01818b (5.16-rc3)
+CVE-2021-47217 [x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V 
setup fails]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/daf972118c517b91f74ff1731417feb4270625a4 (5.16-rc2)
+CVE-2021-47216 [scsi: advansys: Fix kernel pointer leak]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/d4996c6eac4c81b8872043e9391563f67f13e406 (5.16-rc1)
+CVE-2021-47215 [net/mlx5e: kTLS, Fix crash in RX resync flow]
+   - linux 5.15.5-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cc4a9cc03faa6d8db1a6954bb536f2c1e63bdff6 (5.16-rc2)
+CVE-2021-47214 [hugetlb, userfaultfd: fix reservation restore on userfaultfd 
error]
+   - linux 5.15.5-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cc30042df6fcc82ea18acf0dace831503e60a0b7 (5.16-rc2)
+CVE-2021-47213 [NFSD: Fix exposure in nfsd4_decode_bitmap()]
+   - linux 5.15.5-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c0019b7db1d7ac62c711cda6b357a659d46428fe (5.16-rc2)
+CVE-2021-47212 [net/mlx5: Update error handler for UCTX and UMEM]
+   - linux 5.15.5-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ba50cd9451f6c49cf0841c0a4a146ff6a2822699 (5.16-rc2)
+CVE-2021-47211 [ALSA: usb-audio: fix null pointer dereference on pointer 
cs_desc]
+   - linux 5.15.5-1
+   NOTE: 
https://git.kernel.org/linus/b97053df0f04747c3c1e021ecbe99db675342954 (5.16-rc1)
+CVE-2021-47210 [usb: typec: tipd: Remove WARN_ON in tps6598x_block_read]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/b7a0a63f3fed57d413bb857de164ea9c3984bc4e (5.16-rc1)
+CVE-2021-47209 [sched/fair: Prevent dead task groups from regaining cfs_rq's]
+   - linux 5.15.5-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b027789e5e50494c2325cc70c8642e7fd6059479 (5.16-rc1)
+CVE-2021-47207 [ALSA: gus: fix null pointer dereference on pointer block]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/a0d21bb3279476c777434c40d969ea88ca64f9aa (5.16-rc1)
+CVE-2021-47206 [usb: host: ohci-tmio: check return value after calling 
platform_get_resource()]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/9eff2b2e59fda25051ab36cd1cb5014661df657b (5.16-rc1)
+CVE-2021-47205 [clk: sunxi-ng: Unregister clocks/resets when unbinding]
+   - linux 5.15.5-1
+   NOTE: 
https://git.kernel.org/linus/9bec2b9c6134052994115d2d3374e96f2ccb9b9d (5.16-rc1)
+CVE-2021-47204 [net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/9b5a333272a48c2f8b30add7a874e46e8b26129c (5.16-rc2)
+CVE-2021-47203 [scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/99154581b05c8fb22607afb7c3d66c1bace6aa5d (5.16-rc1)
+CVE-2021-47202 [thermal: Fix NULL pointer dereferences in of_thermal_ 
functions]
+   - linux 5.15.5-1
+   [bullseye] - linux 5.10.84-1
+   NOTE: 
https://git.kernel.org/linus/96cfe05051fd8543cdedd6807ec59a0e6c409195 (5.16-rc1)
+CVE-2021-47201 [iavf: free q_vectors before queues in iavf_disable_vf]
+   - linux 5.15.5-1
+   

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
17584700 by Salvatore Bonaccorso at 2024-04-02T11:01:35+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -81,63 +81,128 @@ CVE-2024-27324 (PDF-XChange Editor TIF File Parsing 
Out-Of-Bounds Read Informati
 CVE-2024-27323 (PDF-XChange Editor Updater Improper Certificate Validation 
Remote Code ...)
NOT-FOR-US: PDF-XChange Editor
 CVE-2024-26684 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/46eba193d04f8bd717e525eb4110f3c46c12aec3 (6.8-rc4)
 CVE-2024-26683 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/177fbbcb4ed6b306c1626a277fac3fb1c495a4c7 (6.8-rc4)
 CVE-2024-26682 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/35e2385dbe787936c793d70755a5177d267a40aa (6.8-rc4)
 CVE-2024-26681 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ba5e1272142d051dcc57ca1d3225ad8a089f9858 (6.8-rc4)
 CVE-2024-26680 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2e7d3b67630dfd8f178c41fa2217aa00e79a5887 (6.8-rc4)
 CVE-2024-26679 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
-   TODO: check
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/eef00a82c568944f113f2de738156ac591bbd5cd (6.8-rc4)
 CVE-2024-26678 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1ad55cecf22f05f1c884adf63cc09d3c3e609ebf (6.8-rc4)
 CVE-2024-26677 (In the Linux kernel, the following vulnerability has been 
resolved:  r ...)
-   TODO: check
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/e7870cf13d20f56bfc19f9c3e89707c69cf104ef (6.8-rc4)
 CVE-2024-26676 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1279f9d9dec2d7462823a18c29ad61359e0a007d (6.8-rc4)
 CVE-2024-26675 (In the Linux kernel, the following vulnerability has been 
resolved:  p ...)
-   TODO: check
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/cb88cb53badb8aeb3955ad6ce80b07b598e310b8 (6.8-rc4)
 CVE-2024-26674 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
-   TODO: check
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8eed4e00a370b37b4e5985ed983dccedd555ea9d (6.8-rc4)
 CVE-2024-26673 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4 (6.8-rc3)
 CVE-2024-26672 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/4f32504a2f85a7b40fe149436881381f48e9c0c0 (6.8-rc1)
 CVE-2024-26671 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   TODO: check
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/5266caaf5660529e3da53004b8b7174cab6374ed (6.8-rc1)
 CVE-2024-26670 (In the Linux kernel, the following vulnerability 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
27b6bbbc by Salvatore Bonaccorso at 2024-03-26T20:34:23+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,59 @@
+CVE-2024-26650 [platform/x86: p2sb: Allow p2sb_bar() calls during PCI device 
probe]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5913320eb0b3ec88158cfcb0fa5e996bf4ef681b (6.8-rc2)
+CVE-2024-26649 [drm/amdgpu: Fix the null pointer when load rlc firmware]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/bc03c02cc1991a066b23e69bbcc0f66e8f1f7453 (6.8-rc1)
+CVE-2024-26648 [drm/amd/display: Fix variable deferencing before NULL check in 
edp_setup_replay()]
+   - linux 6.6.15-1
+   NOTE: 
https://git.kernel.org/linus/7073934f5d73f8b53308963cee36f0d389ea857c (6.8-rc1)
+CVE-2024-26647 [drm/amd/display: Fix late derefrence 'dsc' check in 
'link_set_dsc_pps_packet()']
+   - linux 6.6.15-1
+   NOTE: 
https://git.kernel.org/linus/3bb9b1f958c3d986ed90a3ff009f1e77e9553207 (6.8-rc1)
+CVE-2024-26646 [thermal: intel: hfi: Add syscore callbacks for system-wide PM]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/97566d09fd02d2ab329774bb89a2cdf2267e86d9 (6.8-rc1)
+CVE-2024-26645 [tracing: Ensure visibility when inserting an element into 
tracing_map]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/2b44760609e9eaafc9d234a6883d042fc21132a7 (6.8-rc2)
+CVE-2024-26644 [btrfs: don't abort filesystem when attempting to snapshot 
deleted subvolume]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/7081929ab2572920e94d70be3d332e5c9f97095a (6.8-rc2)
+CVE-2023-52627 [iio: adc: ad7091r: Allow users to configure device events]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/020e71c7ffc25dfe29ed9be6c2d39af7bd7f661f (6.8-rc1)
+CVE-2023-52626 [net/mlx5e: Fix operation precedence bug in port timestamping 
napi_poll context]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3876638b2c7ebb2c9d181de1191db0de8cac143a (6.8-rc2)
+CVE-2023-52625 [drm/amd/display: Refactor DMCUB enter/exit idle interface]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/8e57c06bf4b0f51a4d6958e15e1a99c9520d00fa (6.8-rc1)
+CVE-2023-52624 [drm/amd/display: Wake DMCUB before executing GPINT commands]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/e5ffd1263dd5b44929c676171802e7b6af483f21 (6.8-rc1)
+CVE-2023-52623 [SUNRPC: Fix a suspicious RCU usage warning]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/31b62908693c90d4d07db597e685d9f25a120073 (6.8-rc1)
+CVE-2023-52622 [ext4: avoid online resizing failures due to oversized flex bg]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/5d1935ac02ca5aee364a449a35e2977ea84509b0 (6.8-rc1)
+CVE-2023-52621 [bpf: Check rcu_read_lock_trace_held() before calling bpf map 
helpers]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/169410eba271afc9f0fb476d996795aa26770c6d (6.8-rc1)
 CVE-2024-29735
- airflow  (bug #819700)
 CVE-2024-2889 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b6bbbcf993dd5aea53fc23e9d6ea6bfa70c6f3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b6bbbcf993dd5aea53fc23e9d6ea6bfa70c6f3
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
80fdb946 by Salvatore Bonaccorso at 2024-03-25T20:48:52+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,204 @@
+CVE-2021-47180 [NFC: nci: fix memory leak in nci_allocate_device]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/e0652f8bb44d6294eeeac06d703185357f25d50b (5.13-rc4)
+CVE-2021-47179 [NFSv4: Fix a NULL pointer dereference in 
pnfs_mark_matching_lsegs_return()]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/a421d218603ffa822a0b8045055c03eae394a7eb (5.13-rc4)
+CVE-2021-47178 [scsi: target: core: Avoid smp_processor_id() in preemptible 
code]
+   - linux 5.14.6-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/70ca3c57ff914113f681e657634f7fbfa68e1ad1 (5.13-rc4)
+CVE-2021-47177 [iommu/vt-d: Fix sysfs leak in alloc_iommu()]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/0ee74d5a48635c848c20f152d0d488bf84641304 (5.13-rc4)
+CVE-2021-47176 [s390/dasd: add missing discipline function]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.178-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c0c8a8397fa8a74d04915f4d3d28cb4a5d401427 (5.13-rc4)
+CVE-2021-47175 [net/sched: fq_pie: fix OOB access in the traffic path]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e70f7a11876a1a788ceadf75e9e5f7af2c868680 (5.13-rc4)
+CVE-2021-47174 [netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, 
fallback to non-AVX2 version]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f0b3d338064e1fe7531f0d2977e35f3b334abfb4 (5.13-rc4)
+CVE-2021-47173 [misc/uss720: fix memory leak in uss720_probe]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/dcb4b8ad6a448532d8b681b5d1a7036210b622de (5.13-rc4)
+CVE-2021-47172 [iio: adc: ad7124: Fix potential overflow due to non sequential 
channel numbers]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f2a772c51206b0c3f262e4f6a3812c89a650191b (5.13-rc4)
+CVE-2021-47171 [net: usb: fix memory leak in smsc75xx_bind]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/46a8b29c6306d8bbfd92b614ef65a47c900d8e70 (5.13-rc4)
+CVE-2021-47170 [USB: usbfs: Don't WARN about excessively large memory 
allocations]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de (5.13-rc4)
+CVE-2021-47169 [serial: rp2: use 'request_firmware' instead of 
'request_firmware_nowait']
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/016002848c82eeb5d460489ce392d91fe18c475c (5.13-rc4)
+CVE-2021-47168 [NFS: fix an incorrect limit in filelayout_decode_layout()]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8 (5.13-rc4)
+CVE-2021-47167 [NFS: Fix an Oopsable condition in __nfs_pageio_add_request()]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/56517ab958b7c11030e626250c00b9b1a24b41eb (5.13-rc4)
+CVE-2021-47166 [NFS: Don't corrupt the value of pg_bytes_written in 
nfs_do_recoalesce()]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/0d0ea309357dea0d85a82815f02157eb7fcda39f (5.13-rc4)
+CVE-2021-47165 [drm/meson: fix shutdown crash when component not probed]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2 (5.13-rc4)
+CVE-2021-47164 [net/mlx5e: Fix null deref accessing lag dev]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
39e7cd5d by Salvatore Bonaccorso at 2024-03-21T20:39:50+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,13 @@
+CVE-2024-26643 [netfilter: nf_tables: mark set as dead when unbinding 
anonymous set with timeout]
+   - linux 
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/552705a3650bbf46a22b1adedc1b04181490fc36 (6.8)
+CVE-2024-26642 [netfilter: nf_tables: disallow anonymous set with timeout flag]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/16603605b667b70da974bea8216c93e7db043bf1 (6.8)
+CVE-2023-52620 [netfilter: nf_tables: disallow timeout for anonymous sets]
+   - linux 6.4.4-1
+   NOTE: 
https://git.kernel.org/linus/e26d3009efda338f19016df4175f354a9bd0a4ab (6.4)
 CVE-2024-29131
- commons-configuration2 
[bookworm] - commons-configuration2  (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39e7cd5dee31f5da661b31fc67aaa22609d42f79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39e7cd5dee31f5da661b31fc67aaa22609d42f79
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b586321d by Salvatore Bonaccorso at 2024-03-18T18:07:23+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,101 @@
+CVE-2024-26641 [ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/8d975c15c0cd744000ca386247432d57b21f9df0 (6.8-rc3)
+CVE-2024-26640 [tcp: add sanity checks to rx zerocopy]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/577e4432f3ac810049cb7e6b71f4d96ec7c6e894 (6.8-rc3)
+CVE-2024-26639 [mm, kmsan: fix infinite recursion due to RCU critical section]
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f6564fce256a3944aa1bc76cb3c40e792d97c1eb (6.8-rc3)
+CVE-2024-26638 [nbd: always initialize struct msghdr completely]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/78fbb92af27d0982634116c7a31065f24d092826 (6.8-rc1)
+CVE-2024-26637 [wifi: ath11k: rely on mac80211 debugfs handling for vif]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/556857aa1d0855aba02b1c63bc52b91ec63fc2cc (6.8-rc2)
+CVE-2024-26636 [llc: make llc_ui_sendmsg() more robust against bonding changes]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/dad555c816a50c6a6a8a86be1f9177673918c647 (6.8-rc2)
+CVE-2024-26635 [llc: Drop support for ETH_P_TR_802_2.]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/e3f9bed9bee261e3347131764e42aeedf1ffea61 (6.8-rc2)
+CVE-2024-26634 [net: fix removing a namespace with conflicting altnames]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d09486a04f5da0a812c26217213b89a3b1acf836 (6.8-rc2)
+CVE-2024-26633 [ip6_tunnel: fix NEXTHDR_FRAGMENT handling in 
ip6_tnl_parse_tlv_enc_lim()]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/d375b98e0248980681e5e56b712026174d617198 (6.8-rc1)
+CVE-2024-26632 [block: Fix iterating over an empty bio with 
bio_for_each_folio_all]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7 (6.8-rc1)
+CVE-2024-26631 [ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2e7ef287f07c74985f1bf2858bedc62bd9ebf155 (6.8-rc1)
+CVE-2023-52619 [pstore/ram: Fix crash when setting number of cpus to an odd 
number]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/d49270a04623ce3c0afddbf3e984cb245aa48e9c (6.8-rc1)
+CVE-2023-52618 [block/rnbd-srv: Check for unlikely string overflow]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/9e4bf6a08d1e127bcc4bd72557f2dfafc6bc7f41 (6.8-rc1)
+CVE-2023-52617 [PCI: switchtec: Fix stdev_release() crash after surprise hot 
remove]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/df25461119d987b8c81d232cfe4411e91dcabe66 (6.8-rc1)
+CVE-2023-52616 [crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init]
+   - linux 6.6.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ba3c5574203034781ac4231acf117da917efcd2a (6.8-rc1)
+CVE-2023-52615 [hwrng: core - Fix page fault dead lock on mmap-ed hwrng]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/78aafb3884f6bc6636efcc1760c891c8500b9922 (6.8-rc1)
+CVE-2023-52614 [PM / devfreq: Fix buffer overflow in trans_stat_show]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4 (6.8-rc1)
+CVE-2023-52613 [drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() 
judgment]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a1fd772a by Salvatore Bonaccorso at 2024-03-15T21:49:22+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,100 @@
+CVE-2021-47135 [mt76: mt7921: fix possible AOOB issue in 
mt7921_mcu_tx_rate_report]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d874e6c06952382897d35bf4094193cd44ae91bd (5.13-rc5)
+CVE-2021-47134 [efi/fdt: fix panic when no valid fdt found]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/668a84c1bfb2b3fd5a10847825a854d63fac7baa (5.13-rc5)
+CVE-2021-47133 [HID: amd_sfh: Fix memory leak in amd_sfh_work]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1 (5.13-rc5)
+CVE-2021-47132 [mptcp: fix sk_forward_memory corruption on retransmission]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b5941f066b4ca331db225a976dae1d6ca8cf0ae3 (5.13-rc5)
+CVE-2021-47131 [net/tls: Fix use-after-free after the TLS device goes down and 
up]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4 (5.13-rc5)
+CVE-2021-47130 [nvmet: fix freeing unallocated p2pmem]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/bcd9a0797d73eeff659582f23277e7ab6e5f18f3 (5.13-rc5)
+CVE-2021-47129 [netfilter: nft_ct: skip expectations for confirmed conntrack]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1710eb913bdcda3917f44d383c32de6bdabfc836 (5.13-rc5)
+CVE-2021-47128 [bpf, lockdown, audit: Fix buggy SELinux lockdown permission 
checks]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ff40e51043af63715ab413995ff46996ecf9583f (5.13-rc5)
+CVE-2021-47127 [ice: track AF_XDP ZC enabled queues in bitmap]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e102db780e1c14f10c70dafa7684af22a745b51d (5.13-rc5)
+CVE-2021-47126 [ipv6: Fix KASAN: slab-out-of-bounds Read in 
fib6_nh_flush_exceptions]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754 (5.13-rc5)
+CVE-2021-47125 [sch_htb: fix refcount leak in htb_parent_to_leaf_offload]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/944d671d5faa0d78980a3da5c0f04960ef1ad893 (5.13-rc5)
+CVE-2021-47124 [io_uring: fix link timeout refs]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.70-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82 (5.13-rc2)
+CVE-2021-47123 [io_uring: fix ltout double free on completion race]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/447c19f3b5074409c794b350b10306e1da1ef4ba (5.13-rc2)
+CVE-2021-47122 [net: caif: fix memory leak in caif_device_notify]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/b53558a950a89824938e9811eddfc8efcd94e1bb (5.13-rc5)
+CVE-2021-47121 [net: caif: fix memory leak in cfusbl_device_notify]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb (5.13-rc5)
+CVE-2021-47120 [HID: magicmouse: fix NULL-deref on disconnect]
+   - linux 5.10.46-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497 (5.13-rc5)
+CVE-2021-47119 [ext4: fix memory leak in ext4_fill_super]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/afd09b617db3786b6ef3dc43e28fe728cfea84df (5.13-rc5)
+CVE-2021-47118 [pid: take a reference when initializing `cad_pid`]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f (5.13-rc5)
+CVE-2021-47117 [ext4: fix bug on in ext4_es_cache_extent as 
ext4_split_extent_at failed]
+   - linux 5.10.46-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/082cd4ec240b8734a82a89ffb890216ac98fec68 (5.13-rc5)
+CVE-2021-47116 [ext4: fix memory leak in ext4_mb_init_backend on error path.]
+   - linux 5.10.46-1
+   NOTE: 
https://git.kernel.org/linus/a8867f4e3809050571c98de7a2d465aff5e4daf5 (5.13-rc5)
+CVE-2021-47115 [nfc: fix NULL ptr dereference in 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
212d13a9 by Salvatore Bonaccorso at 2024-03-13T21:16:32+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -107,9 +107,14 @@ CVE-2024-27952 (Improper Neutralization of Input During 
Web Page Generation ('Cr
 CVE-2024-27441
REJECTED
 CVE-2024-26630 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
-   TODO: check
+   - linux 6.7.9-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3a75cb05d53f4a6823a32deb078de1366954a804 (6.8-rc7)
 CVE-2024-26629 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
+   - linux 6.6.15-1
+   NOTE: 
https://git.kernel.org/linus/edcf9725150e42beeca42d085149f4c88fa97afd (6.8-rc2)
 CVE-2024-25155 (In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the 
web server ...)
TODO: check
 CVE-2024-25154 (Improper URL validation leads to path traversal in 
FileCatalyst Direct ...)
@@ -367,7 +372,10 @@ CVE-2023-6785 (The Download Manager plugin for WordPress 
is vulnerable to unauth
 CVE-2023-5663 (The News Announcement Scroll plugin for WordPress is vulnerable 
to SQL ...)
TODO: check
 CVE-2023-52608 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
-   TODO: check
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/437a310b22244d4e0b78665c3042e5d1c0f45306 (6.8-rc2)
 CVE-2023-43043 (IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 
8.11 cou ...)
TODO: check
 CVE-2023-38723 (IBM Maximo Application Suite 7.6.1.3 is vulnerable to stored 
cross-sit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/212d13a99bd6a20810a479c12588c07f24c82666

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/212d13a99bd6a20810a479c12588c07f24c82666
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f4b1b369 by Salvatore Bonaccorso at 2024-03-08T22:15:46+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1333,7 +1333,7 @@ CVE-2023-25176 (in OpenHarmony v3.2.4 and prior versions 
allow a local attacker
 CVE-2019-25210 (An issue was discovered in Cloud Native Computing Foundation 
(CNCF) He ...)
- helm-kubernetes  (bug #910799)
 CVE-2024-26622 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
-   - linux 
+   - linux 6.7.9-1
NOTE: 
https://git.kernel.org/linus/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815 (6.8-rc7)
 CVE-2024-2150 (A vulnerability, which was classified as critical, has been 
found in S ...)
NOT-FOR-US: SourceCodester Insurance Management System



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b1b369b47db164fb21ea42a06694e50c5dad77

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b1b369b47db164fb21ea42a06694e50c5dad77
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e3f072b by Salvatore Bonaccorso at 2024-03-06T08:22:56+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,102 @@
+CVE-2024-26628 [drm/amdkfd: Fix lock dependency warning]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/47bf0f83fc86df1bf42b385a91aadb910137c5c9 (6.8-rc1)
+CVE-2024-26627 [scsi: core: Move scsi_host_busy() out of host lock for waking 
up EH handler]
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4373534a9850627a2695317944898eb1283a2db0 (6.8-rc3)
+CVE-2024-26626 [ipmr: fix kernel panic when forwarding mcast packets]
+   - linux 6.7.7-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e622502c310f1069fd9f41cd38210553115f610a (6.8-rc3)
+CVE-2024-26625 [llc: call sock_orphan() at release time]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/aa2b2eb3934859904c287bf5434647ba72e14c1c (6.8-rc3)
+CVE-2024-26624 [af_unix: fix lockdep positive in sk_diag_dump_icons()]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/4d322dce82a1d44f8c83f0f54f95dd1b8dcf46c9 (6.8-rc3)
+CVE-2024-26623 [pds_core: Prevent race issues involving the adminq]
+   - linux 6.7.7-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/7e82a8745b951b1e794cc780d46f3fbee5e93447 (6.8-rc3)
+CVE-2023-52607 [powerpc/mm: Fix null-pointer dereference in pgtable_cache_add]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/f46c8a75263f97bda13c739ba1c90aced0d3b071 (6.8-rc1)
+CVE-2023-52606 [powerpc/lib: Validate size for vector operations]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/8f9abaa6d7de0a70fc68acaedce290c1f96e2e59 (6.8-rc1)
+CVE-2023-52605 [ACPI: extlog: fix NULL pointer dereference check]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/72d9b9747e78979510e9aafdd32eb99c7aa30dd1 (6.8-rc1)
+CVE-2023-52604 [FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/9862ec7ac1cbc6eb5ee4a045b5d5b8edbb2f7e68 (6.8-rc1)
+CVE-2023-52603 [UBSAN: array-index-out-of-bounds in dtSplitRoot]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/27e56f59bab5ddafbcfe69ad7a4a6ea1279c1b16 (6.8-rc1)
+CVE-2023-52602 [jfs: fix slab-out-of-bounds Read in dtSearch]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/fa5492ee89463a7590a1449358002ff7ef63529f (6.8-rc1)
+CVE-2023-52601 [jfs: fix array-index-out-of-bounds in dbAdjTree]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/74ecdda68242b174920fe7c6133a856fb7d8559b (6.8-rc1)
+CVE-2023-52600 [jfs: fix uaf in jfs_evict_inode]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/e0e1958f4c365e380b17ccb35617345b31ef7bf3 (6.8-rc1)
+CVE-2023-52599 [jfs: fix array-index-out-of-bounds in diNewExt]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/49f9637aafa6e63ba686c13cb8549bf5e6920402 (6.8-rc1)
+CVE-2023-52598 [s390/ptrace: handle setting of fpc register correctly]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/8b13601d19c541158a6e18b278c00ba69ae37829 (6.8-rc1)
+CVE-2023-52597 [KVM: s390: fix setting of fpc register]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/b988b1bb0053c0dcd26187d29ef07566a565cf55 (6.8-rc1)
+CVE-2023-52596 [sysctl: Fix out of bounds access for empty sysctl registers]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/315552310c7de92baea4e570967066569937a843 (6.8-rc1)
+CVE-2023-52595 [wifi: rt2x00: restart beacon queue when hardware reset]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/a11d965a218f0cd95b13fe44d0bcd8a20ce134a8 (6.8-rc1)
+CVE-2023-52594 [wifi: ath9k: Fix potential array-index-out-of-bounds read in 
ath9k_htc_txstatus()]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/2adc886244dff60f948497b59affb6c6ebb3c348 (6.8-rc1)
+CVE-2023-52593 [wifi: wfx: fix possible NULL pointer dereference in 
wfx_set_mfp_ap()]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d (6.8-rc1)
+CVE-2023-52592 [libbpf: Fix NULL pointer dereference in 
bpf_object__collect_prog_relos]
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/fc3a5534e2a8855427403113cbeb54af5837bbe0 (6.8-rc1)
+CVE-2023-52591 [reiserfs: Avoid touching renamed directory if parent does not 
change]
+   

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
88a4a78d by Salvatore Bonaccorso at 2024-03-05T13:00:36+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,13 @@
+CVE-2022-48630 [crypto: qcom-rng - fix infinite loop on requests not multiple 
of WORD_SZ]
+   - linux 5.17.11-1
+   [bullseye] - linux 5.10.120-1
+   [buster] - linux 4.19.249-1
+   NOTE: 
https://git.kernel.org/linus/16287397ec5c08aa58db6acf7dbc55470d78087d (5.18)
+CVE-2022-48629 [crypto: qcom-rng - ensure buffer for generate is completely 
filled]
+   - linux 5.16.18-1
+   [bullseye] - linux 5.10.113-1
+   [buster] - linux 4.19.249-1
+   NOTE: 
https://git.kernel.org/linus/a680b1832ced3b5fa7c93484248fd221ea0d614b (5.17)
 CVE-2024-27308 [RUSTSEC-2024-0019]
- rust-mio  (Windows-specific)
- rust-mio-0.6  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88a4a78d9bf0969f9b9863651f0e1cd8d5821075

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88a4a78d9bf0969f9b9863651f0e1cd8d5821075
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4496ffc1 by Salvatore Bonaccorso at 2024-03-04T20:48:22+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,133 @@
+CVE-2021-47108 [drm/mediatek: hdmi: Perform NULL pointer check for 
mtk_hdmi_conf]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3b8e19a0aa3933a785be9f1541afd8d398c4ec69 (5.16-rc7)
+CVE-2021-47107 [NFSD: Fix READDIR buffer overflow]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/53b1119a6e5028b125f431a0116ba73510d82a72 (5.16-rc7)
+CVE-2021-47106 [netfilter: nf_tables: fix use-after-free in 
nft_set_catchall_destroy()]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0f7d9b31ce7abdbb29bf018131ac920c9f698518 (5.16-rc7)
+CVE-2021-47105 [ice: xsk: return xsk buffers back to pool when cleaning the 
ring]
+   - linux 5.15.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05 (5.16-rc7)
+CVE-2021-47104 [IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/bee90911e0138c76ee67458ac0d58b38a3190f65 (5.16-rc7)
+CVE-2021-47103 [inet: fully convert sk->sk_rx_dst to RCU rules]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.158-1
+   [buster] - linux 4.19.269-1
+   NOTE: 
https://git.kernel.org/linus/8f905c0e7354ef261360fb7535ea079b1082c105 (5.16-rc7)
+CVE-2021-47102 [net: marvell: prestera: fix incorrect structure access]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2efc2256febf214e7b2bdaa21fe6c3c3146acdcb (5.16-rc7)
+CVE-2021-47101 [asix: fix uninit-value in asix_mdio_read()]
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 (5.16-rc7)
+CVE-2021-47100 [ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler 
module]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/ffb76a86f8096a8206be03b14adda6092e18e275 (5.16-rc7)
+CVE-2021-47099 [veth: ensure skb entering GRO are not cloned.]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9695b7de5b4760ed22132aca919570c0190cb0ce (5.16-rc7)
+CVE-2021-47098 [hwmon: (lm90) Prevent integer overflow/underflow in hysteresis 
calculations]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/55840b9eae5367b5d5b29619dc2fb7e4596dba46 (5.16-rc7)
+CVE-2021-47097 [Input: elantech - fix stack out of bound access in 
elantech_change_report_id()]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1d72d9f960ccf1052a0630a68c3d358791dbdaaa (5.16-rc7)
+CVE-2021-47096 [ALSA: rawmidi - fix the uninitalized user_pversion]
+   - linux 5.15.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/39a8fc4971a00d22536aeb7d446ee4a97810611b (5.16-rc7)
+CVE-2021-47095 [ipmi: ssif: initialize ssif_info->client early]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/34f35f8f14bc406efc06ee4ff73202c6fd245d15 (5.16-rc7)
+CVE-2021-47094 [KVM: x86/mmu: Don't advance iterator after restart due to 
yielding]
+   - linux 5.15.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3a0f64de479cae75effb630a2e0a237ca0d0623c (5.16-rc7)
+CVE-2021-47093 [platform/x86: intel_pmc_core: fix memleak on registration 
failure]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/26a8b09437804fabfb1db080d676b96c0de68e7c (5.16-rc7)
+CVE-2021-47092 [KVM: VMX: Always clear 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7e16325c by Salvatore Bonaccorso at 2024-03-04T08:09:50+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,6 @@
+CVE-2024-26622 [tomoyo: fix UAF write bug in tomoyo_write_control()]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815 (6.8-rc7)
 CVE-2024-2150 (A vulnerability, which was classified as critical, has been 
found in S ...)
NOT-FOR-US: SourceCodester Insurance Management System
 CVE-2024-2149 (A vulnerability classified as critical was found in CodeAstro 
Membersh ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e16325cd3fcdd603136bb978d72507157fe24aa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e16325cd3fcdd603136bb978d72507157fe24aa
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0b4fc18e by Salvatore Bonaccorso at 2024-03-03T08:13:55+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,334 @@
+CVE-2024-26621 [mm: huge_memory: don't force huge page alignment on 32 bit]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4ef9ad19e17676b9ef071309bc62020e2373705d (6.8-rc3)
+CVE-2023-52582 [netfs: Only call folio_start_fscache() one time for each folio]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/df1c357f25d808e30b216188330e708e09e1a412 (6.6-rc3)
+CVE-2023-52581 [netfilter: nf_tables: fix memleak when more than 255 elements 
expired]
+   - linux 6.5.6-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cf5000a7787cbc10341091d37245a42c119d26c5 (6.6-rc3)
+CVE-2023-52580 [net/core: Fix ETH_P_1588 flow dissector]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/75ad80ed88a182ab2ad5513e448cf07b403af5c3 (6.6-rc3)
+CVE-2023-52579 [ipv4: fix null-deref in ipv4_link_failure]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3)
+CVE-2023-52578 [net: bridge: use DEV_STATS_INC()]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/44bdb313da57322c9b3c108eb66981c6ec6509f4 (6.6-rc3)
+CVE-2023-52577 [dccp: fix dccp_v4_err()/dccp_v6_err() again]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/6af289746a636f71f4c0535a9801774118486c7a (6.6-rc3)
+CVE-2023-52576 [x86/mm, kexec, ima: Use memblock_free_late() from 
ima_free_kexec_buffer()]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/34cf99c250d5cd2530b93a57b0de31d3aaf8685b (6.6-rc3)
+CVE-2023-52575 [x86/srso: Fix SBPB enablement for spec_rstack_overflow=off]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/01b057b2f4cc2d905a0bd92195657dbd9a7005ab (6.6-rc3)
+CVE-2023-52574 [team: fix null-ptr-deref when team device type is changed]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/492032760127251e5540a5716a70996bacf2a3fd (6.6-rc3)
+CVE-2023-52573 [net: rds: Fix possible NULL-pointer dereference]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f1d95df0f31048f1c59092648997686e3f7d9478 (6.6-rc3)
+CVE-2023-52572 [cifs: Fix UAF in cifs_demultiplex_thread()]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/d527f51331cace562393a8038d870b3e9916686f (6.6-rc3)
+CVE-2023-52571 [power: supply: rk817: Fix node refcount leak]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/488ef44c068e79752dba8eda0b75f524f111a695 (6.6-rc4)
+CVE-2023-52570 [vfio/mdev: Fix a null-ptr-deref bug for 
mdev_unregister_parent()]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c777b11d34e0f47dbbc4b018ef65ad030f2b283a (6.6-rc4)
+CVE-2023-52569 [btrfs: remove BUG() after failure to insert delayed dir index 
item]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9 (6.6-rc2)
+CVE-2023-52568 [x86/sgx: Resolves SECS 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4524933c by Salvatore Bonaccorso at 2024-03-02T09:07:53+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -509,7 +509,7 @@ CVE-2023-52486 (In the Linux kernel, the following 
vulnerability has been resolv
[bookworm] - linux 6.1.76-1
NOTE: 
https://git.kernel.org/linus/cb4daf271302d71a6b9a7c01bd0b6d76febd8f0c (6.8-rc1)
 CVE-2023-52485 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   - linux 
+   - linux 6.7.7-1
NOTE: 
https://git.kernel.org/linus/8892780834ae294bc3697c7d0e056d7743900b39 (6.8-rc1)
 CVE-2024-0074
- nvidia-graphics-drivers  (bug #1064983)
@@ -2046,7 +2046,7 @@ CVE-2019-25160 (In the Linux kernel, the following 
vulnerability has been resolv
- linux 4.19.28-1
NOTE: 
https://git.kernel.org/linus/5578de4834fe0f2a34fedc7374be691443396d1f (5.0)
 CVE-2024-26606 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   - linux 
+   - linux 6.7.7-1
NOTE: 
https://git.kernel.org/linus/97830f3c3088638ff90b20dfba2eb4d487bf14d7 (6.8-rc3)
 CVE-2024-27456 (rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 
permissions for th ...)
- ruby-rack-cors  (bug #1064862)
@@ -2168,28 +2168,28 @@ CVE-2023-38359 (IBM Cognos Analytics 11.1.7, 11.2.4, 
and 12.0.0 is vulnerable to
 CVE-2023-32344 (IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable 
to form  ...)
NOT-FOR-US: IBM
 CVE-2024-26600 (In the Linux kernel, the following vulnerability has been 
resolved:  p ...)
-   - linux 
+   - linux 6.7.7-1
NOTE: 
https://git.kernel.org/linus/7104ba0f1958adb250319e68a15eff89ec4fd36d (6.8-rc3)
 CVE-2024-26601 (In the Linux kernel, the following vulnerability has been 
resolved:  e ...)
-   - linux 
+   - linux 6.7.7-1
[buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/c9b528c35795b711331ed36dc3dbee90d5812d4e (6.8-rc3)
 CVE-2024-26602 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
-   - linux 
-   NOTE: 
https://git.kernel.org/linus/944d5fe50f3f03daacfea16300e656a1691c4a23
+   - linux 6.7.7-1
+   NOTE: 
https://git.kernel.org/linus/944d5fe50f3f03daacfea16300e656a1691c4a23 (6.8-rc6)
 CVE-2024-26603 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
-   - linux 
+   - linux 6.7.7-1
[bullseye] - linux  (Vulnerable code not present)
[buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/d877550eaf2dc9090d782864c96939397a3c6835 (6.8-rc4)
 CVE-2024-26604 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
-   - linux 
+   - linux 6.7.7-1
[bookworm] - linux  (Vulnerable code not present)
[bullseye] - linux  (Vulnerable code not present)
[buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c (6.8-rc5)
 CVE-2024-26605 (In the Linux kernel, the following vulnerability has been 
resolved:  P ...)
-   - linux 
+   - linux 6.7.7-1
[bullseye] - linux  (Vulnerable code not present)
[buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/1e560864159d002b453da42bd2c13a1805515a20 (6.8-rc3)
@@ -2345,7 +2345,7 @@ CVE-2024-26598 (In the Linux kernel, the following 
vulnerability has been resolv
[bullseye] - linux 5.10.209-1
NOTE: 
https://git.kernel.org/linus/ad362fe07fecf0aba839ff2cc59a3617bd42c33f (6.8-rc1)
 CVE-2024-26596 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   - linux 
+   - linux 6.7.7-1
[bullseye] - linux  (Vulnerable code not present)
[buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/844f104790bd69c2e4dbb9ee3eba46fde1fcea7b (6.8-rc1)
@@ -2405,7 +2405,8 @@ CVE-2024-22025
NOTE: 
https://github.com/nodejs/node/commit/f31d47e135973746c4f490d5eb635eded8bb3dda 
(v18.x)
NOTE: 
https://github.com/nodejs/node/commit/9052ef43dc2d1b0db340591a9bc9e45a25c01d90 
(main)
 CVE-2024-26593 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
-   - linux 
+   - linux 6.7.7-1
+   [buster] - linux  (Vulnerable code not present)
NOTE: 
https://git.kernel.org/linus/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21 (6.8-rc5)
 CVE-2024-23807 (The Apache Xerces C++ XML parser on versions 3.0.0 before 
3.2.5 contai ...)
NOTE: No change CVE assignment to clarify affected versions for 
CVE-2018-1311
@@ -2855,18 +2856,18 @@ CVE-2023-6477 (An issue has been discovered in GitLab 
EE affecting all 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6170a53b by Salvatore Bonaccorso at 2024-03-01T22:46:55+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,49 @@
+CVE-2021-47081 [habanalabs/gaudi: Fix a potential use after free in 
gaudi_memset_device_memory]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/115726c5d312b462c9d9931ea42becdfa838a076 (5.13-rc3)
+CVE-2021-47080 [RDMA/core: Prevent divide-by-zero error triggered by the user]
+   - linux 5.10.40-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/54d87913f147a983589923c7f651f97de9af5be1 (5.13-rc3)
+CVE-2021-47079 [platform/x86: ideapad-laptop: fix a NULL pointer dereference]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ff67dbd554b2aaa22be933eced32610ff90209dd (5.13-rc3)
+CVE-2021-47078 [RDMA/rxe: Clear all QP fields if creation failed]
+   - linux 5.10.40-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/67f29896fdc83298eed5a6576ff8f9873f709228 (5.13-rc3)
+CVE-2021-47077 [scsi: qedf: Add pointer checks in qedf_update_link_speed()]
+   - linux 5.10.40-1
+   NOTE: 
https://git.kernel.org/linus/73578af92a0fae6609b955fcc9113e50e413c80f (5.13-rc3)
+CVE-2021-47076 [RDMA/rxe: Return CQE error if invalid lkey was supplied]
+   - linux 5.14.6-1
+   NOTE: 
https://git.kernel.org/linus/dc07628bd2bbc1da768e265192c28ebd301f509d (5.13-rc3)
+CVE-2021-47075 [nvmet: fix memory leak in nvmet_alloc_ctrl()]
+   - linux 5.10.40-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/fec356a61aa3d3a66416b4321f1279e09e0f256f (5.13-rc3)
+CVE-2021-47074 [nvme-loop: fix memory leak in nvme_loop_create_ctrl()]
+   - linux 5.10.40-1
+   NOTE: 
https://git.kernel.org/linus/03504e3b54cc8118cc26c064e60a0b00c2308708 (5.13-rc3)
+CVE-2021-47073 [platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios]
+   - linux 5.10.40-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/3a53587423d25c87af4b4126a806a0575104b45e (5.13-rc3)
+CVE-2021-47072 [btrfs: fix removed dentries still existing after log is synced]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/54a40fc3a1da21b52dbf19f72fdc27a2ec740760 (5.13-rc3)
+CVE-2021-47071 [uio_hv_generic: Fix a memory leak in error handling paths]
+   - linux 5.10.40-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3ee098f96b8b6c1a98f7f97915f8873164e6af9d (5.13-rc3)
+CVE-2021-47070 [uio_hv_generic: Fix another memory leak in error handling 
paths]
+   - linux 5.14.6-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0b0226be3a52dadd965644bc52a807961c2c26df (5.13-rc3)
+CVE-2021-47069 [ipc/mqueue, msg, sem: avoid relying on a stack reference past 
its expiry]
+   - linux 5.10.40-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a11ddb37bf367e6b5239b95ca759e5389bb46048 (5.13-rc3)
 CVE-2024-2078 (A Cross-Site Scripting (XSS) vulnerability has been found in 
HelpDeskZ ...)
NOT-FOR-US: HelpDeskZ
 CVE-2024-2077 (A vulnerability classified as critical has been found in 
SourceCodeste ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cc6af110 by Salvatore Bonaccorso at 2024-03-01T00:06:46+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,59 @@
+CVE-2021-47068 [net/nfc: fix use-after-free llcp_sock_bind/connect]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 (5.13-rc1)
+CVE-2021-47067 [soc/tegra: regulators: Fix locking up when voltage-spread is 
out of range]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ef85bb582c41524e9e68dfdbde48e519dac4ab3d (5.13-rc1)
+CVE-2021-47066 [async_xor: increase src_offs when dropping destination page]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ceaf2966ab082bbc4d26516f97b3ca8a676e2af8 (5.13-rc1)
+CVE-2021-47065 [rtw88: Fix array overrun in rtw_get_tx_power_params()]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e (5.13-rc1)
+CVE-2021-47064 [mt76: fix potential DMA mapping leak]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b4403cee6400c5f679e9c4a82b91d61aa961eccf (5.13-rc1)
+CVE-2021-47063 [drm: bridge/panel: Cleanup connector on bridge detach]
+   - linux 5.10.38-1
+   NOTE: 
https://git.kernel.org/linus/4d906839d321c2efbf3fed4bc31ffd9ff55b75c0 (5.13-rc1)
+CVE-2021-47062 [KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over 
vCPUs]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1 (5.13-rc1)
+CVE-2021-47061 [KVM: Destroy I/O bus devices on unregister failure _after_ 
sync'ing SRCU]
+   - linux 5.10.38-1
+   NOTE: 
https://git.kernel.org/linus/2ee3757424be7c1cd1d0bbfa6db29a7edd82a250 (5.13-rc1)
+CVE-2021-47060 [KVM: Stop looking for coalesced MMIO zones if the bus is 
destroyed]
+   - linux 5.10.38-1
+   NOTE: 
https://git.kernel.org/linus/5d3c4c79384af06e3c8e25b7770b6247496b4417 (5.13-rc1)
+CVE-2021-47059 [crypto: sun8i-ss - fix result memory leak on error path]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1dbc6a1e25be8575d6c4114d1d2b841a796507f7 (5.13-rc1)
+CVE-2021-47058 [regmap: set debugfs_name to NULL after it is freed]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/e41a962f82e7afb5b1ee644f48ad0b3aee656268 (5.13-rc1)
+CVE-2021-47057 [crypto: sun8i-ss - Fix memory leak of object d when dma_iv 
fails to map]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/98b5ef3e97b16eaeeedb936f8bda3594ff84a70e (5.13-rc1)
+CVE-2021-47056 [crypto: qat - ADF_STATUS_PF_RUNNING should be set after 
adf_dev_init]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/8609f5cfdc872fc3a462efa6a3eca5cb1e2f6446 (5.13-rc1)
+CVE-2021-47055 [mtd: require write permissions for locking and badblock ioctls]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/1e97743fd180981bef5f01402342bb54bf1c6366 (5.13-rc1)
+CVE-2021-47054 [bus: qcom: Put child node before return]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/ac6ad7c2a862d682bb584a4bc904d89fa7721af8 (5.13-rc1)
 CVE-2021-47020 [soundwire: stream: fix memory leak in stream config error path]
- linux 5.10.38-1
[buster] - linux 4.19.194-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6af1107bed628b4ba7ca6c9d9078ac0dfe86f6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6af1107bed628b4ba7ca6c9d9078ac0dfe86f6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
78cf3c5c by Salvatore Bonaccorso at 2024-02-29T23:44:28+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,15 @@
+CVE-2021-47020 [soundwire: stream: fix memory leak in stream config error path]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/48f17f96a81763c7c8bf5500460a359b9939359f (5.13-rc1)
+CVE-2021-47016 [m68k: mvme147,mvme16x: Don't wipe PCC timer config bits]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/43262178c043032e7c42d00de44c818ba05f9967 (5.13-rc1)
+CVE-2021-46959 [spi: Fix use-after-free with devm_spi_alloc_*]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/794aaf01444d4e765e2b067cba01cc69c1c68ed9 (5.13-rc1)
 CVE-2024-2009 (A vulnerability was found in Nway Pro 9. It has been rated as 
problema ...)
NOT-FOR-US: Nway Pro
 CVE-2024-2007 (A vulnerability was found in OpenBMB XAgent 1.0.0. It has been 
declare ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78cf3c5cc38b7251ef235b6901fc06a912d30e92

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78cf3c5cc38b7251ef235b6901fc06a912d30e92
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
211bfe4d by Salvatore Bonaccorso at 2024-02-29T19:22:09+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,138 @@
+CVE-2024-26620 [s390/vfio-ap: always filter entire AP matrix]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/850fb7fa8c684a4c6bf0e4b6978f4ddcc5d43d11 (6.8-rc1)
+CVE-2024-26619 [riscv: Fix module loading free order]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/78996eee79ebdfe8b6f0e54cb6dcc792d5129291 (6.8-rc1)
+CVE-2024-26618 [arm64/sme: Always exit sme_alloc() early with existing storage]
+   - linux 6.6.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/dc7eb8755797ed41a0d1b5c0c39df3c8f401b3d9 (6.8-rc1)
+CVE-2024-26617 [fs/proc/task_mmu: move mmu notification mechanism inside mm 
lock]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4cccb6221cae6d020270606b9e52b1678fc8b71a (6.8-rc1)
+CVE-2024-26616 [btrfs: scrub: avoid use-after-free when chunk length is not 
64K aligned]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f546c4282673497a06ecb6190b50ae7f6c85b02f (6.8-rc2)
+CVE-2024-26615 [net/smc: fix illegal rmb_desc access in SMC-D connection dump]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/dbc153fd3c142909e564bb256da087e13fbf239c (6.8-rc2)
+CVE-2024-26614 [tcp: make sure init the accept_queue's spinlocks once]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/198bc90e0e734e5f98c3d2833e8390cac3df61b2 (6.8-rc2)
+CVE-2024-26613 [net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/13e788deb7348cc88df34bed736c3b3b9927ea52 (6.8-rc2)
+CVE-2024-26612 [netfs, fscache: Prevent Oops in fscache_put_cache()]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3be0b3ed1d76c6703b9ee482b55f7e01c369cc68 (6.8-rc2)
+CVE-2024-26611 [xsk: fix usage of multi-buffer BPF helpers for ZC XDP]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c5114710c8ce86b8317e9b448f4fd15c711c2a82 (6.8-rc2)
+CVE-2024-26610 [wifi: iwlwifi: fix a memory corruption]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d (6.8-rc2)
+CVE-2024-26609 [netfilter: nf_tables: reject QUEUE/DROP verdict parameters]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/f342de4e2f33e0e39165d8639387aa6c19dff660 (6.8-rc2)
+CVE-2024-26608 [ksmbd: fix global oob in ksmbd_nl_policy]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ebeae8adf89d9a82359f6659b1663d09beec2faa (6.8-rc2)
+CVE-2024-26607 [drm/bridge: sii902x: Fix probing race issue]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/08ac6f132dd77e40f786d8af51140c96c6d739c9 (6.8-rc2)
+CVE-2023-52498 [PM: sleep: Fix possible deadlocks in core system-wide PM code]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/7839d0078e0d5e6cc2fa0b0dfbee71de74f1e557 (6.8-rc1)
+CVE-2023-52497 [erofs: fix lz4 inplace decompression]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3c12466b6b7bf1e56f9b32c366a3d83d87afb4de (6.8-rc1)
+CVE-2023-52496 [mtd: maps: vmu-flash: Fix the (mtd core) switch to ref 
counters]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
99063e80 by Salvatore Bonaccorso at 2024-02-29T07:55:45+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,51 @@
+CVE-2023-52484 [iommu/arm-smmu-v3: Fix soft lockup triggered by 
arm_smmu_mm_invalidate_range]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/d5afb4b47e13161b3f33904d45110f9e6463bad6 (6.6-rc5)
+CVE-2023-52483 [mctp: perform route lookups under a RCU read-side lock]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5093bbfc10ab6636b32728e35813cbd79feb063c (6.6-rc6)
+CVE-2023-52482 [x86/srso: Add SRSO mitigation for Hygon processors]
+   - linux 6.5.6-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/a5ef7d68cea1344cf524f04981c2b3f80bedbb0d (6.6-rc4)
+CVE-2023-52481 [arm64: errata: Add Cortex-A520 speculative unprivileged load 
workaround]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/471470bc7052d28ce125901877dd10e4c048e513 (6.6-rc5)
+CVE-2023-52480 [ksmbd: fix race condition between session lookup and expire]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/53ff5cf89142b978b1a5ca8dc4d4425e6a09745f (6.6-rc5)
+CVE-2023-52479 [ksmbd: fix uaf in smb20_oplock_break_ack]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/c69813471a1ec081a0b9bf0c6bd7e8afd818afce (6.6-rc5)
+CVE-2023-52478 [HID: logitech-hidpp: Fix kernel crash on receiver USB 
disconnect]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/dac501397b9d81e4782232c39f94f4307b137452 (6.6-rc6)
+CVE-2023-52477 [usb: hub: Guard against accesses to uninitialized BOS 
descriptors]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/f74a7afc224acd5e922c7a2e52244d891bbe44ee (6.6-rc6)
+CVE-2023-52476 [perf/x86/lbr: Filter vsyscall addresses]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   NOTE: 
https://git.kernel.org/linus/e53899771a02f798d436655efbd9d4b46c0f9265 (6.6-rc6)
+CVE-2023-52475 [Input: powermate - fix use-after-free in 
powermate_config_complete]
+   - linux 6.5.8-1
+   [bookworm] - linux 6.1.64-1
+   [bullseye] - linux 5.10.205-1
+   [buster] - linux 4.19.304-1
+   NOTE: 
https://git.kernel.org/linus/5c15c60e7be615f05a45cd905093a54b11f461bc (6.6-rc6)
 CVE-2024-27948 (Cross-Site Request Forgery (CSRF) vulnerability in bytesforall 
Atahual ...)
NOT-FOR-US: bytesforall Atahualpa
 CVE-2024-27517 (Webasyst 2.9.9 has a Cross-Site Scripting (XSS) vulnerability, 
Attacke ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99063e807c4c4711fefec9c610d2cc1beee2536a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99063e807c4c4711fefec9c610d2cc1beee2536a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4ff8e90b by Salvatore Bonaccorso at 2024-02-28T14:18:55+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,324 @@
+CVE-2021-47053 [crypto: sun8i-ss - Fix memory leak of pad]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/50274b01ac1689b1a3f6bc4b5b3dbf361a55dd3a (5.13-rc1)
+CVE-2021-47052 [crypto: sa2ul - Fix memory leak of rxd]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/854b7737199848a91f6adfa0a03cf6f0c46c86e8 (5.13-rc1)
+CVE-2021-47051 [spi: fsl-lpspi: Fix PM reference leak in 
lpspi_prepare_xfer_hardware()]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a03675497970a93fcf25d81d9d92a59c2d7377a7 (5.13-rc1)
+CVE-2021-47050 [memory: renesas-rpc-if: fix possible NULL pointer dereference 
of resource]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/59e27d7c94aa02da039b000d33c304c179395801 (5.13-rc1)
+CVE-2021-47049 [Drivers: hv: vmbus: Use after free in __vmbus_open()]
+   - linux 5.10.38-1
+   NOTE: 
https://git.kernel.org/linus/3e9bf43f7f7a46f21ec071cb47be92d0874c48da (5.13-rc1)
+CVE-2021-47048 [spi: spi-zynqmp-gqspi: fix use-after-free in 
zynqmp_qspi_exec_op]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58 (5.13-rc1)
+CVE-2021-47047 [spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/126bdb606fd2802454e6048caef1be3e25dd121e (5.13-rc1)
+CVE-2021-47046 [drm/amd/display: Fix off by one in 
hdmi_14_process_transaction()]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8e6fafd5a22e7a2eb216f5510db7aab54cc545c1 (5.13-rc1)
+CVE-2021-47045 [scsi: lpfc: Fix null pointer dereference in 
lpfc_prep_els_iocb()]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8dd1c125f7f838abad009b64bff5f0a11afe3cb6 (5.13-rc1)
+CVE-2021-47044 [sched/fair: Fix shift-out-of-bounds in load_balance()]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/39a2a6eb5c9b66ea7c8055026303b3aa681b49a5 (5.13-rc1)
+CVE-2021-47043 [media: venus: core: Fix some resource leaks in the error path 
of 'venus_probe()']
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/5a465c5391a856a0c1e9554964d660676c35d1b2 (5.13-rc1)
+CVE-2021-47042 [drm/amd/display: Free local data after use]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/616cf23b6cf40ad6f03ffbddfa1b6c4eb68d8ae1 (5.13-rc1)
+CVE-2021-47041 [nvmet-tcp: fix incorrect locking in state_change sk callback]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b5332a9f3f3d884a1b646ce155e664cc558c1722 (5.13-rc1)
+CVE-2021-47040 [io_uring: fix overflows checks in provide buffers]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/38134ada0ceea3e848fe993263c0ff6207fd46e7 (5.13-rc1)
+CVE-2021-47039 [ataflop: potential out of bounds in do_format()]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1ffec389a6431782a8a28805830b6fae9bf00af1 (5.13-rc1)
+CVE-2021-47038 [Bluetooth: avoid deadlock between hci_dev->lock and socket 
lock]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/17486960d79b900c45e0bb8fbcac0262848582ba (5.13-rc1)
+CVE-2021-47037 [ASoC: q6afe-clocks: fix reprobing of the driver]
+   - linux 5.14.6-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/96fadf7e8ff49fdb74754801228942b67c3eeebd (5.13-rc4)
+CVE-2021-47036 [udp: skip L4 aggregation for UDP tunnel packets]
+   - linux 5.14.6-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/18f25dc399901426dff61e676ba603ff52c666f7 (5.13-rc1)
+CVE-2021-47035 [iommu/vt-d: Remove WO permissions on second-level paging 
entries]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
11fb63cc by Salvatore Bonaccorso at 2024-02-28T08:36:14+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,14 @@
+CVE-2021-46969 [bus: mhi: core: Fix invalid error returning in mhi_queue]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0ecc1c70dcd32c0f081b173a1a5d89952686f271 (5.13-rc1)
+CVE-2021-46972 [ovl: fix leaked dentry]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41 (5.13-rc1)
+CVE-2021-46973 [net: qrtr: Avoid potential use after free in MHI send]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/47a017f33943278570c072bc71681809b2567b3a (5.13-rc1)
 CVE-2021-46958 [btrfs: fix race between transaction aborts and fsyncs leading 
to use-after-free]
- linux 5.10.38-1
[buster] - linux  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11fb63cc89bfa51be34e02438a9f725bb13d60a9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11fb63cc89bfa51be34e02438a9f725bb13d60a9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bba9239b by Salvatore Bonaccorso at 2024-02-27T21:22:36+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,127 @@
+CVE-2021-46975 [netfilter: conntrack: Make global sysctls readonly in non-init 
netns]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2671fa4dc0109d3fb581bc3078fdf17b5d9080f6 (5.13-rc1)
+CVE-2021-46974 [bpf: Fix masking negation logic upon negative dst register]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/b9b34ddbe2076ade359cd5ce7537d5ed019e9807 (5.13-rc1)
+CVE-2021-46971 [perf/core: Fix unconditional security_locked_down() call]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b (5.13-rc1)
+CVE-2021-46970 [bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state 
workqueue]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0fccbf0a3b690b162f53b13ed8bc442ea33437dc (5.13-rc1)
+CVE-2021-46968 [s390/zcrypt: fix zcard and zqueue hot-unplug memleak]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/70fac8088cfad9f3b379c9082832b4d7532c16c2 (5.13-rc1)
+CVE-2021-46967 [vhost-vdpa: fix vm_flags for virtqueue doorbell mapping]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44 (5.13-rc1)
+CVE-2021-46966 [ACPI: custom_method: fix potential use-after-free issue]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/e483bb9a991bdae29a0caa4b3a6d002c968f94aa (5.13-rc1)
+CVE-2021-46965 [mtd: physmap: physmap-bt1-rom: Fix unintentional stack access]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/683313993dbe1651c7aa00bb42a041d70e914925 (5.13-rc1)
+CVE-2021-46964 [scsi: qla2xxx: Reserve extra IRQ vectors]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/f02d4086a8f36a0e1aaebf559b54cf24a177a486 (5.13-rc1)
+CVE-2021-46963 [scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/6641df81ab799f28a5d564f860233dd26cca0d93 (5.13-rc1)
+CVE-2021-46962 [mmc: uniphier-sd: Fix a resource leak in the remove function]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/e29c84857e2d51aa017ce04284b962742fb97d9e (5.13-rc1)
+CVE-2021-46961 [irqchip/gic-v3: Do not enable irqs when handling spurious 
interrups]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a97709f563a078e259bf0861cd259aa60332890a (5.13-rc1)
+CVE-2021-46960 [cifs: Return correct error code from smb2_get_enc_key]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/83728cbf366e334301091d5b808add468ab46b27 (5.13-rc1)
+CVE-2021-46955 [openvswitch: fix stack OOB read while fragmenting IPv4 packets]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/7c0ea5930c1c211931819d83cfb157bff1539a4c (5.13-rc1)
+CVE-2021-46954 [net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 
packets]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/31fe34a0118e0acc958c802e830ad5d37ef6b1d3 (5.13-rc1)
+CVE-2021-46953 [ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe 
failure]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/1ecd5b129252249b9bc03d7645a7bda512747277 (5.13-rc1)
+CVE-2021-46952 [NFS: fs_context: validate UDP retrans to prevent shift 
out-of-bounds]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c09f11ef35955785f92369e25819bf0629df2e59 (5.13-rc1)
+CVE-2021-46951 [tpm: efi: Use local variable for calculating final log size]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/48cff270b037022e37835d93361646205ca25101 (5.13-rc1)
+CVE-2021-46950 [md/raid1: properly indicate failure when ending a failed write 
request]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1fc3fcd9 by Salvatore Bonaccorso at 2024-02-27T17:51:21+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -66,18 +66,95 @@ CVE-2023-41506 (An arbitrary file upload vulnerability in 
the Update/Edit Studen
NOT-FOR-US: Update/Edit Student's Profile Picture function of Student 
Enrollment In PHP
 CVE-2023-36237 (Cross Site Request Forgery vulnerability in Bagisto before 
v.1.5.1 all ...)
NOT-FOR-US: Bagisto
-CVE-2021-46920 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
-CVE-2021-46919 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
-CVE-2021-46918 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
-CVE-2021-46917 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
-   TODO: check
-CVE-2021-46916 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
-   TODO: check
-CVE-2021-46914 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
-   TODO: check
+CVE-2021-46937 [mm/damon/dbgfs: fix 'struct pid' leaks in 
'dbgfs_target_ids_write()']
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/ebb3f994dd92f8fb4d70c7541091216c1e10cb71 (5.16-rc8)
+CVE-2021-46936 [net: fix use-after-free in tw_timer_handler]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/e22e45fc9e41bf9fcc1e92cfb78eb92786728ef0 (5.16-rc8)
+CVE-2021-46935 [binder: fix async_free_space accounting for empty parcels]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/cfd0d84ba28c18b531648c9d4a35ecca89ad9901 (5.16-rc8)
+CVE-2021-46934 [i2c: validate user data in compat ioctl]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/bb436283e25aaf1533ce061605d23a9564447bdf (5.16-rc8)
+CVE-2021-46933 [usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/b1e0887379422975f237d43d8839b751a6bcf154 (5.16-rc8)
+CVE-2021-46932 [Input: appletouch - initialize work before device registration]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (5.16-rc8)
+CVE-2021-46931 [net/mlx5e: Wrap the tx reporter dump callback to extract the 
sq]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   NOTE: 
https://git.kernel.org/linus/918fc3855a6507a200e9cf22c20be852c0982687 (5.16-rc8)
+CVE-2021-46930 [usb: mtu3: fix list_head check warning]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   NOTE: 
https://git.kernel.org/linus/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf (5.16-rc8)
+CVE-2021-46929 [sctp: use call_rcu to free endpoint]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/5ec7d18d1813a5bead0b495045606c93873aecbb (5.16-rc8)
+CVE-2021-46928 [parisc: Clear stale IIR value on instruction access rights 
trap]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   NOTE: 
https://git.kernel.org/linus/484730e5862f6b872dca13840bed40fd7c60fa26 (5.16-rc7)
+CVE-2021-46927 [nitro_enclaves: Use get_user_pages_unlocked() call to handle 
mmap assert]
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/3a0152b219523227c2a62a0a122cf99608287176 (5.16-rc8)
+CVE-2021-46926 [ALSA: hda: intel-sdw-acpi: harden detection of controller]
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/385f287f9853da402d94278e59f594501c1d1dad (5.16-rc7)
+CVE-2021-46925 [net/smc: fix kernel panic caused by race of smc_sock]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   NOTE: 
https://git.kernel.org/linus/349d43127dac00c15231e8ffbcaabd70f7b0e544 (5.16-rc8)
+CVE-2021-46924 [NFC: st21nfca: Fix memory leak in device probe and remove]
+   - linux 5.15.15-1
+   [bullseye] - linux 5.10.92-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/1b9dadba502234eea7244879b8d5d126bfaf9f0c (5.16-rc8)
+CVE-2021-46923 [fs/mount_setattr: always cleanup mount_kattr]
+   - linux 5.15.15-1
+   NOTE: 
https://git.kernel.org/linus/012e332286e2bb9f6ac77d195f17e74b2963d663 (5.16-rc8)
+CVE-2021-46922 [KEYS: trusted: Fix TPM reservation for 

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a24d4d7d by Salvatore Bonaccorso at 2024-02-27T16:43:57+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -76,24 +76,42 @@ CVE-2021-46917 (In the Linux kernel, the following 
vulnerability has been resolv
TODO: check
 CVE-2021-46916 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
TODO: check
-CVE-2021-46915 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
 CVE-2021-46914 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
TODO: check
-CVE-2021-46913 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
-CVE-2021-46912 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
-   TODO: check
-CVE-2021-46911 (In the Linux kernel, the following vulnerability has been 
resolved:  c ...)
-   TODO: check
-CVE-2021-46910 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
-   TODO: check
-CVE-2021-46909 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
-   TODO: check
-CVE-2021-46908 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
-   TODO: check
-CVE-2021-46907 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
-   TODO: check
+CVE-2021-46915 [netfilter: nft_limit: avoid possible divide error in 
nft_limit_init]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/b895bdf5d643b6feb7c60856326dd4feb6981560 (5.12-rc8)
+CVE-2021-46913 [netfilter: nftables: clone set element expression template]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.70-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/4d8f9065830e526c83199186c5f56a6514f457d2 (5.12-rc8)
+CVE-2021-46912 [net: Make tcp_allowed_congestion_control readonly in non-init 
netns]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/97684f0970f6e112926de631fdd98d9693c7e5c1 (5.12-rc8)
+CVE-2021-46911 [ch_ktls: Fix kernel panic]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1a73e427b824133940c2dd95ebe26b6dce1cbf10 (5.12-rc8)
+CVE-2021-46910 [ARM: 9063/1: mm: reduce maximum number of CPUs if 
DEBUG_KMAP_LOCAL is enabled]
+   - linux 5.14.6-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d624833f5984d484c5e3196f34b926f9e71dafee (5.12-rc8)
+CVE-2021-46909 [ARM: footbridge: fix PCI interrupt mapping]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/30e3b4f256b4e366a61658c294f6a21b8626dda7 (5.12-rc8)
+CVE-2021-46908 [bpf: Use correct permission flag for mixed signed bounds 
arithmetic]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/9601148392520e2e134936e76788fc2a6371e7be (5.12-rc8)
+CVE-2021-46907 [KVM: VMX: Don't use vcpu->run->internal.ndata as an array 
index]
+   - linux 5.10.38-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a (5.12-rc8)
 CVE-2024-26144 [Possible Sensitive Session Information Leak in Active Storage]
- rails 
NOTE: 
https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
534c7bbc by Salvatore Bonaccorso at 2024-02-26T19:06:15+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,28 @@
+CVE-2023-52474 [IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA 
requests]
+   - linux 6.3.7-1
+   [bookworm] - linux 6.1.37-1
+   [bullseye] - linux 5.10.191-1
+   NOTE: 
https://git.kernel.org/linus/00cbce5cbf88459cd1aa1d60d0f1df15477df127 (6.4-rc1)
+CVE-2021-46906 [HID: usbhid: fix info leak in hid_submit_ctrl]
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.46-1
+   [buster] - linux 4.19.208-1
+   NOTE: 
https://git.kernel.org/linus/6be388f4a35d2ce5ef7dbf635a8964a5da7f799f (5.13-rc5)
+CVE-2020-36775 [f2fs: fix to avoid potential deadlock]
+   - linux 5.6.7-1
+   NOTE: 
https://git.kernel.org/linus/df77fbd8c5b222c680444801ffd20e8bbc90a56e (5.7-rc1)
+CVE-2019-25162 [i2c: Fix a potential use after free]
+   - linux 5.19.6-1
+   [bullseye] - linux 5.10.140-1
+   [buster] - linux 4.19.260-1
+   NOTE: 
https://git.kernel.org/linus/e4c72c06c367758a14f227c847f9d623f1994ecf (6.0-rc1)
+CVE-2019-25161 [drm/amd/display: prevent memory leak]
+   - linux 5.4.6-1
+   [buster] - linux 4.19.146-1
+   NOTE: 
https://git.kernel.org/linus/104c307147ad379617472dd91a5bcb368d72bd6d (5.4-rc1)
+CVE-2019-25160 [netlabel: fix out-of-bounds memory accesses]
+   - linux 4.19.28-1
+   NOTE: 
https://git.kernel.org/linus/5578de4834fe0f2a34fedc7374be691443396d1f (5.0)
 CVE-2024-26606 [binder: signal epoll threads of self-work]
- linux 
NOTE: 
https://git.kernel.org/linus/97830f3c3088638ff90b20dfba2eb4d487bf14d7 (6.8-rc3)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/534c7bbc7b40942a4d7b77d37a32b67b4bcde1a6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/534c7bbc7b40942a4d7b77d37a32b67b4bcde1a6
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
50860f26 by Salvatore Bonaccorso at 2024-02-26T17:03:48+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,6 @@
+CVE-2024-26606 [binder: signal epoll threads of self-work]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/97830f3c3088638ff90b20dfba2eb4d487bf14d7 (6.8-rc3)
 CVE-2024-27456 (rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 
permissions for th ...)
- ruby-rack-cors 
NOTE: https://github.com/cyu/rack-cors/issues/274



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50860f269a9ca9bb3c304ddbb57e7715365f2104

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50860f269a9ca9bb3c304ddbb57e7715365f2104
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
21cfe254 by Salvatore Bonaccorso at 2024-02-25T19:54:04+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,14 @@
+CVE-2022-48626 [moxart: fix potential use-after-free on remove path]
+   - linux 5.16.10-1
+   [buster] - linux 4.19.232-1
+   NOTE: 
https://git.kernel.org/linus/bd2db32e7c3e35bd4d9b8bbff689434a50893546 (5.17-rc4)
+CVE-2021-46905 [net: hso: fix NULL-deref on disconnect regression]
+   - linux  (No Debian released version vulnerable))
+   NOTE: 
https://git.kernel.org/linus/2ad5692db72874f02b9ad551d26345437ea4f7f3 (5.13-rc1)
+CVE-2021-46904 [net: hso: fix null-ptr-deref during tty device unregistration]
+   - linux 5.10.38-1
+   [buster] - linux 4.19.194-1
+   NOTE: 
https://git.kernel.org/linus/8a12f8836145ffe37e9c8733dce18c22fb668b66 (5.12-rc7)
 CVE-2023-52465 [power: supply: Fix null pointer dereference in smb2_probe]
- linux 6.6.15-1
[bookworm] - linux  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21cfe254d66e2605d82e25389be0d5826a20dba4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21cfe254d66e2605d82e25389be0d5826a20dba4
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7f4f5dc1 by Salvatore Bonaccorso at 2024-02-25T10:16:44+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,52 @@
+CVE-2023-52465
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/88f04bc3e737155e13caddf0ba8ed19db87f0212 (6.8-rc1)
+CVE-2023-52466
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3171e46d677a668eed3086da78671f1e4f5b8405 (6.8-rc1)
+CVE-2023-52467
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/41673c66b3d0c09915698fec5c13b24336f18dd1 (6.8-rc1)
+CVE-2023-52468
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/93ec4a3b76404bce01bd5c9032bef5df6feb1d62 (6.8-rc1)
+CVE-2023-52469
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/28dd788382c43b330480f57cd34cde0840896743 (6.8-rc1)
+CVE-2023-52470
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/7a2464fac80d42f6f8819fed97a553e9c2f43310 (6.8-rc1)
+CVE-2023-52471
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf (6.8-rc1)
+CVE-2023-52472
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d872ca165cb67112f2841ef9c37d51ef7e63d1e4 (6.8-rc1)
+CVE-2023-52473
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/04e6ccfc93c5a1aa1d75a537cf27e418895e20ea (6.8-rc1)
 CVE-2024-27359 (Certain WithSecure products allow a Denial of Service because 
the engi ...)
NOT-FOR-US: WithSecure
 CVE-2024-27350 (Amazon Fire OS 7 before 7.6.6.9 and 8 before 8.1.0.3 allows 
Fire TV ap ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f4f5dc1695a8dbe7171dc63ab7c412eeaab7a9e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f4f5dc1695a8dbe7171dc63ab7c412eeaab7a9e
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1cb3ce32 by Salvatore Bonaccorso at 2024-02-24T16:39:20+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,30 @@
+CVE-2024-26600
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/7104ba0f1958adb250319e68a15eff89ec4fd36d (6.8-rc3)
+CVE-2024-26601
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/c9b528c35795b711331ed36dc3dbee90d5812d4e (6.8-rc3)
+CVE-2024-26602
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/944d5fe50f3f03daacfea16300e656a1691c4a23
+CVE-2024-26603
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/d877550eaf2dc9090d782864c96939397a3c6835 (6.8-rc4)
+CVE-2024-26604
+   - linux 
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c (6.8-rc5)
+CVE-2024-26605
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1e560864159d002b453da42bd2c13a1805515a20 (6.8-rc3)
 CVE-2024-27133 (Insufficient sanitization in MLflow leads to XSS when running 
a recipe ...)
NOT-FOR-US: mlflow
 CVE-2024-27132 (Insufficient sanitization in MLflow leads to XSS when running 
an untru ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb3ce327fe696a4a4e3eaa39a0a6933b017e05a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb3ce327fe696a4a4e3eaa39a0a6933b017e05a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e98d73cc by Salvatore Bonaccorso at 2024-02-23T20:18:07+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,25 @@
+CVE-2024-26597 [net: qualcomm: rmnet: fix global oob in rmnet_policy]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/b33fb5b801c6db408b774a68e7c8722796b59ecc (6.8-rc1)
+CVE-2023-52464 [EDAC/thunderx: Fix possible out-of-bounds string access]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/475c58e1a471e9b873e3e39958c64a2d278275c8 (6.8-rc1)
+CVE-2023-52463 [efivarfs: force RO when remounting if SetVariable is not 
supported]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/0e8d2444168dd519fea501599d150e62718ed2fe (6.8-rc1)
+CVE-2023-52459 [media: v4l: async: Fix duplicated list deletion]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2 (6.8-rc1)
 CVE-2024-26599 [pwm: Fix out-of-bounds access in of_pwm_single_xlate()]
- linux 6.6.15-1
[bookworm] - linux 6.1.76-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e98d73cc4a90fb2c32e96bdab9b1c18b5b679675

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e98d73cc4a90fb2c32e96bdab9b1c18b5b679675
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e83124e3 by Salvatore Bonaccorso at 2024-02-23T19:56:54+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,57 @@
+CVE-2024-26599 [pwm: Fix out-of-bounds access in of_pwm_single_xlate()]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/a297d07b9a1e4fb8cda25a4a2363a507d294b7c9 (6.8-rc1)
+CVE-2024-26598 [KVM: arm64: vgic-its: Avoid potential UAF in LPI translation 
cache]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/ad362fe07fecf0aba839ff2cc59a3617bd42c33f (6.8-rc1)
+CVE-2024-26596 [net: dsa: fix netdev_priv() dereference before check on 
non-DSA netdevice events]
+   - linux 
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/844f104790bd69c2e4dbb9ee3eba46fde1fcea7b (6.8-rc1)
+CVE-2024-26595 [mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in 
error path]
+   - linux 6.6.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/efeb7dfea8ee10cdec11b6b6ba4e405edbe75809 (6.8-rc1)
+CVE-2023-52461 [drm/sched: Fix bounds limiting when given a malformed entity]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/2bbe6ab2be53858507f11f99f856846d04765ae3 (6.8-rc1)
+CVE-2023-52462 [bpf: fix check for attempt to corrupt spilled pointer]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ab125ed3ec1c10ccc36bc98c7a4256ad114a3dae (6.8-rc1)
+CVE-2023-52460 [drm/amd/display: Fix NULL pointer dereference at hibernate]
+   - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/b719a9c15d52d4f56bdea8241a5d90fd9197ce99 (6.8-rc1)
+CVE-2023-52458 [block: add check that partition length needs to be aligned 
with block size]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   NOTE: 
https://git.kernel.org/linus/6f64f866aa1ae6975c95d805ed51d7e9433a0016 (6.8-rc1)
+CVE-2023-52456 [serial: imx: fix tx statemachine deadlock]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0 (6.8-rc1)
+CVE-2023-52455 [iommu: Don't reserve 0-length IOVA region]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/bb57f6705960bebeb832142ce9abf43220c3eab1 (6.8-rc1)
+CVE-2023-52454 [nvmet-tcp: Fix a kernel panic when host sends an invalid H2C 
PDU length]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/efa56305908ba20de2104f1b8508c6a7401833be (6.8-rc1)
 CVE-2023-52453 [hisi_acc_vfio_pci: Update migration data pointer correctly on 
saving/resume]
- linux 6.6.15-1
[bookworm] - linux  (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e83124e3ccb5c0a7757a3fa618a766faf54cc9d7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e83124e3ccb5c0a7757a3fa618a766faf54cc9d7
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
99ac59e8 by Salvatore Bonaccorso at 2024-02-23T16:47:05+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,9 +1,15 @@
+CVE-2023-52453 [hisi_acc_vfio_pci: Update migration data pointer correctly on 
saving/resume]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/92e470163d96df8db6c4fa0f484e4a229edb903d (6.8-rc1)
 CVE-2024-26594 [ksmbd: validate mech token in session setup]
- linux 6.6.15-1
[bookworm] - linux 6.1.76-1
[bullseye] - linux  (Vulnerable code not present)
[buster] - linux  (Vulnerable code not present)
-   NOTE: 
hhttps://git.kernel.org/linus/92e470163d96df8db6c4fa0f484e4a229edb903d (6.8-rc1)
+   NOTE: 
https://git.kernel.org/linus/92e470163d96df8db6c4fa0f484e4a229edb903d (6.8-rc1)
 CVE-2024-22025
- nodejs 18.19.1+dfsg-1
NOTE: https://nodejs.org/en/blog/release/v18.19.1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99ac59e8b2a9f8cd6b72a5f2ff8c5e31fa6aaa4c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99ac59e8b2a9f8cd6b72a5f2ff8c5e31fa6aaa4c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
72dfc293 by Salvatore Bonaccorso at 2024-02-23T16:06:18+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,9 @@
+CVE-2024-26594 [ksmbd: validate mech token in session setup]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
hhttps://git.kernel.org/linus/92e470163d96df8db6c4fa0f484e4a229edb903d (6.8-rc1)
 CVE-2024-22025
- nodejs 18.19.1+dfsg-1
NOTE: https://nodejs.org/en/blog/release/v18.19.1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72dfc2937922ff0d1e471335e15e4883eceb8acb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72dfc2937922ff0d1e471335e15e4883eceb8acb
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8522f023 by Salvatore Bonaccorso at 2024-02-23T11:08:32+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,6 @@
+CVE-2024-26593 [i2c: i801: Fix block process call transactions]
+   - linux 
+   NOTE: 
https://git.kernel.org/linus/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21 (6.8-rc5)
 CVE-2024-23807
NOTE: No change CVE assignment to clarify affected versions for 
CVE-2018-1311
NOTE: Debian was already correct



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8522f023e0783d7564ea7a3e3b03ff56f0d5c257

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8522f023e0783d7564ea7a3e3b03ff56f0d5c257
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e020bdd9 by Salvatore Bonaccorso at 2024-02-22T22:47:32+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,15 @@
+CVE-2024-26592
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/38d20c62903d669693a1869aa68c4dd5674e2544 (6.8-rc1)
+CVE-2023-52446
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/59e5791f59dd83e8aa72a4e74217eabb6e8cfd90 (6.8-rc1)
 CVE-2024-26588 [LoongArch: BPF: Prevent out-of-bounds memory access]
- linux 6.6.15-1
[bookworm] - linux 6.1.76-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e020bdd95fed021b8a48041a195715335fa9c73f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e020bdd95fed021b8a48041a195715335fa9c73f
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1e0c4100 by Salvatore Bonaccorso at 2024-02-22T22:31:08+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,82 @@
+CVE-2024-26588 [LoongArch: BPF: Prevent out-of-bounds memory access]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/36a87385e31c9343af9a4756598e704741250a67 (6.8-rc1)
+CVE-2024-26587 [net: netdevsim: don't try to destroy PHC on VFs]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/ea937f77208323d35ffe2f8d8fc81b00118bfcda (6.8-rc1)
+CVE-2024-26586 [mlxsw: spectrum_acl_tcam: Fix stack corruption]
+   - linux 6.6.15-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/483ae90d8f976f8339cf81066312e1329f2d3706 (6.8-rc1)
+CVE-2024-26591 [bpf: Fix re-attachment branch in bpf_tracing_prog_attach]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/715d82ba636cb3629a6e18a33bb9dbe53f9936ee (6.8-rc1)
+CVE-2023-52451 [powerpc/pseries/memhp: Fix access beyond end of drmem array]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/bd68ffce69f6cf8ddd3a3c32549d1d2275e49fc5 (6.8-rc1)
+CVE-2023-52452 [bpf: Fix accesses to uninit stack slots]
+   - linux 6.6.15-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/6b4a64bafd107e521c01eec3453ce94a3fb38529 (6.8-rc1)
+CVE-2023-52450 [perf/x86/intel/uncore: Fix NULL pointer dereference issue in 
upi_fill_topology()]
+   - linux 6.6.15-1
+   [bookworm] - linux  (Vulnerable code not present)
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/1692cf434ba13ee212495b5af795b6a07e986ce4 (6.8-rc1)
+CVE-2023-52448 [gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/8877243beafa7c6bfc42022cbfdf9e39b25bd4fa (6.8-rc1)
+CVE-2023-52449 [mtd: Fix gluebi NULL pointer dereference caused by ftl 
notifier]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/a43bdc376deab5fff1ceb93dca55bcab8dbdc1d6 (6.8-rc1)
+CVE-2023-52447 [bpf: Defer the free of inner map when necessary]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/876673364161da50eed6b472d746ef88242b2368 (6.8-rc1)
+CVE-2023-52445 [media: pvrusb2: fix use after free on context disconnection]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/ded85b0c0edd8f45fec88783d7555a5b982449c1 (6.8-rc1)
+CVE-2023-52444 [f2fs: fix to avoid dirent corruption]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/53edb549565f55ccd0bdf43be3d66ce4c2d48b28 (6.8-rc1)
+CVE-2024-26590 [erofs: fix inconsistent per-file compression format]
+   - linux 6.6.15-1
+   [bullseye] - linux  (Vulnerable code not present)
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/118a8cf504d7dfa519562d000f423ee3ca75d2c4 (6.8-rc1)
+CVE-2024-26589 [bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [buster] - linux  (Vulnerable code not present)
+   NOTE: 
https://git.kernel.org/linus/22c7fa171a02d310e3a3f6ed46a698ca8a0060ed (6.8-rc1)
+CVE-2023-52443 [apparmor: avoid crash when parsed profile name is empty]
+   - linux 6.6.15-1
+   [bookworm] - linux 6.1.76-1
+   [bullseye] - linux 5.10.209-1
+   NOTE: 
https://git.kernel.org/linus/55a8210c9e7d21ff2644809699765796d4bfb200 (6.8-rc1)
 CVE-2024-26578
NOT-FOR-US: Apache Answer
 CVE-2024-23349



View it on GitLab: