diff --git a/CHANGES.md b/CHANGES.md index cb1faa2ee..ac4030762 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,58 +1,25 @@ # **Linux Kernel CVE Changes** -## Last Update - 12Jan24 17:39 +## Last Update - 15Jan24 09:35 ### **New CVEs Added:** -[CVE-2023-6040](cves/CVE-2023-6040) -[CVE-2023-6270](cves/CVE-2023-6270) -[CVE-2023-6531](cves/CVE-2023-6531) -[CVE-2023-7192](cves/CVE-2023-7192) -[CVE-2024-0193](cves/CVE-2024-0193) -[CVE-2024-0340](cves/CVE-2024-0340) -[CVE-2024-0443](cves/CVE-2024-0443) +[CVE-2022-48619](cves/CVE-2022-48619) +[CVE-2023-1476](cves/CVE-2023-1476) ### **New Versions Checked:** -[4.14.336](streams/4.14) -[4.19.304](streams/4.19) -[5.10.206](streams/5.10) -[5.15.146](streams/5.15) -[5.4.266](streams/5.4) -[6.1.72](streams/6.1) -[6.6.11](streams/6.6) -[6.7](streams/6.7) +[5.10.207](streams/5.10) ### **Updated CVEs:** [CVE-2022-1508](cves/CVE-2022-1508) -[CVE-2022-1786](cves/CVE-2022-1786) -[CVE-2022-2327](cves/CVE-2022-2327) -[CVE-2023-1193](cves/CVE-2023-1193) [CVE-2023-2430](cves/CVE-2023-2430) -[CVE-2023-39198](cves/CVE-2023-39198) -[CVE-2023-50431](cves/CVE-2023-50431) -[CVE-2023-51779](cves/CVE-2023-51779) -[CVE-2023-51780](cves/CVE-2023-51780) -[CVE-2023-51781](cves/CVE-2023-51781) -[CVE-2023-6121](cves/CVE-2023-6121) -[CVE-2023-6546](cves/CVE-2023-6546) -[CVE-2023-6560](cves/CVE-2023-6560) -[CVE-2023-6606](cves/CVE-2023-6606) -[CVE-2023-6610](cves/CVE-2023-6610) -[CVE-2023-6679](cves/CVE-2023-6679) -[CVE-2023-6932](cves/CVE-2023-6932) -[CVE-2023-7042](cves/CVE-2023-7042) -[CVE-2021-3600](cves/CVE-2021-3600) -[CVE-2022-2585](cves/CVE-2022-2585) -[CVE-2022-2586](cves/CVE-2022-2586) -[CVE-2022-2588](cves/CVE-2022-2588) -[CVE-2022-2602](cves/CVE-2022-2602) -[CVE-2023-1032](cves/CVE-2023-1032) -[CVE-2023-33952](cves/CVE-2023-33952) -[CVE-2023-34324](cves/CVE-2023-34324) +[CVE-2023-4610](cves/CVE-2023-4610) +[CVE-2023-4732](cves/CVE-2023-4732) [CVE-2023-51782](cves/CVE-2023-51782) [CVE-2023-6931](cves/CVE-2023-6931) +[CVE-2024-0193](cves/CVE-2024-0193) diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt index 57d582c07..e295f6f52 100644 --- a/data/3.12/3.12_CVEs.txt +++ b/data/3.12/3.12_CVEs.txt @@ -1231,6 +1231,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1247,6 +1248,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1320,10 +1322,8 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream @@ -1340,9 +1340,7 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt index 8d0267e6e..0c704a091 100644 --- a/data/3.12/3.12_security.txt +++ b/data/3.12/3.12_security.txt @@ -1369,6 +1369,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1385,6 +1386,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1458,10 +1460,8 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1478,9 +1478,7 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt index 1bdf08e77..b1cc43176 100644 --- a/data/3.14/3.14_CVEs.txt +++ b/data/3.14/3.14_CVEs.txt @@ -1200,6 +1200,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1216,6 +1217,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1290,10 +1292,8 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream @@ -1310,9 +1310,7 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt index b3ce7d017..f258ce9d7 100644 --- a/data/3.14/3.14_security.txt +++ b/data/3.14/3.14_security.txt @@ -1334,6 +1334,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1350,6 +1351,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1424,10 +1426,8 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1444,9 +1444,7 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt index 264ca0817..e855ec674 100644 --- a/data/3.16/3.16_CVEs.txt +++ b/data/3.16/3.16_CVEs.txt @@ -1186,6 +1186,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1204,6 +1205,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1282,10 +1284,8 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream @@ -1302,9 +1302,7 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt index c21122beb..b8907c4e8 100644 --- a/data/3.16/3.16_security.txt +++ b/data/3.16/3.16_security.txt @@ -1293,6 +1293,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1311,6 +1312,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1388,10 +1390,8 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1408,9 +1408,7 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt index 9f0db8b33..406432aa3 100644 --- a/data/3.18/3.18_CVEs.txt +++ b/data/3.18/3.18_CVEs.txt @@ -1171,6 +1171,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1190,6 +1191,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1273,10 +1275,8 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream @@ -1293,9 +1293,7 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt index aa8192402..c54021a84 100644 --- a/data/3.18/3.18_security.txt +++ b/data/3.18/3.18_security.txt @@ -1407,6 +1407,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1426,6 +1427,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1509,10 +1511,8 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1529,9 +1529,7 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt index 972501f1b..0ee708d1a 100644 --- a/data/3.2/3.2_CVEs.txt +++ b/data/3.2/3.2_CVEs.txt @@ -1203,6 +1203,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1217,6 +1218,7 @@ CVE-2023-1077: Fix not seen in stream CVE-2023-1118: Fix not seen in stream CVE-2023-1206: Fix not seen in stream CVE-2023-1380: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1282,10 +1284,8 @@ CVE-2023-4385: Fix not seen in stream CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-51779: Fix not seen in stream CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream @@ -1301,7 +1301,5 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt index 072bda0b2..147dec75d 100644 --- a/data/3.2/3.2_security.txt +++ b/data/3.2/3.2_security.txt @@ -1361,6 +1361,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1375,6 +1376,7 @@ Outstanding CVEs: CVE-2023-1118: (unk) media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn(). CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1440,10 +1442,8 @@ Outstanding CVEs: CVE-2023-4459: (unk) net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl @@ -1459,7 +1459,5 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt index b763e5f27..e18a653ef 100644 --- a/data/4.1/4.1_CVEs.txt +++ b/data/4.1/4.1_CVEs.txt @@ -1136,6 +1136,7 @@ CVE-2022-45919: Fix not seen in stream CVE-2022-45934: Fix not seen in stream CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1155,6 +1156,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1240,10 +1242,8 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1261,9 +1261,7 @@ CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream CVE-2023-6817: Fix not seen in stream -CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt index e7cb8a488..197aaabd8 100644 --- a/data/4.1/4.1_security.txt +++ b/data/4.1/4.1_security.txt @@ -1234,6 +1234,7 @@ Outstanding CVEs: CVE-2022-45934: (unk) Bluetooth: L2CAP: Fix u8 overflow CVE-2022-4662: (unk) USB: core: Prevent nested device-reset calls CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1253,6 +1254,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1338,10 +1340,8 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1359,9 +1359,7 @@ Outstanding CVEs: CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk - CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt index 2a10d5895..d32570f88 100644 --- a/data/4.10/4.10_CVEs.txt +++ b/data/4.10/4.10_CVEs.txt @@ -1040,6 +1040,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1061,6 +1062,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1155,11 +1157,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1183,5 +1183,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt index aaa4c3743..c433ae83b 100644 --- a/data/4.10/4.10_security.txt +++ b/data/4.10/4.10_security.txt @@ -1074,6 +1074,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1095,6 +1096,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1189,11 +1191,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1217,5 +1217,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt index d921eef9f..eed9ae4dc 100644 --- a/data/4.11/4.11_CVEs.txt +++ b/data/4.11/4.11_CVEs.txt @@ -1012,6 +1012,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1033,6 +1034,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1127,11 +1129,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1155,5 +1155,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt index fdd36a5db..d4e9e491e 100644 --- a/data/4.11/4.11_security.txt +++ b/data/4.11/4.11_security.txt @@ -1034,6 +1034,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1055,6 +1056,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1149,11 +1151,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1177,5 +1177,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt index f1fd9bc8b..872ca2bb2 100644 --- a/data/4.12/4.12_CVEs.txt +++ b/data/4.12/4.12_CVEs.txt @@ -997,6 +997,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1019,6 +1020,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1114,11 +1116,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1142,5 +1142,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt index ec508b4cd..325c20618 100644 --- a/data/4.12/4.12_security.txt +++ b/data/4.12/4.12_security.txt @@ -1023,6 +1023,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1045,6 +1046,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1140,11 +1142,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1168,5 +1168,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt index d53b7b941..fa5e6a2ad 100644 --- a/data/4.13/4.13_CVEs.txt +++ b/data/4.13/4.13_CVEs.txt @@ -980,6 +980,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1003,6 +1004,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1099,11 +1101,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1127,5 +1127,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt index 16f5a7c48..ccafd74c1 100644 --- a/data/4.13/4.13_security.txt +++ b/data/4.13/4.13_security.txt @@ -1008,6 +1008,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1031,6 +1032,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1127,11 +1129,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1155,5 +1155,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt index e845e9d61..6654920b9 100644 --- a/data/4.14/4.14_CVEs.txt +++ b/data/4.14/4.14_CVEs.txt @@ -949,6 +949,7 @@ CVE-2022-4662: Fixed with 4.14.293 CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 4.14.303 +CVE-2022-48619: Fixed with 4.14.281 CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.14.256 CVE-2023-0266: Fixed with 4.14.303 @@ -973,6 +974,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fixed with 4.14.315 CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fixed with 4.14.217 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 4.14.306 CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1071,11 +1073,9 @@ CVE-2023-4459: Fixed with 4.14.281 CVE-2023-45862: Fixed with 4.14.308 CVE-2023-45863: Fixed with 4.14.329 CVE-2023-45871: Fixed with 4.14.326 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 4.14.327 CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 4.14.326 CVE-2023-51779: Fix not seen in stream @@ -1099,5 +1099,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fixed with 4.14.332 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 4.14.308 -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt index c00cedb58..a85541283 100644 --- a/data/4.14/4.14_security.txt +++ b/data/4.14/4.14_security.txt @@ -1165,6 +1165,7 @@ CVEs fixed in 4.14.279: CVEs fixed in 4.14.281: CVE-2022-1652: dc650d53bad770f169e498f1231671c51b0b321d floppy: use a statically allocated error counter CVE-2022-1729: dee63319e2d1abd5d37a89de046ccf32ca8a8451 perf: Fix sys_perf_event_open() race against self + CVE-2022-48619: 9cc62ef5ba044b315c8761942db184a2ef8ff005 Input: add bounds checking to input_set_capability() CVE-2023-4387: 2bee202d0649cb53b9860fe15d0642167bffd6bf net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: 5fd9a74bf04a1eae5dbde8ca8585106d4410427f net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -1598,6 +1599,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver @@ -1631,10 +1633,8 @@ Outstanding CVEs: CVE-2023-39198: (unk) drm/qxl: fix UAF on handle creation CVE-2023-4010: (unk) CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1651,5 +1651,4 @@ Outstanding CVEs: CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt index 05602af55..b6dc6155a 100644 --- a/data/4.15/4.15_CVEs.txt +++ b/data/4.15/4.15_CVEs.txt @@ -901,6 +901,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -925,6 +926,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1027,11 +1029,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1055,5 +1055,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt index 8e43463c9..60778d493 100644 --- a/data/4.15/4.15_security.txt +++ b/data/4.15/4.15_security.txt @@ -933,6 +933,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -957,6 +958,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1059,11 +1061,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1087,5 +1087,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt index 2f360d6a3..ec2dfb343 100644 --- a/data/4.16/4.16_CVEs.txt +++ b/data/4.16/4.16_CVEs.txt @@ -881,6 +881,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -905,6 +906,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1007,11 +1009,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1035,5 +1035,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt index 5b733d013..27e653482 100644 --- a/data/4.16/4.16_security.txt +++ b/data/4.16/4.16_security.txt @@ -913,6 +913,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -937,6 +938,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1039,11 +1041,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1067,5 +1067,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt index d898a3df1..4775cd153 100644 --- a/data/4.17/4.17_CVEs.txt +++ b/data/4.17/4.17_CVEs.txt @@ -861,6 +861,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -886,6 +887,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -989,11 +991,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1017,5 +1017,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt index 4737b6bca..90cde9706 100644 --- a/data/4.17/4.17_security.txt +++ b/data/4.17/4.17_security.txt @@ -893,6 +893,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -918,6 +919,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1021,11 +1023,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1049,5 +1049,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt index d930ba122..fd0106941 100644 --- a/data/4.18/4.18_CVEs.txt +++ b/data/4.18/4.18_CVEs.txt @@ -839,6 +839,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -864,6 +865,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -967,11 +969,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -995,5 +995,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt index 82fe65871..5f358d279 100644 --- a/data/4.18/4.18_security.txt +++ b/data/4.18/4.18_security.txt @@ -871,6 +871,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -896,6 +897,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -999,11 +1001,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1027,5 +1027,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt index ef8f8ae82..450fdef0c 100644 --- a/data/4.19/4.19_CVEs.txt +++ b/data/4.19/4.19_CVEs.txt @@ -818,6 +818,7 @@ CVE-2022-4662: Fixed with 4.19.258 CVE-2022-4744: Fixed with 4.19.280 CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 4.19.270 +CVE-2022-48619: Fixed with 4.19.245 CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.19.218 CVE-2023-0266: Fixed with 4.19.270 @@ -843,6 +844,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fixed with 4.19.283 CVE-2023-1382: Fixed with 4.19.268 CVE-2023-1390: Fixed with 4.19.170 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 4.19.273 CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -950,11 +952,9 @@ CVE-2023-4459: Fixed with 4.19.245 CVE-2023-45862: Fixed with 4.19.276 CVE-2023-45863: Fixed with 4.19.298 CVE-2023-45871: Fixed with 4.19.295 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 4.19.295 CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 4.19.295 CVE-2023-51779: Fix not seen in stream @@ -978,5 +978,4 @@ CVE-2023-6931: Fixed with 4.19.302 CVE-2023-6932: Fixed with 4.19.301 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 4.19.276 -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt index 1da8d7087..b578d4877 100644 --- a/data/4.19/4.19_security.txt +++ b/data/4.19/4.19_security.txt @@ -977,6 +977,7 @@ CVEs fixed in 4.19.243: CVEs fixed in 4.19.245: CVE-2022-1652: 3392d8711ad9e5b688999c948fd36d798c0d075d floppy: use a statically allocated error counter CVE-2022-1729: 6cdd53a49aa7413e53c14ece27d826f0b628b18a perf: Fix sys_perf_event_open() race against self + CVE-2022-48619: 01d41d7e7fc7eef99ae5b1065d9186f91ff099e7 Input: add bounds checking to input_set_capability() CVE-2023-1838: 6ca70982c646cc32e458150ee7f2530a24369b8c Fix double fget() in vhost_net_set_backend() CVE-2023-4387: 3adaaf3472e8ea410cb1330e5dd8372b0483dc78 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: 248a37ffd81c7121d30702d8caa31db48450680d net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -1414,6 +1415,7 @@ Outstanding CVEs: CVE-2023-1076: (unk) tun: tun_chr_open(): correctly initialize socket uid CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu + CVE-2023-1476: (unk) CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver @@ -1446,10 +1448,8 @@ Outstanding CVEs: CVE-2023-4010: (unk) CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup @@ -1464,5 +1464,4 @@ Outstanding CVEs: CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt index 587f9ca79..6229336b0 100644 --- a/data/4.20/4.20_CVEs.txt +++ b/data/4.20/4.20_CVEs.txt @@ -809,6 +809,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream @@ -837,6 +838,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -948,11 +950,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -976,5 +976,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt index c64f365d8..d2d95fa81 100644 --- a/data/4.20/4.20_security.txt +++ b/data/4.20/4.20_security.txt @@ -841,6 +841,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF @@ -869,6 +870,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -980,11 +982,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1008,5 +1008,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt index 3e630ed95..24382c749 100644 --- a/data/4.3/4.3_CVEs.txt +++ b/data/4.3/4.3_CVEs.txt @@ -1135,6 +1135,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1155,6 +1156,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1241,11 +1243,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1267,5 +1267,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt index 9096fe668..7d451fcc2 100644 --- a/data/4.3/4.3_security.txt +++ b/data/4.3/4.3_security.txt @@ -1151,6 +1151,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1171,6 +1172,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1257,11 +1259,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1283,5 +1283,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt index f59de3418..2d28aecba 100644 --- a/data/4.4/4.4_CVEs.txt +++ b/data/4.4/4.4_CVEs.txt @@ -1116,6 +1116,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1136,6 +1137,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1670: Fix not seen in stream @@ -1223,11 +1225,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1250,5 +1250,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt index 4ef841038..06ea365dc 100644 --- a/data/4.4/4.4_security.txt +++ b/data/4.4/4.4_security.txt @@ -1604,6 +1604,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1624,6 +1625,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1670: (unk) xirc2ps_cs: Fix use after free bug in xirc2ps_detach @@ -1709,11 +1711,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1736,5 +1736,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt index 92b819299..687003970 100644 --- a/data/4.5/4.5_CVEs.txt +++ b/data/4.5/4.5_CVEs.txt @@ -1098,6 +1098,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1118,6 +1119,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1206,11 +1208,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1233,5 +1233,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt index 9b79d95d7..53d357021 100644 --- a/data/4.5/4.5_security.txt +++ b/data/4.5/4.5_security.txt @@ -1114,6 +1114,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1134,6 +1135,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1222,11 +1224,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1249,5 +1249,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt index 512c1d0ba..ab5f54967 100644 --- a/data/4.6/4.6_CVEs.txt +++ b/data/4.6/4.6_CVEs.txt @@ -1071,6 +1071,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1091,6 +1092,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1180,11 +1182,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1207,5 +1207,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt index 6011d997b..c762673f4 100644 --- a/data/4.6/4.6_security.txt +++ b/data/4.6/4.6_security.txt @@ -1089,6 +1089,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1109,6 +1110,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1198,11 +1200,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1225,5 +1225,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt index 1365710ca..79ec10eb3 100644 --- a/data/4.7/4.7_CVEs.txt +++ b/data/4.7/4.7_CVEs.txt @@ -1054,6 +1054,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1074,6 +1075,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1163,11 +1165,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1190,5 +1190,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt index 032f5657d..f8adfb281 100644 --- a/data/4.7/4.7_security.txt +++ b/data/4.7/4.7_security.txt @@ -1074,6 +1074,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1094,6 +1095,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1183,11 +1185,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1210,5 +1210,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt index 6448cf513..ecc79c141 100644 --- a/data/4.8/4.8_CVEs.txt +++ b/data/4.8/4.8_CVEs.txt @@ -1058,6 +1058,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0266: Fix not seen in stream @@ -1078,6 +1079,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1166,11 +1168,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1194,5 +1194,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt index 4c5db9184..d39570228 100644 --- a/data/4.8/4.8_security.txt +++ b/data/4.8/4.8_security.txt @@ -1088,6 +1088,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0030: (unk) drm/nouveau/mmu: add more general vmm free/node handling functions CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0266: (unk) ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF @@ -1108,6 +1109,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1196,11 +1198,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1224,5 +1224,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt index c5b74927c..5d7854d8d 100644 --- a/data/4.9/4.9_CVEs.txt +++ b/data/4.9/4.9_CVEs.txt @@ -1057,6 +1057,7 @@ CVE-2022-4662: Fixed with 4.9.328 CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fixed with 4.9.316 CVE-2023-0030: Fix not seen in stream CVE-2023-0047: Fixed with 4.9.291 CVE-2023-0266: Fix not seen in stream @@ -1077,6 +1078,7 @@ CVE-2023-1249: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fixed with 4.9.253 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -1170,11 +1172,9 @@ CVE-2023-4459: Fixed with 4.9.316 CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -1198,5 +1198,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt index c28fb96b7..ee6402529 100644 --- a/data/4.9/4.9_security.txt +++ b/data/4.9/4.9_security.txt @@ -1286,6 +1286,7 @@ CVEs fixed in 4.9.313: CVEs fixed in 4.9.316: CVE-2022-1652: 2adafe1c646b462c755e99216f966927eec96059 floppy: use a statically allocated error counter CVE-2022-1729: a1466528d8ae5d9a3bb29781f0098fa3476e9e1c perf: Fix sys_perf_event_open() race against self + CVE-2022-48619: 3e6fa9e4a7a89d67e01424317f7a2e9551025022 Input: add bounds checking to input_set_capability() CVE-2023-4387: aae66daa4a8925109c87702979e767346291d1e2 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: e40ed72f8c8b04ae629d895ed7eb221d8938cdd7 net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -1633,6 +1634,7 @@ Outstanding CVEs: CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -1718,11 +1720,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1746,5 +1746,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt index 3f8033fdc..8b696beef 100644 --- a/data/5.0/5.0_CVEs.txt +++ b/data/5.0/5.0_CVEs.txt @@ -789,6 +789,7 @@ CVE-2022-4662: Fix not seen in stream CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -816,6 +817,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -927,11 +929,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-51779: Fix not seen in stream @@ -954,5 +954,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt index d5731417f..fd5d2ce59 100644 --- a/data/5.0/5.0_security.txt +++ b/data/5.0/5.0_security.txt @@ -837,6 +837,7 @@ Outstanding CVEs: CVE-2022-4744: (unk) tun: avoid double free in tun_free_netdev CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -864,6 +865,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -975,11 +977,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1002,5 +1002,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt index 54bf0a062..232b4c0fd 100644 --- a/data/5.1/5.1_CVEs.txt +++ b/data/5.1/5.1_CVEs.txt @@ -588,7 +588,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -768,6 +767,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -796,6 +796,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -830,7 +831,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -911,11 +911,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown @@ -940,5 +938,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt index 4cfb5a2eb..ed442f5d0 100644 --- a/data/5.1/5.1_security.txt +++ b/data/5.1/5.1_security.txt @@ -624,7 +624,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -804,6 +803,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -832,6 +832,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -866,7 +867,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -947,11 +947,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) @@ -976,5 +974,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt index 9a329667d..6d760d1e2 100644 --- a/data/5.10/5.10_CVEs.txt +++ b/data/5.10/5.10_CVEs.txt @@ -290,7 +290,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 5.10.110 CVE-2022-1462: Fixed with 5.10.134 -CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fixed with 5.10.110 CVE-2022-1652: Fixed with 5.10.118 CVE-2022-1679: Fixed with 5.10.137 @@ -499,6 +498,7 @@ CVE-2022-47520: Fixed with 5.10.157 CVE-2022-47521: Fixed with 5.10.157 CVE-2022-47929: Fixed with 5.10.163 CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fixed with 5.10.118 CVE-2023-0045: Fixed with 5.10.163 CVE-2023-0047: Fixed with 5.10.80 CVE-2023-0160: Fixed with 5.10.180 @@ -529,6 +529,7 @@ CVE-2023-1295: Fix not seen in stream CVE-2023-1380: Fixed with 5.10.180 CVE-2023-1382: Fixed with 5.10.157 CVE-2023-1390: Fixed with 5.10.10 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 5.10.169 CVE-2023-1582: Fixed with 5.10.102 CVE-2023-1611: Fixed with 5.10.177 @@ -571,7 +572,6 @@ CVE-2023-23454: Fixed with 5.10.163 CVE-2023-23455: Fixed with 5.10.163 CVE-2023-23559: Fixed with 5.10.166 CVE-2023-23586: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fixed with 5.10.177 CVE-2023-25012: Fixed with 5.10.173 CVE-2023-2513: Fixed with 5.10.179 @@ -667,7 +667,6 @@ CVE-2023-4563: Fixed with 5.10.198 CVE-2023-45862: Fixed with 5.10.173 CVE-2023-45863: Fixed with 5.10.200 CVE-2023-45871: Fixed with 5.10.195 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 5.10.195 CVE-2023-46813: Fixed with 5.10.199 @@ -700,5 +699,4 @@ CVE-2023-6931: Fixed with 5.10.204 CVE-2023-6932: Fixed with 5.10.203 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 5.10.173 -CVE-2024-0193: Fixed with 5.10.206 CVE-2024-0340: Fix not seen in stream diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt index 61d34dd9b..195e734fb 100644 --- a/data/5.10/5.10_security.txt +++ b/data/5.10/5.10_security.txt @@ -451,6 +451,7 @@ CVEs fixed in 5.10.117: CVEs fixed in 5.10.118: CVE-2022-1652: 911b36267855501f7f80a75927c128c0ac03fe58 floppy: use a statically allocated error counter CVE-2022-1729: 3ee8e109c3c316073a3e0f83ec0769c7ee8a7375 perf: Fix sys_perf_event_open() race against self + CVE-2022-48619: d5e88c2d76efa9d7bb7ceffaec60fe6c76c748d7 Input: add bounds checking to input_set_capability() CVE-2023-1838: ec0d801d1a44d9259377142c6218885ecd685e41 Fix double fget() in vhost_net_set_backend() CVE-2023-4387: a54d86cf418427584e0a3cd1e89f757c92df5e89 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: 6e2caee5cddc3d9e0ad0484c9c21b9f10676c044 net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -851,7 +852,6 @@ CVEs fixed in 5.10.205: CVEs fixed in 5.10.206: CVE-2023-51779: db1b14eec8c61a20374de9f9c2ddc6c9406a8c42 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-6606: 0c54b79d1d9b25f5a406bcf1969f956e14c4704d smb: client: fix OOB in smbCalcSize() - CVE-2024-0193: 73117ea03363d4493bd4e9f82f29b34b92d88a91 netfilter: nf_tables: skip set commit for deleted/destroyed sets Outstanding CVEs: CVE-2005-3660: (unk) @@ -927,7 +927,6 @@ Outstanding CVEs: CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory CVE-2022-20409: (unk) io_uring: remove io_identity CVE-2022-20424: (unk) io_uring: remove io_identity @@ -972,6 +971,7 @@ Outstanding CVEs: CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1295: (unk) io_uring: get rid of intermediate IORING_OP_CLOSE stage + CVE-2023-1476: (unk) CVE-2023-1872: (unk) io_uring: propagate issue_flags state down to file assignment CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20928: (unk) android: binder: stop saving a pointer to the VMA @@ -982,7 +982,6 @@ Outstanding CVEs: CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) CVE-2023-23586: (unk) io_uring: remove io_identity - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -996,7 +995,6 @@ Outstanding CVEs: CVE-2023-4010: (unk) CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt index 6d62b379b..f49a62273 100644 --- a/data/5.11/5.11_CVEs.txt +++ b/data/5.11/5.11_CVEs.txt @@ -490,6 +490,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -519,6 +520,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1295: Fixed with 5.11.6 CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -562,7 +564,6 @@ CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream CVE-2023-23586: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -662,7 +663,6 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -695,5 +695,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt index ba2601a83..e8d202294 100644 --- a/data/5.11/5.11_security.txt +++ b/data/5.11/5.11_security.txt @@ -533,6 +533,7 @@ Outstanding CVEs: CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -561,6 +562,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -604,7 +606,6 @@ Outstanding CVEs: CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid CVE-2023-23586: (unk) io_uring: remove io_identity - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -704,7 +705,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -737,5 +737,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt index 628619d81..200159e31 100644 --- a/data/5.12/5.12_CVEs.txt +++ b/data/5.12/5.12_CVEs.txt @@ -441,6 +441,7 @@ CVE-2022-47519: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -469,6 +470,7 @@ CVE-2023-1252: Fix not seen in stream CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -514,7 +516,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -614,7 +615,6 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -647,5 +647,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt index ea2af7176..f65ee2323 100644 --- a/data/5.12/5.12_security.txt +++ b/data/5.12/5.12_security.txt @@ -474,6 +474,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -502,6 +503,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -547,7 +549,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -646,7 +647,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -679,5 +679,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt index 687ae770e..eca1ff5a5 100644 --- a/data/5.13/5.13_CVEs.txt +++ b/data/5.13/5.13_CVEs.txt @@ -409,6 +409,7 @@ CVE-2022-47519: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -437,6 +438,7 @@ CVE-2023-1252: Fix not seen in stream CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -483,7 +485,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -584,7 +585,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -618,5 +618,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt index 90a748b92..b75a68979 100644 --- a/data/5.13/5.13_security.txt +++ b/data/5.13/5.13_security.txt @@ -445,6 +445,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -473,6 +474,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -519,7 +521,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -619,7 +620,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -652,5 +652,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt index 183f78c5c..4493220b1 100644 --- a/data/5.14/5.14_CVEs.txt +++ b/data/5.14/5.14_CVEs.txt @@ -382,6 +382,7 @@ CVE-2022-47519: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fixed with 5.14.19 CVE-2023-0160: Fix not seen in stream @@ -410,6 +411,7 @@ CVE-2023-1252: Fixed with 5.14.19 CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -458,7 +460,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -559,7 +560,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -592,5 +592,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt index 4858963a5..68f743f81 100644 --- a/data/5.14/5.14_security.txt +++ b/data/5.14/5.14_security.txt @@ -418,6 +418,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -444,6 +445,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -492,7 +494,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -593,7 +594,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -626,5 +626,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt index b13bedd8e..ea2983c36 100644 --- a/data/5.15/5.15_CVEs.txt +++ b/data/5.15/5.15_CVEs.txt @@ -364,6 +364,7 @@ CVE-2022-48423: Fixed with 5.15.87 CVE-2022-48424: Fixed with 5.15.87 CVE-2022-48425: Fixed with 5.15.113 CVE-2022-48502: Fixed with 5.15.121 +CVE-2022-48619: Fixed with 5.15.42 CVE-2023-0045: Fixed with 5.15.87 CVE-2023-0047: Fixed with 5.15.3 CVE-2023-0160: Fixed with 5.15.111 @@ -396,6 +397,7 @@ CVE-2023-1252: Fixed with 5.15.3 CVE-2023-1281: Fixed with 5.15.95 CVE-2023-1380: Fixed with 5.15.110 CVE-2023-1382: Fixed with 5.15.81 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 5.15.95 CVE-2023-1582: Fixed with 5.15.25 CVE-2023-1611: Fixed with 5.15.106 @@ -444,7 +446,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fixed with 5.15.87 CVE-2023-23455: Fixed with 5.15.87 CVE-2023-23559: Fixed with 5.15.91 -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fixed with 5.15.105 CVE-2023-25012: Fixed with 5.15.99 CVE-2023-2513: Fixed with 5.15.61 @@ -565,7 +566,6 @@ CVE-2023-4569: Fixed with 5.15.128 CVE-2023-45862: Fixed with 5.15.100 CVE-2023-45863: Fixed with 5.15.99 CVE-2023-45871: Fixed with 5.15.132 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 5.15.132 CVE-2023-46813: Fixed with 5.15.137 @@ -599,5 +599,4 @@ CVE-2023-6931: Fixed with 5.15.143 CVE-2023-6932: Fixed with 5.15.142 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 5.15.100 -CVE-2024-0193: Fixed with 5.15.146 CVE-2024-0340: Fix not seen in stream diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt index 1753bc6f4..bf7ffd093 100644 --- a/data/5.15/5.15_security.txt +++ b/data/5.15/5.15_security.txt @@ -218,6 +218,7 @@ CVEs fixed in 5.15.42: CVE-2022-1652: fc2bee93e31bbba920e9eeba76af72264ced066f floppy: use a statically allocated error counter CVE-2022-1729: e085354dde254bc6c83ee604ea66c2b36f9f9067 perf: Fix sys_perf_event_open() race against self CVE-2022-21499: 69c5d307dce1560fafcb852f39d7a1bf5e266641 lockdown: also lock down previous kgdb use + CVE-2022-48619: 0211383109832103cfddfd5c5cc99b29d40bb749 Input: add bounds checking to input_set_capability() CVE-2023-1838: 42d8a6dc45fc6619b8def1a70b7bd0800bcc4574 Fix double fget() in vhost_net_set_backend() CVE-2023-4387: 4ad09fdef55b70f16f8d385981b864ac75cf1354 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: e35387a91318ccdec4a30b58d967391e011e34fa net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -698,7 +699,6 @@ CVEs fixed in 5.15.145: CVEs fixed in 5.15.146: CVE-2023-51779: 2b16d960c79abc397f102c3d23d30005b68cb036 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-6606: ded3cfdefec8b2accc767f176419316b61c157c3 smb: client: fix OOB in smbCalcSize() - CVE-2024-0193: d10f7540c5541ad9f4fe2a02a73153d25d4a540d netfilter: nf_tables: skip set commit for deleted/destroyed sets Outstanding CVEs: CVE-2005-3660: (unk) @@ -794,6 +794,7 @@ Outstanding CVEs: CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry + CVE-2023-1476: (unk) CVE-2023-1872: (unk) io_uring: propagate issue_flags state down to file assignment CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20941: (unk) @@ -802,7 +803,6 @@ Outstanding CVEs: CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -817,7 +817,6 @@ Outstanding CVEs: CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() CVE-2023-4155: (unk) KVM: SEV: only access GHCB fields once - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt index 46c9bd4e4..89e15d25a 100644 --- a/data/5.16/5.16_CVEs.txt +++ b/data/5.16/5.16_CVEs.txt @@ -332,6 +332,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream CVE-2022-48502: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix not seen in stream CVE-2023-0179: Fix not seen in stream @@ -363,6 +364,7 @@ CVE-2023-1249: Fixed with 5.16.19 CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fixed with 5.16.10 CVE-2023-1611: Fix not seen in stream @@ -412,7 +414,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -534,7 +535,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -568,5 +568,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt index 022023a2d..6dcdbb448 100644 --- a/data/5.16/5.16_security.txt +++ b/data/5.16/5.16_security.txt @@ -376,6 +376,7 @@ Outstanding CVEs: CVE-2022-48424: (unk) fs/ntfs3: Validate attribute name offset CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs CVE-2022-48502: (unk) fs/ntfs3: Check fields while reading + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap CVE-2023-0179: (unk) netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits @@ -406,6 +407,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1652: (unk) NFSD: fix use-after-free in nfsd4_ssc_setup_dul() @@ -449,7 +451,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -570,7 +571,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -604,5 +604,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt index f75a55b52..ae5546ca6 100644 --- a/data/5.17/5.17_CVEs.txt +++ b/data/5.17/5.17_CVEs.txt @@ -276,6 +276,7 @@ CVE-2022-48423: Fix not seen in stream CVE-2022-48424: Fix not seen in stream CVE-2022-48425: Fix not seen in stream CVE-2022-48502: Fix not seen in stream +CVE-2022-48619: Fixed with 5.17.10 CVE-2023-0045: Fix not seen in stream CVE-2023-0160: Fix not seen in stream CVE-2023-0179: Fix not seen in stream @@ -308,6 +309,7 @@ CVE-2023-1249: Fixed with 5.17.2 CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1637: Fixed with 5.17.3 @@ -354,7 +356,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -480,7 +481,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -514,5 +514,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt index 4806850a1..f203ef655 100644 --- a/data/5.17/5.17_security.txt +++ b/data/5.17/5.17_security.txt @@ -79,6 +79,7 @@ CVEs fixed in 5.17.10: CVE-2022-1652: 88887ced7803132ed357a42d050560a2fb5c7ce6 floppy: use a statically allocated error counter CVE-2022-1729: 22fb2974224c9836eeaf0d24fdd481fcdaa0aea8 perf: Fix sys_perf_event_open() race against self CVE-2022-21499: 281d356a035132f2603724ee0f04767d70e2e98e lockdown: also lock down previous kgdb use + CVE-2022-48619: 93cf9a32d6c21325761503dcaae3c58ae55cc018 Input: add bounds checking to input_set_capability() CVE-2023-1838: d759015c9bcaa87d2ebf41c7bab561f7033c3e80 Fix double fget() in vhost_net_set_backend() CVE-2023-4387: 54f87f3478097fe5b7e473738b787a24cbc2061e net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: 8d20af6cdd1639c1e14346d4cb1d7b1d19fee34b net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -352,6 +353,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1652: (unk) NFSD: fix use-after-free in nfsd4_ssc_setup_dul() @@ -393,7 +395,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -512,7 +513,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -546,5 +546,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt index fda3fbebe..1dcbe6acf 100644 --- a/data/5.18/5.18_CVEs.txt +++ b/data/5.18/5.18_CVEs.txt @@ -262,6 +262,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1611: Fix not seen in stream CVE-2023-1652: Fix not seen in stream @@ -429,7 +430,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -462,5 +462,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt index 0fb2cb82c..2fb1b0367 100644 --- a/data/5.18/5.18_security.txt +++ b/data/5.18/5.18_security.txt @@ -309,6 +309,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls CVE-2023-1652: (unk) NFSD: fix use-after-free in nfsd4_ssc_setup_dul() @@ -465,7 +466,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -498,5 +498,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt index 8dc75f151..5a79cb15e 100644 --- a/data/5.19/5.19_CVEs.txt +++ b/data/5.19/5.19_CVEs.txt @@ -218,6 +218,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1583: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -386,7 +387,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -419,5 +419,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt index e6cdf262f..dc4618aa3 100644 --- a/data/5.19/5.19_security.txt +++ b/data/5.19/5.19_security.txt @@ -253,6 +253,7 @@ Outstanding CVEs: CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1583: (unk) io_uring/rsrc: fix null-ptr-deref in io_file_bitmap_get() CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -416,7 +417,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -449,5 +449,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt index 046c49efc..e7f293822 100644 --- a/data/5.2/5.2_CVEs.txt +++ b/data/5.2/5.2_CVEs.txt @@ -548,7 +548,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -731,6 +730,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -759,6 +759,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -793,7 +794,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -873,11 +873,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown @@ -902,5 +900,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt index 0147f9507..46b1aa3f0 100644 --- a/data/5.2/5.2_security.txt +++ b/data/5.2/5.2_security.txt @@ -586,7 +586,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -769,6 +768,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -797,6 +797,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -831,7 +832,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -911,11 +911,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) @@ -940,5 +938,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt index 18dec1876..07ac78ba4 100644 --- a/data/5.3/5.3_CVEs.txt +++ b/data/5.3/5.3_CVEs.txt @@ -520,7 +520,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -704,6 +703,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -732,6 +732,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -767,7 +768,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -848,11 +848,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown @@ -877,5 +875,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt index fad16cded..ca3b05fa6 100644 --- a/data/5.3/5.3_security.txt +++ b/data/5.3/5.3_security.txt @@ -556,7 +556,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -740,6 +739,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -768,6 +768,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -803,7 +804,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -884,11 +884,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) @@ -913,5 +911,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt index 803aedf27..19dc1dd50 100644 --- a/data/5.4/5.4_CVEs.txt +++ b/data/5.4/5.4_CVEs.txt @@ -446,7 +446,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 5.4.189 CVE-2022-1419: Fixed with 5.4.21 CVE-2022-1462: Fixed with 5.4.208 -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fixed with 5.4.196 CVE-2022-1679: Fixed with 5.4.211 CVE-2022-1729: Fixed with 5.4.196 @@ -633,6 +632,7 @@ CVE-2022-4744: Fixed with 5.4.240 CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fixed with 5.4.229 CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fixed with 5.4.196 CVE-2023-0045: Fixed with 5.4.229 CVE-2023-0047: Fixed with 5.4.160 CVE-2023-0160: Fixed with 5.4.243 @@ -661,6 +661,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fixed with 5.4.243 CVE-2023-1382: Fixed with 5.4.226 CVE-2023-1390: Fixed with 5.4.92 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 5.4.232 CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fixed with 5.4.253 @@ -697,7 +698,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fixed with 5.4.229 CVE-2023-23455: Fixed with 5.4.229 CVE-2023-23559: Fixed with 5.4.231 -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fixed with 5.4.240 CVE-2023-2513: Fixed with 5.4.242 CVE-2023-26242: Fix unknown @@ -778,11 +778,9 @@ CVE-2023-4459: Fixed with 5.4.196 CVE-2023-45862: Fixed with 5.4.235 CVE-2023-45863: Fixed with 5.4.260 CVE-2023-45871: Fixed with 5.4.257 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 5.4.257 CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 5.4.257 CVE-2023-50431: Fix unknown @@ -807,5 +805,4 @@ CVE-2023-6931: Fixed with 5.4.264 CVE-2023-6932: Fixed with 5.4.263 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 5.4.235 -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt index 779e37e59..8c6338b1c 100644 --- a/data/5.4/5.4_security.txt +++ b/data/5.4/5.4_security.txt @@ -703,6 +703,7 @@ CVEs fixed in 5.4.196: CVE-2022-1652: 67e2b62461b5d02a1e63103e8a02c0bca75e26c7 floppy: use a statically allocated error counter CVE-2022-1729: dd0ea88b0a0f913f82500e988ef38158a9ad9885 perf: Fix sys_perf_event_open() race against self CVE-2022-28893: 2f8f6c393b11b5da059b1fc10a69fc2f2b6c446a SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() + CVE-2022-48619: bb83a744bc671804016e23861a892e9db2aee73f Input: add bounds checking to input_set_capability() CVE-2023-1838: 3a12b2c413b20c17832ec51cb836a0b713b916ac Fix double fget() in vhost_net_set_backend() CVE-2023-4387: 32f779e6fbbe0c0860a00777b7e3dee6b5ec0c1c net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() CVE-2023-4459: dc64e8874e87dc1c1c723a1c6da7efc3305c18da net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() @@ -1116,7 +1117,6 @@ Outstanding CVEs: CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory @@ -1167,6 +1167,7 @@ Outstanding CVEs: CVE-2023-1075: (unk) net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1249: (unk) coredump: Use the vma snapshot in fill_files_note CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu + CVE-2023-1476: (unk) CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-2007: (unk) scsi: dpt_i2o: Remove obsolete driver CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0 @@ -1178,7 +1179,6 @@ Outstanding CVEs: CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23004: (unk) malidp: Fix NULL vs IS_ERR() checking CVE-2023-23039: (unk) - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) CVE-2023-31081: (unk) CVE-2023-31082: (unk) @@ -1193,10 +1193,8 @@ Outstanding CVEs: CVE-2023-4010: (unk) CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg @@ -1211,5 +1209,4 @@ Outstanding CVEs: CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt index 45397a1b6..cd7289c94 100644 --- a/data/5.5/5.5_CVEs.txt +++ b/data/5.5/5.5_CVEs.txt @@ -404,7 +404,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fixed with 5.5.5 CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -593,6 +592,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -622,6 +622,7 @@ CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -658,7 +659,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -739,11 +739,9 @@ CVE-2023-4459: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown @@ -768,5 +766,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt index d16733e6a..c52fce663 100644 --- a/data/5.5/5.5_security.txt +++ b/data/5.5/5.5_security.txt @@ -438,7 +438,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -627,6 +626,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -656,6 +656,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -692,7 +693,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -773,11 +773,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) @@ -802,5 +800,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt index 72c3290fc..079971ff3 100644 --- a/data/5.6/5.6_CVEs.txt +++ b/data/5.6/5.6_CVEs.txt @@ -376,7 +376,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -568,6 +567,7 @@ CVE-2022-4744: Fix not seen in stream CVE-2022-47520: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -599,6 +599,7 @@ CVE-2023-1295: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -635,7 +636,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -720,11 +720,9 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown -CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown @@ -749,5 +747,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt index bc73a9e20..11aa12916 100644 --- a/data/5.6/5.6_security.txt +++ b/data/5.6/5.6_security.txt @@ -410,7 +410,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -602,6 +601,7 @@ Outstanding CVEs: CVE-2022-47520: (unk) wifi: wilc1000: validate pairwise and authentication suite offsets CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -633,6 +633,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -669,7 +670,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -754,11 +754,9 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) - CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) @@ -783,5 +781,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt index f96334e42..02088eb6b 100644 --- a/data/5.7/5.7_CVEs.txt +++ b/data/5.7/5.7_CVEs.txt @@ -362,7 +362,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream @@ -562,6 +561,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -593,6 +593,7 @@ CVE-2023-1295: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -633,7 +634,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -720,7 +720,6 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown @@ -750,5 +749,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt index 30f110335..5c4ebc01e 100644 --- a/data/5.7/5.7_security.txt +++ b/data/5.7/5.7_security.txt @@ -396,7 +396,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb @@ -596,6 +595,7 @@ Outstanding CVEs: CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -627,6 +627,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -667,7 +668,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -754,7 +754,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) @@ -784,5 +783,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt index e3d5a3268..dba57b432 100644 --- a/data/5.8/5.8_CVEs.txt +++ b/data/5.8/5.8_CVEs.txt @@ -342,7 +342,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream @@ -546,6 +545,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -577,6 +577,7 @@ CVE-2023-1295: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -617,7 +618,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -707,7 +707,6 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown @@ -737,5 +736,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt index 21d645402..f78542c29 100644 --- a/data/5.8/5.8_security.txt +++ b/data/5.8/5.8_security.txt @@ -377,7 +377,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb @@ -580,6 +579,7 @@ Outstanding CVEs: CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -611,6 +611,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -651,7 +652,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -741,7 +741,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) @@ -771,5 +770,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt index 965f75996..34ef3effd 100644 --- a/data/5.9/5.9_CVEs.txt +++ b/data/5.9/5.9_CVEs.txt @@ -312,7 +312,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1516: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream @@ -518,6 +517,7 @@ CVE-2022-47520: Fix not seen in stream CVE-2022-47521: Fix not seen in stream CVE-2022-47929: Fix not seen in stream CVE-2022-47946: Fix not seen in stream +CVE-2022-48619: Fix not seen in stream CVE-2023-0045: Fix not seen in stream CVE-2023-0047: Fix not seen in stream CVE-2023-0160: Fix not seen in stream @@ -549,6 +549,7 @@ CVE-2023-1295: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fix not seen in stream CVE-2023-1390: Fix not seen in stream +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1582: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -589,7 +590,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-25012: Fix not seen in stream CVE-2023-2513: Fix not seen in stream @@ -684,7 +684,6 @@ CVE-2023-4563: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown @@ -715,5 +714,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt index b343b6954..200590d1d 100644 --- a/data/5.9/5.9_security.txt +++ b/data/5.9/5.9_security.txt @@ -342,7 +342,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1516: (unk) net/x25: Fix null-ptr-deref caused by x25_disconnect CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb @@ -548,6 +547,7 @@ Outstanding CVEs: CVE-2022-47521: (unk) wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute CVE-2022-47929: (unk) net: sched: disallow noqueue for qdisc classes CVE-2022-47946: (unk) io_uring: kill sqo_dead and sqo submission halting + CVE-2022-48619: (unk) Input: add bounds checking to input_set_capability() CVE-2023-0045: (unk) x86/bugs: Flush IBP in ib_prctl_set() CVE-2023-0047: (unk) mm, oom: do not trigger out_of_memory from the #PF CVE-2023-0160: (unk) bpf, sockmap: fix deadlocks in the sockhash and sockmap @@ -579,6 +579,7 @@ Outstanding CVEs: CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-1382: (unk) tipc: set con sock in tipc_conn_alloc CVE-2023-1390: (unk) tipc: fix NULL deref in tipc_link_xmit() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1582: (unk) fs/proc: task_mmu.c: don't read mapcount for migration entry CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -619,7 +620,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-25012: (unk) HID: bigben: use spinlock to safely schedule workers CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry @@ -714,7 +714,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) @@ -745,5 +744,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt index e6fde3bf5..7a7ca14c7 100644 --- a/data/6.0/6.0_CVEs.txt +++ b/data/6.0/6.0_CVEs.txt @@ -182,6 +182,7 @@ CVE-2023-1206: Fix not seen in stream CVE-2023-1281: Fix not seen in stream CVE-2023-1380: Fix not seen in stream CVE-2023-1382: Fixed with 6.0.11 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fix not seen in stream CVE-2023-1583: Fix not seen in stream CVE-2023-1611: Fix not seen in stream @@ -340,7 +341,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fix not seen in stream CVE-2023-45863: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -374,5 +374,4 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fix not seen in stream -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt index fb458bb1c..e6ef01890 100644 --- a/data/6.0/6.0_security.txt +++ b/data/6.0/6.0_security.txt @@ -230,6 +230,7 @@ Outstanding CVEs: CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn(). CVE-2023-1281: (unk) net/sched: tcindex: update imperfect hash filters respecting rcu CVE-2023-1380: (unk) wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() + CVE-2023-1476: (unk) CVE-2023-1513: (unk) kvm: initialize all of the kvm_debugregs structure before sending it to userspace CVE-2023-1583: (unk) io_uring/rsrc: fix null-ptr-deref in io_file_bitmap_get() CVE-2023-1611: (unk) btrfs: fix race between quota disable and quota assign ioctls @@ -374,7 +375,6 @@ Outstanding CVEs: CVE-2023-45862: (unk) USB: ene_usb6250: Allocate enough memory for full object CVE-2023-45863: (unk) kobject: Fix slab-out-of-bounds in fill_kobj_path() CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -408,5 +408,4 @@ Outstanding CVEs: CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt index 4501d9ca5..03b958b9b 100644 --- a/data/6.1/6.1_CVEs.txt +++ b/data/6.1/6.1_CVEs.txt @@ -129,6 +129,7 @@ CVE-2023-1194: Fixed with 6.1.34 CVE-2023-1206: Fixed with 6.1.43 CVE-2023-1281: Fixed with 6.1.13 CVE-2023-1380: Fixed with 6.1.27 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 6.1.13 CVE-2023-1583: Fixed with 6.1.22 CVE-2023-1611: Fixed with 6.1.23 @@ -284,7 +285,6 @@ CVE-2023-4569: Fixed with 6.1.47 CVE-2023-45862: Fixed with 6.1.18 CVE-2023-45863: Fixed with 6.1.16 CVE-2023-45871: Fixed with 6.1.53 -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fixed with 6.1.53 CVE-2023-46813: Fixed with 6.1.60 @@ -320,5 +320,4 @@ CVE-2023-6931: Fixed with 6.1.68 CVE-2023-6932: Fixed with 6.1.66 CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 6.1.18 -CVE-2024-0193: Fixed with 6.1.71 CVE-2024-0340: Fix not seen in stream diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt index 540a7690f..8bd47d1a4 100644 --- a/data/6.1/6.1_security.txt +++ b/data/6.1/6.1_security.txt @@ -323,7 +323,6 @@ CVEs fixed in 6.1.70: CVEs fixed in 6.1.71: CVE-2023-1193: 8d271ef5e5cac8a470076891b248a28a2c57fb1e ksmbd: delete asynchronous work from list - CVE-2024-0193: 0105571f80edb96f81bb4bbdd5233a9130dc345b netfilter: nf_tables: skip set commit for deleted/destroyed sets Outstanding CVEs: CVE-2005-3660: (unk) @@ -403,6 +402,7 @@ Outstanding CVEs: CVE-2022-45885: (unk) CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area + CVE-2023-1476: (unk) CVE-2023-20941: (unk) CVE-2023-21264: (unk) KVM: arm64: Prevent unconditional donation of unmapped regions from the host CVE-2023-21400: (unk) @@ -423,7 +423,6 @@ Outstanding CVEs: CVE-2023-4010: (unk) CVE-2023-4133: (unk) cxgb4: fix use after free bugs caused by circular dependency problem CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync() - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt index d40c28556..e0fd95d14 100644 --- a/data/6.2/6.2_CVEs.txt +++ b/data/6.2/6.2_CVEs.txt @@ -93,6 +93,7 @@ CVE-2023-1194: Fix not seen in stream CVE-2023-1206: Fix not seen in stream CVE-2023-1281: Fixed with 6.2 CVE-2023-1380: Fixed with 6.2.14 +CVE-2023-1476: Fix unknown CVE-2023-1513: Fixed with 6.2 CVE-2023-1583: Fixed with 6.2.9 CVE-2023-1611: Fixed with 6.2.10 @@ -230,7 +231,6 @@ CVE-2023-4569: Fix not seen in stream CVE-2023-45862: Fixed with 6.2.5 CVE-2023-45863: Fixed with 6.2.3 CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -269,6 +269,5 @@ CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown CVE-2023-7192: Fixed with 6.2.5 -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream CVE-2024-0443: Fix not seen in stream diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt index d029d1a92..2ee066fe4 100644 --- a/data/6.2/6.2_security.txt +++ b/data/6.2/6.2_security.txt @@ -176,6 +176,7 @@ Outstanding CVEs: CVE-2023-1193: (unk) ksmbd: delete asynchronous work from list CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state() CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn(). + CVE-2023-1476: (unk) CVE-2023-20569: (unk) x86/bugs: Increase the x86 bugs vector size to two u32s CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0 CVE-2023-20593: (unk) x86/cpu/amd: Add a Zenbleed fix @@ -259,7 +260,6 @@ Outstanding CVEs: CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -297,6 +297,5 @@ Outstanding CVEs: CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() CVE-2024-0443: (unk) blk-cgroup: Flush stats before releasing blkcg_gq diff --git a/data/6.3/6.3_CVEs.txt b/data/6.3/6.3_CVEs.txt index b82dd3470..3a3ffde6e 100644 --- a/data/6.3/6.3_CVEs.txt +++ b/data/6.3/6.3_CVEs.txt @@ -83,6 +83,7 @@ CVE-2023-1192: Fixed with 6.3.4 CVE-2023-1194: Fixed with 6.3.8 CVE-2023-1206: Fix not seen in stream CVE-2023-1380: Fixed with 6.3.1 +CVE-2023-1476: Fix unknown CVE-2023-2002: Fixed with 6.3.1 CVE-2023-20569: Fix not seen in stream CVE-2023-20588: Fix not seen in stream @@ -193,7 +194,6 @@ CVE-2023-44466: Fix not seen in stream CVE-2023-4563: Fix not seen in stream CVE-2023-4569: Fix not seen in stream CVE-2023-45871: Fix not seen in stream -CVE-2023-4610: Fix not seen in stream CVE-2023-4622: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-46813: Fix not seen in stream @@ -231,6 +231,5 @@ CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown -CVE-2024-0193: Fix not seen in stream CVE-2024-0340: Fix not seen in stream CVE-2024-0443: Fixed with 6.3.9 diff --git a/data/6.3/6.3_security.txt b/data/6.3/6.3_security.txt index 00a1b4889..548469f20 100644 --- a/data/6.3/6.3_security.txt +++ b/data/6.3/6.3_security.txt @@ -164,6 +164,7 @@ Outstanding CVEs: CVE-2022-45884: (unk) CVE-2022-45885: (unk) CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn(). + CVE-2023-1476: (unk) CVE-2023-20569: (unk) x86/bugs: Increase the x86 bugs vector size to two u32s CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0 CVE-2023-20593: (unk) x86/cpu/amd: Add a Zenbleed fix @@ -222,7 +223,6 @@ Outstanding CVEs: CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled - CVE-2023-4610: (unk) Revert "mm: vmscan: make global slab shrink lockless" CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space @@ -260,5 +260,4 @@ Outstanding CVEs: CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.4/6.4_CVEs.txt b/data/6.4/6.4_CVEs.txt index 1e5a05227..f3f17b20c 100644 --- a/data/6.4/6.4_CVEs.txt +++ b/data/6.4/6.4_CVEs.txt @@ -72,6 +72,7 @@ CVE-2022-4543: Fix unknown CVE-2022-45884: Fix unknown CVE-2022-45885: Fix unknown CVE-2023-1206: Fixed with 6.4.8 +CVE-2023-1476: Fix unknown CVE-2023-20569: Fixed with 6.4.9 CVE-2023-20588: Fixed with 6.4.10 CVE-2023-20593: Fixed with 6.4.6 @@ -178,4 +179,3 @@ CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown -CVE-2024-0193: Fix not seen in stream diff --git a/data/6.4/6.4_security.txt b/data/6.4/6.4_security.txt index 7949337c4..4d1d54091 100644 --- a/data/6.4/6.4_security.txt +++ b/data/6.4/6.4_security.txt @@ -151,6 +151,7 @@ Outstanding CVEs: CVE-2022-4543: (unk) CVE-2022-45884: (unk) CVE-2022-45885: (unk) + CVE-2023-1476: (unk) CVE-2023-20941: (unk) CVE-2023-21400: (unk) CVE-2023-23039: (unk) @@ -204,4 +205,3 @@ Outstanding CVEs: CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) - CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets diff --git a/data/6.5/6.5_CVEs.txt b/data/6.5/6.5_CVEs.txt index 0556d3395..3ca59b2c2 100644 --- a/data/6.5/6.5_CVEs.txt +++ b/data/6.5/6.5_CVEs.txt @@ -70,6 +70,7 @@ CVE-2022-41848: Fix unknown CVE-2022-4543: Fix unknown CVE-2022-45884: Fix unknown CVE-2022-45885: Fix unknown +CVE-2023-1476: Fix unknown CVE-2023-20941: Fix unknown CVE-2023-21400: Fix unknown CVE-2023-23039: Fix unknown diff --git a/data/6.5/6.5_security.txt b/data/6.5/6.5_security.txt index d22303d2a..6be08792b 100644 --- a/data/6.5/6.5_security.txt +++ b/data/6.5/6.5_security.txt @@ -113,6 +113,7 @@ Outstanding CVEs: CVE-2022-4543: (unk) CVE-2022-45884: (unk) CVE-2022-45885: (unk) + CVE-2023-1476: (unk) CVE-2023-20941: (unk) CVE-2023-21400: (unk) CVE-2023-23039: (unk) diff --git a/data/6.6/6.6_CVEs.txt b/data/6.6/6.6_CVEs.txt index 5c2cb6d92..e66d37cc0 100644 --- a/data/6.6/6.6_CVEs.txt +++ b/data/6.6/6.6_CVEs.txt @@ -70,6 +70,7 @@ CVE-2022-41848: Fix unknown CVE-2022-4543: Fix unknown CVE-2022-45884: Fix unknown CVE-2022-45885: Fix unknown +CVE-2023-1476: Fix unknown CVE-2023-20941: Fix unknown CVE-2023-21400: Fix unknown CVE-2023-23039: Fix unknown diff --git a/data/6.6/6.6_security.txt b/data/6.6/6.6_security.txt index a0d313e18..543e4c41f 100644 --- a/data/6.6/6.6_security.txt +++ b/data/6.6/6.6_security.txt @@ -103,6 +103,7 @@ Outstanding CVEs: CVE-2022-4543: (unk) CVE-2022-45884: (unk) CVE-2022-45885: (unk) + CVE-2023-1476: (unk) CVE-2023-20941: (unk) CVE-2023-21400: (unk) CVE-2023-23039: (unk) diff --git a/data/6.7/6.7_CVEs.txt b/data/6.7/6.7_CVEs.txt new file mode 100644 index 000000000..409c82a94 --- /dev/null +++ b/data/6.7/6.7_CVEs.txt @@ -0,0 +1,94 @@ +CVE-2005-3660: Fix unknown +CVE-2007-3719: Fix unknown +CVE-2008-2544: Fix unknown +CVE-2008-4609: Fix unknown +CVE-2010-4563: Fix unknown +CVE-2010-5321: Fix unknown +CVE-2011-4916: Fix unknown +CVE-2011-4917: Fix unknown +CVE-2012-4542: Fix unknown +CVE-2013-7445: Fix unknown +CVE-2015-2877: Fix unknown +CVE-2016-8660: Fix unknown +CVE-2017-13693: Fix unknown +CVE-2017-13694: Fix unknown +CVE-2018-1121: Fix unknown +CVE-2018-12928: Fix unknown +CVE-2018-12929: Fix unknown +CVE-2018-12930: Fix unknown +CVE-2018-12931: Fix unknown +CVE-2018-17977: Fix unknown +CVE-2019-12456: Fix unknown +CVE-2019-15239: Fix not seen in stream +CVE-2019-15290: Fix unknown +CVE-2019-15902: Fix not seen in stream +CVE-2019-16089: Fix unknown +CVE-2019-19378: Fix unknown +CVE-2019-19814: Fix unknown +CVE-2019-20794: Fix unknown +CVE-2020-0347: Fix unknown +CVE-2020-10708: Fix unknown +CVE-2020-11725: Fix unknown +CVE-2020-14304: Fix unknown +CVE-2020-15802: Fix unknown +CVE-2020-24502: Fix unknown +CVE-2020-24503: Fix unknown +CVE-2020-25220: Fix not seen in stream +CVE-2020-26140: Fix unknown +CVE-2020-26142: Fix unknown +CVE-2020-26143: Fix unknown +CVE-2020-26556: Fix unknown +CVE-2020-26557: Fix unknown +CVE-2020-26559: Fix unknown +CVE-2020-26560: Fix unknown +CVE-2020-35501: Fix unknown +CVE-2021-0399: Fix unknown +CVE-2021-26934: Fix unknown +CVE-2021-3542: Fix unknown +CVE-2021-3714: Fix unknown +CVE-2021-3847: Fix unknown +CVE-2021-3864: Fix unknown +CVE-2021-3892: Fix unknown +CVE-2021-39800: Fix unknown +CVE-2021-39801: Fix unknown +CVE-2022-0400: Fix unknown +CVE-2022-1116: Fix unknown +CVE-2022-1247: Fix unknown +CVE-2022-2209: Fix unknown +CVE-2022-23825: Fix unknown +CVE-2022-25265: Fix unknown +CVE-2022-26878: Fix unknown +CVE-2022-2961: Fix unknown +CVE-2022-3238: Fix unknown +CVE-2022-3533: Fix unknown +CVE-2022-3544: Fix unknown +CVE-2022-3606: Fix unknown +CVE-2022-36402: Fix unknown +CVE-2022-3642: Fix unknown +CVE-2022-38096: Fix unknown +CVE-2022-41848: Fix unknown +CVE-2022-4543: Fix unknown +CVE-2022-45884: Fix unknown +CVE-2022-45885: Fix unknown +CVE-2023-1476: Fix unknown +CVE-2023-20941: Fix unknown +CVE-2023-21400: Fix unknown +CVE-2023-23039: Fix unknown +CVE-2023-26242: Fix unknown +CVE-2023-2640: Fix unknown +CVE-2023-31081: Fix unknown +CVE-2023-31082: Fix unknown +CVE-2023-32629: Fix unknown +CVE-2023-3397: Fix unknown +CVE-2023-3640: Fix unknown +CVE-2023-37454: Fix unknown +CVE-2023-4010: Fix unknown +CVE-2023-47233: Fix unknown +CVE-2023-50431: Fix unknown +CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown +CVE-2023-6356: Fix unknown +CVE-2023-6535: Fix unknown +CVE-2023-6536: Fix unknown +CVE-2023-7042: Fix unknown +CVE-2024-0193: Fixed with 6.7 diff --git a/data/6.7/6.7_security.txt b/data/6.7/6.7_security.txt new file mode 100644 index 000000000..61dd0e621 --- /dev/null +++ b/data/6.7/6.7_security.txt @@ -0,0 +1,98 @@ + +CVEs fixed in 6.7: + CVE-2024-0193: 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a netfilter: nf_tables: skip set commit for deleted/destroyed sets + +Outstanding CVEs: + CVE-2005-3660: (unk) + CVE-2007-3719: (unk) + CVE-2008-2544: (unk) + CVE-2008-4609: (unk) + CVE-2010-4563: (unk) + CVE-2010-5321: (unk) + CVE-2011-4916: (unk) + CVE-2011-4917: (unk) + CVE-2012-4542: (unk) + CVE-2013-7445: (unk) + CVE-2015-2877: (unk) + CVE-2016-8660: (unk) + CVE-2017-13693: (unk) + CVE-2017-13694: (unk) + CVE-2018-1121: (unk) + CVE-2018-12928: (unk) + CVE-2018-12929: (unk) + CVE-2018-12930: (unk) + CVE-2018-12931: (unk) + CVE-2018-17977: (unk) + CVE-2019-12456: (unk) + CVE-2019-15239: (unk) unknown + CVE-2019-15290: (unk) + CVE-2019-15902: (unk) unknown + CVE-2019-16089: (unk) + CVE-2019-19378: (unk) + CVE-2019-19814: (unk) + CVE-2019-20794: (unk) + CVE-2020-0347: (unk) + CVE-2020-10708: (unk) + CVE-2020-11725: (unk) + CVE-2020-14304: (unk) + CVE-2020-15802: (unk) + CVE-2020-24502: (unk) + CVE-2020-24503: (unk) + CVE-2020-25220: (unk) + CVE-2020-26140: (unk) + CVE-2020-26142: (unk) + CVE-2020-26143: (unk) + CVE-2020-26556: (unk) + CVE-2020-26557: (unk) + CVE-2020-26559: (unk) + CVE-2020-26560: (unk) + CVE-2020-35501: (unk) + CVE-2021-0399: (unk) + CVE-2021-26934: (unk) + CVE-2021-3542: (unk) + CVE-2021-3714: (unk) + CVE-2021-3847: (unk) + CVE-2021-3864: (unk) + CVE-2021-3892: (unk) + CVE-2021-39800: (unk) + CVE-2021-39801: (unk) + CVE-2022-0400: (unk) + CVE-2022-1116: (unk) + CVE-2022-1247: (unk) + CVE-2022-2209: (unk) + CVE-2022-23825: (unk) + CVE-2022-25265: (unk) + CVE-2022-26878: (unk) + CVE-2022-2961: (unk) + CVE-2022-3238: (unk) + CVE-2022-3533: (unk) + CVE-2022-3544: (unk) + CVE-2022-3606: (unk) + CVE-2022-36402: (unk) + CVE-2022-3642: (unk) + CVE-2022-38096: (unk) + CVE-2022-41848: (unk) + CVE-2022-4543: (unk) + CVE-2022-45884: (unk) + CVE-2022-45885: (unk) + CVE-2023-1476: (unk) + CVE-2023-20941: (unk) + CVE-2023-21400: (unk) + CVE-2023-23039: (unk) + CVE-2023-26242: (unk) + CVE-2023-2640: (unk) + CVE-2023-31081: (unk) + CVE-2023-31082: (unk) + CVE-2023-32629: (unk) + CVE-2023-3397: (unk) + CVE-2023-3640: (unk) + CVE-2023-37454: (unk) + CVE-2023-4010: (unk) + CVE-2023-47233: (unk) + CVE-2023-50431: (unk) + CVE-2023-6238: (unk) + CVE-2023-6270: (unk) + CVE-2023-6356: (unk) + CVE-2023-6535: (unk) + CVE-2023-6536: (unk) + CVE-2023-7042: (unk) diff --git a/data/CVEs.txt b/data/CVEs.txt index 57f3ea1cd..449b9328d 100644 --- a/data/CVEs.txt +++ b/data/CVEs.txt @@ -1320,7 +1320,7 @@ CVE-2019-15792: Vendor Specific CVE-2019-15793: Vendor Specific CVE-2019-15794: 2f502839e85ab265f03f25f30d6463154aee5473 - 2896900e22f8212606a1837d89a6bbce314ceeda (v4.19-rc1 to v5.12) CVE-2019-15807: 2908d778ab3e244900c310974e1fc1c69066e450 - 3b0541791453fbe7f42867e310e0c9eb6295364d (v2.6.19-rc1 to v5.2-rc3) -CVE-2019-15902: (n/a) - (n/a) (unk to unk) +CVE-2019-15902: local - (n/a) (unk to unk) CVE-2019-15916: 1d24eb4815d1e0e8b451ecc546645f8ef1176d4f - 895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab (v2.6.38-rc1 to v5.1-rc1) CVE-2019-15917: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56897b217a1d0a91c9920cb418d6b3fe922f590a (v2.6.12-rc2 to v5.1-rc1) CVE-2019-15918: 9764c02fcbad40001fd3f63558d918e4d519bb75 - b57a55e2200ede754e4dc9cce4ba9402544b9365 (v4.14-rc2 to v5.1-rc6) @@ -2013,7 +2013,7 @@ CVE-2022-1280: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 869e76f7a918f010bd4518 CVE-2022-1353: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9a564bccb78a76740ea9d75a259942df8143d02c (v2.6.12-rc2 to v5.17) CVE-2022-1419: 502e95c6678505474f1056480310cd9382bacbac - 4b848f20eda5974020f043ca14bacf7a7e634fc8 (v4.1-rc1 to v5.6-rc2) CVE-2022-1462: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a501ab75e7624d133a5a3c7ec010687c8b961d23 (v2.6.12-rc2 to v5.19-rc7) -CVE-2022-1508: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - 89c2b3b74918200e46699338d7bcc19b1ea12110 (v5.1-rc1 to v5.15-rc1) +CVE-2022-1508: 632546c4b5a4dad8e3ac456406c65c0db9a0b570 - 89c2b3b74918200e46699338d7bcc19b1ea12110 (v5.11-rc1 to v5.15-rc1) CVE-2022-1516: 4becb7ee5b3d2829ed7b9261a245a77d5b7de902 - 7781607938c8371d4c2b243527430241c62e39c2 (v5.7-rc5 to v5.18-rc1) CVE-2022-1651: 9c5137aedd112f78a968bdd2325de2ea06df46c0 - ecd1735f14d6ac868ae5d8b7a2bf193fa11f388b (v5.12-rc1-dontuse to v5.18-rc1) CVE-2022-1652: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f71f01394f742fc4558b3f9f4c7ef4c4cf3b07c8 (v2.6.12-rc2 to v5.18-rc6) @@ -2287,6 +2287,7 @@ CVE-2022-48423: 12dad495eaab95e0bb784c43869073617c513ea4 - 54e45702b648b7c0000e9 CVE-2022-48424: 12dad495eaab95e0bb784c43869073617c513ea4 - 4f1dc7d9756e66f3f876839ea174df2e656b7f79 (v5.15-rc1 to v6.2-rc1) CVE-2022-48425: 12dad495eaab95e0bb784c43869073617c513ea4 - 98bea253aa28ad8be2ce565a9ca21beb4a9419e5 (v5.15-rc1 to v6.4-rc1) CVE-2022-48502: f7464060f7ab9a2424428008f0ee9f1e267e410f - 0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b (v5.15-rc1 to v6.2-rc1) +CVE-2022-48619: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 409353cbe9fe48f6bc196114c442b1cff05a39bc (v2.6.12-rc2 to v5.18-rc1) CVE-2023-0030: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 729eba3355674f2d9524629b73683ba1d1cd3f10 (v2.6.12-rc2 to v5.0-rc1) CVE-2023-0045: 9137bb27e60e554dab694eafa4cca241fa3a694f - a664ec9158eeddd75121d39c9a0758016097fa96 (v4.20-rc5 to v6.2-rc3) CVE-2023-0047: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 60e2793d440a3ec95abb5d6d4fc034a4b480472d (v2.6.12-rc2 to v5.16-rc1) @@ -2328,6 +2329,7 @@ CVE-2023-1295: b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb - 9eac1904d3364254d622bf CVE-2023-1380: 5b435de0d786869c95d1962121af0d7df2542009 - 0da40e018fd034d87c9460123fa7f897b69fdee7 (v3.2-rc1 to v6.4-rc1) CVE-2023-1382: c5fa7b3cf3cb22e4ac60485fc2dc187fe012910f - 0e5d56c64afcd6fd2d132ea972605b66f8a7d3c4 (v3.11-rc1 to v6.1-rc7) CVE-2023-1390: af9b028e270fda6fb812d70d17d902297df1ceb5 - b77413446408fdd256599daf00d5be72b5f3e7c6 (v4.3-rc1 to v5.11-rc4) +CVE-2023-1476: (n/a) - (n/a) (unk to unk) CVE-2023-1513: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2c10b61421a28e95a46ab489fd56c0f442ff6952 (v2.6.12-rc2 to v6.2) CVE-2023-1582: e9b61f19858a5d6c42ce2298cf138279375d0d9b - 24d7275ce2791829953ed4e72f68277ceb2571c6 (v4.5-rc1 to v5.17-rc4) CVE-2023-1583: 4278a0deb1f6cac40ded3362fe2a9827d7efee3d - 02a4d923e4400a36d340ea12d8058f69ebf3a383 (v5.19-rc1 to v6.3-rc4) @@ -2389,7 +2391,7 @@ CVE-2023-23454: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - caa4b35b4317d5147b3ab CVE-2023-23455: b0188d4dbe5f4285372dd033acf7c92a97006629 - a2965c7be0522eaa18808684b7b82b248515511b (v2.6.23-rc1 to v6.2-rc3) CVE-2023-23559: 80f8c5b434f94926c6489d7350d58aecb53ab70f - b870e73a56c4cccbec33224233eaf295839f228c (v2.6.35-rc1 to v6.2-rc5) CVE-2023-23586: 500a373d731ac506612db12631ec21295c1ff360 - 4379bf8bd70b5de6bba7d53015b0c36c57a634ee (v5.10-rc1 to v5.12-rc1-dontuse) -CVE-2023-2430: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d (v5.1-rc1 to v6.2-rc5) +CVE-2023-2430: 4f57f06ce2186c31c3da52386125dc57b1cd6f96 - e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d (v5.18-rc1 to v6.2-rc5) CVE-2023-2483: b9b17debc69d27cd55e21ee51a5ba7fc50a426cf - 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (v4.9-rc1 to v6.3-rc4) CVE-2023-25012: 4eb1b01de5b9d8596d6c103efcf1a15cfc1bedf7 - 76ca8da989c7d97a7f76c75d475fe95a584439d7 (v5.6-rc4 to v6.3-rc1) CVE-2023-2513: ac27a0ec112a089f1a5102bc8dffc79c8c815571 - 67d7d8ad99beccd9fe92d585b87f1760dc9018e3 (v2.6.19-rc2 to v6.0-rc1) @@ -2539,14 +2541,14 @@ CVE-2023-45862: 33842cedfc33ee907b2a702f321a26f7c0bf0aaa - ce33e64c1788912976b61 CVE-2023-45863: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 3bb2a01caa813d3a1845d378bbe4169ef280d394 (v2.6.12-rc2 to v6.3-rc1) CVE-2023-45871: 89eaefb61dc9170237d95b844dd357338fc7225d - bb5ed01cd2428cd25b1c88a3a9cba87055eb289f (v3.4-rc1 to v6.6-rc1) CVE-2023-45898: 2a69c450083db164596c75c0f5b4d9c4c0e18eba - 768d612f79822d30a1e7d132a4d4b05337ce42ec (v6.5-rc1 to v6.6-rc1) -CVE-2023-4610: (n/a) - 71c3ad65fabec9620d3f548b2da948c79c7ad9d5 (unk to v6.4) +CVE-2023-4610: f95bdb700bc6bb74e1199b1f5f90c613e152cfa7 - 71c3ad65fabec9620d3f548b2da948c79c7ad9d5 (v6.4-rc1 to v6.4) CVE-2023-4611: 5e31275cc997f8ec5d9e8d65fe9840ebed89db19 - 6c21e066f9256ea1df6f88768f6ae1080b7cf509 (v6.4-rc1 to v6.5-rc4) CVE-2023-4622: 869e7c62486ec0e170a9771acaa251d1a33b5871 - 57d44a354a43edba4ef9963327d4657d12edbfbc (v4.2-rc1 to v6.5-rc1) CVE-2023-4623: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b3d26c5702c7d6c45456326e56d2ccf3f103e60f (v2.6.12-rc2 to v6.6-rc1) CVE-2023-46813: 597cfe48212a3f110ab0f918bf59791f453e65b7 - 63e44bc52047f182601e7817da969a105aa1f721 (v5.10-rc1 to v6.6-rc7) CVE-2023-46862: dbbe9c642411c359ad0a0e32442eb2e11d3811b5 - 7644b1a1c9a7ae8ab99175989bfc8676055edb46 (v5.10-rc1 to v6.6) CVE-2023-47233: (n/a) - (n/a) (unk to unk) -CVE-2023-4732: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8f34f1eac3820fc2722e5159acceb22545b30b0d (v2.6.12-rc2 to v5.14-rc1) +CVE-2023-4732: 5a281062af1d43d3f3956a6b429c2d727bc92603 - 8f34f1eac3820fc2722e5159acceb22545b30b0d (v5.7-rc1 to v5.14-rc1) CVE-2023-4881: 49499c3e6e18b7677a63316f3ff54a16533dc28f - fd94d9dadee58e09b49075240fe83423eb1dcd36 (v4.1-rc1 to v6.6-rc1) CVE-2023-4921: 462dbc9101acd38e92eda93c0726857517a24bbd - 8fc134fee27f2263988ae38920bc03da416b03d8 (v3.8-rc1 to v6.6-rc1) CVE-2023-50431: c4d66343a46a4931d6a547042198896e4fd1c592 - (n/a) (v5.1-rc1 to unk) @@ -2556,7 +2558,7 @@ CVE-2023-51779: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2e07e8348ea454615e268 CVE-2023-5178: 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - 872d26a391da92ed8f0c0f5cb5fef428067b7f30 (CVE Caused by Backporting) CVE-2023-51780: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 (v2.6.12-rc2 to v6.7-rc6) CVE-2023-51781: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 189ff16722ee36ced4d2a2469d4ab65a8fee4198 (v2.6.12-rc2 to v6.7-rc6) -CVE-2023-51782: (n/a) - 810c38a369a0a0ce625b5c12169abce1dd9ccd53 (unk to v6.7-rc6) +CVE-2023-51782: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 810c38a369a0a0ce625b5c12169abce1dd9ccd53 (v2.6.12-rc2 to v6.7-rc6) CVE-2023-5197: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - f15f29fd4779be8a418b66e9d52979bb6d6c2325 (v5.9-rc1 to v6.6-rc3) CVE-2023-5345: a4e430c8c8ba96be8c6ec4f2eb108bb8bcbee069 - e6e43b8aa7cd3c3af686caf0c2e11819a886d705 (v6.1-rc1 to v6.6-rc4) CVE-2023-5633: a950b989ea29ab3b38ea7f6e3d2540700a3c54e8 - 91398b413d03660fd5828f7b4abc64e884b98069 (v6.2 to v6.6-rc6) @@ -2580,10 +2582,10 @@ CVE-2023-6610: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 567320c46a60a3c39b69aa CVE-2023-6622: (n/a) - 3701cd390fd731ee7ae8b8006246c8db82c72bea (unk to v6.7-rc5) CVE-2023-6679: 9d71b54b65b1fb6c0d3a6c5c88ba9b915c783fbc - 65c95f78917ea6fa7ff189a2c19879c4fe161873 (v6.7-rc1 to v6.7-rc6) CVE-2023-6817: (n/a) - 317eb9685095678f2c9f5a8189de698c5354316a (unk to v6.7-rc5) -CVE-2023-6931: (n/a) - 382c27f4ed28f803b1f1473ac2d8db0afc795a1b (unk to v6.7-rc5) +CVE-2023-6931: a723968c0ed36db676478c3d26078f13484fe01c - 382c27f4ed28f803b1f1473ac2d8db0afc795a1b (v4.3-rc4 to v6.7-rc5) CVE-2023-6932: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e2b706c691905fe78468c361aaabc719d0a496f1 (v2.6.12-rc2 to v6.7-rc4) CVE-2023-7042: 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5 - (n/a) (v3.11-rc1 to unk) CVE-2023-7192: 7d367e06688dc7a2cc98c2ace04e1296e1d987e2 - ac4893980bbe79ce383daf9a0885666a30fe4c83 (v3.3-rc6 to v6.3-rc1) -CVE-2024-0193: (n/a) - 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a (unk to v6.7) +CVE-2024-0193: 5f68718b34a531a556f2f50300ead2862278da26 - 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a (v6.5-rc6 to v6.7) CVE-2024-0340: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 (v2.6.12-rc2 to v6.4-rc6) CVE-2024-0443: 3b8cc6298724021da845f2f9fd7dd4b6829a6817 - 20cb1c2fb7568a6054c55defe044311397e01ddb (v6.2-rc1 to v6.4-rc7) diff --git a/data/cmts.json b/data/cmts.json index 9c56bf8d6..96a141e46 100644 --- a/data/cmts.json +++ b/data/cmts.json @@ -925,6 +925,7 @@ "4071bf121d59944d5cd2238de0642f3d7995a997": "v5.18-rc6", "407ecd1bd726f240123f704620d46e285ff30dd9": "v5.16-rc6", "408fb0e5aa7fda0059db282ff58c3b2a4278baa0": "v4.4-rc6", + "409353cbe9fe48f6bc196114c442b1cff05a39bc": "v5.18-rc1", "40a82917b1d3a8aecedee6b64949795b75359731": "v3.12-rc1", "40d8abdee806d496a60ee607a6d01b1cd7fabaf0": "v4.7-rc1", "41061cdb98a0bec464278b4db8e894a3121671f5": "v3.17-rc1", @@ -1138,6 +1139,7 @@ "4f1dc7d9756e66f3f876839ea174df2e656b7f79": "v6.2-rc1", "4f3882177240a1f55e45a3d241d3121341bead78": "v5.5-rc6", "4f4853dc1c9c1994f6f756eabdcc25374ff271d9": "v4.10-rc1", + "4f57f06ce2186c31c3da52386125dc57b1cd6f96": "v5.18-rc1", "4f5d33f4f798b1c6d92b613f0087f639d9836971": "v6.0-rc1", "4f7019c7eb33967eb87766e0e4602b5576873680": "v5.15", "4f98186848707f530669238d90e0562d92a78aab": "v5.17-rc3", @@ -1287,6 +1289,7 @@ "5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830": "v3.16-rc1", "5a25ba1677ab8d63890016a8c1bca68a3e0fbc7d": "v2.6.19-rc1", "5a264285ed1cd32e26d9de4f3c8c6855e467fd63": "v5.12-rc1", + "5a281062af1d43d3f3956a6b429c2d727bc92603": "v5.7-rc1", "5a52a7acf7e2a812d2852342992cee3dc22ad25d": "v4.12-rc1", "5a7203947a1d9b6f3a00a39fda08c2466489555f": "v3.11-rc1", "5abda7a16698d4d1f47af1168d8fa2c640116b4a": "v6.4-rc1", @@ -1355,6 +1358,7 @@ "5f3e2bf008c2221478101ee72f5cb4654b9fc363": "v5.2-rc6", "5f409e20b794565e2d60ad333e79334630a6c798": "v5.2-rc1", "5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339": "v3.19-rc1", + "5f68718b34a531a556f2f50300ead2862278da26": "v6.5-rc6", "5f8aadd8b9966d71a77bba52b9d499cc2f38269f": "v3.4-rc1", "5f8cf712582617d523120df67d392059eaf2fc4b": "v4.20-rc6", "5f8e44741f9f216e33736ea4ec65ca9ac03036e6": "v4.6", @@ -1408,6 +1412,7 @@ "62fdaa52a3d00a875da771719b6dc537ca79fce1": "v5.4-rc1", "6306c1189e77a513bf02720450bb43bd4ba5d8ae": "v5.12-rc1-dontuse", "631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0": "v5.1-rc4", + "632546c4b5a4dad8e3ac456406c65c0db9a0b570": "v5.11-rc1", "63264422785021704c39b38f65a78ab9e4a186d7": "v6.4-rc1", "63489f8e821144000e0bdca7e65a8d1cc23a7ee7": "v4.16-rc7", "635682a14427d241bab7bbdeebb48a7d7b91638e": "v4.3-rc4", @@ -2345,6 +2350,7 @@ "a6e544b0a88b53114bfa5a57e21b7be7a8dfc9d0": "v4.3-rc1", "a6ecfb39ba9d7316057cea823b196b734f6b18ca": "v5.14-rc3", "a70b52ec1aaeaf60f4739edb1b422827cb6f3893": "v3.5-rc1", + "a723968c0ed36db676478c3d26078f13484fe01c": "v4.3-rc4", "a73881c96d73ee72b7dbbd38a6eeef66182a8ef7": "v5.1-rc1", "a73e99cb67e7438e5ab0c524ae63a8a27616c839": "v4.3-rc1", "a7771176b4392fbc3a17399c51a8c11f2f681afe": "v4.15-rc1", @@ -3432,6 +3438,7 @@ "f91072ed1b7283b13ca57fcfbece5a3b92726143": "v5.10-rc1", "f92363d12359498f9a9960511de1a550f0ec41c2": "v3.8-rc1", "f94b47c6bde624d6c07f43054087607c52054a95": "v5.19-rc1", + "f95bdb700bc6bb74e1199b1f5f90c613e152cfa7": "v6.4-rc1", "f980f9c31a923e9040dee0bc679a5f5b09e61f40": "v5.10-rc1", "f991af3daabaecff34684fd51fac80319d1baad1": "v4.13-rc1", "f9b62f9843c7b0afdaecabbcebf1dbba18599408": "v6.1-rc8", diff --git a/data/kernel_cves.json b/data/kernel_cves.json index 0463bb1d0..47f2c3f4f 100644 --- a/data/kernel_cves.json +++ b/data/kernel_cves.json @@ -73255,8 +73255,8 @@ } }, "CVE-2022-1508": { - "affected_versions": "v5.1-rc1 to v5.15-rc1", - "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", + "affected_versions": "v5.11-rc1 to v5.15-rc1", + "breaks": "632546c4b5a4dad8e3ac456406c65c0db9a0b570", "cmt_msg": "io_uring: reexpand under-reexpanded iters", "cvss3": { "Attack Complexity": "Low", @@ -73272,7 +73272,7 @@ }, "cwe": "Out-of-bounds Read", "fixes": "89c2b3b74918200e46699338d7bcc19b1ea12110", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1508", @@ -82016,6 +82016,23 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2022-48502" } }, + "CVE-2022-48619": { + "affected_versions": "v2.6.12-rc2 to v5.18-rc1", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "fixes": "409353cbe9fe48f6bc196114c442b1cff05a39bc", + "last_affected_version": "5.17.9", + "last_modified": "2024-01-15", + "nvd_text": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-48619", + "ExploitDB": "https://www.exploit-db.com/search?cve=2022-48619", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2022-48619", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2022-48619", + "SUSE": "https://www.suse.com/security/cve/CVE-2022-48619", + "Ubuntu": "https://ubuntu.com/security/CVE-2022-48619" + } + }, "CVE-2023-0030": { "affected_versions": "v2.6.12-rc2 to v5.0-rc1", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", @@ -83193,6 +83210,33 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-1390" } }, + "CVE-2023-1476": { + "affected_versions": "unk to unk", + "breaks": "", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.0 + }, + "fixes": "", + "last_modified": "2024-01-15", + "nvd_text": "A use-after-free flaw was found in the Linux kernel\u2019s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1476", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-1476", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-1476", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-1476", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-1476", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-1476" + } + }, "CVE-2023-1513": { "affected_versions": "v2.6.12-rc2 to v6.2", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", @@ -84944,8 +84988,8 @@ } }, "CVE-2023-2430": { - "affected_versions": "v5.1-rc1 to v6.2-rc5", - "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", + "affected_versions": "v5.18-rc1 to v6.2-rc5", + "breaks": "4f57f06ce2186c31c3da52386125dc57b1cd6f96", "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL", "cvss3": { "Attack Complexity": "Low", @@ -84961,7 +85005,7 @@ }, "fixes": "e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d", "last_affected_version": "6.1.49", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2430", @@ -89176,12 +89220,12 @@ } }, "CVE-2023-4610": { - "affected_versions": "unk to v6.4", - "breaks": "", + "affected_versions": "v6.4-rc1 to v6.4", + "breaks": "f95bdb700bc6bb74e1199b1f5f90c613e152cfa7", "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"", "fixes": "71c3ad65fabec9620d3f548b2da948c79c7ad9d5", "last_affected_version": "6.3", - "last_modified": "2023-12-06", + "last_modified": "2024-01-15", "nvd_text": "Rejected reason: The SRCU code was added in upstream kernel v6.4-rc1 and removed before v6.4. This bug only existed in development kernels. Please see https://lore.kernel.org/all/ZTKVfoQZplpB8rki@casper.infradead.org and https://bugzilla.suse.com/show_bug.cgi?id=1215932 for more information.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4610", @@ -89365,8 +89409,8 @@ } }, "CVE-2023-4732": { - "affected_versions": "v2.6.12-rc2 to v5.14-rc1", - "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "affected_versions": "v5.7-rc1 to v5.14-rc1", + "breaks": "5a281062af1d43d3f3956a6b429c2d727bc92603", "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()", "cvss3": { "Attack Complexity": "High", @@ -89382,7 +89426,7 @@ }, "fixes": "8f34f1eac3820fc2722e5159acceb22545b30b0d", "last_affected_version": "5.13.4", - "last_modified": "2023-12-06", + "last_modified": "2024-01-15", "nvd_text": "A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-4732", @@ -89574,7 +89618,7 @@ }, "fixes": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "last_affected_version": "6.5.8", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-5178", @@ -89620,12 +89664,12 @@ } }, "CVE-2023-51782": { - "affected_versions": "unk to v6.7-rc6", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc6", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "net/rose: Fix Use-After-Free in rose_ioctl", "fixes": "810c38a369a0a0ce625b5c12169abce1dd9ccd53", "last_affected_version": "6.6.7", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-51782", @@ -90227,8 +90271,8 @@ } }, "CVE-2023-6931": { - "affected_versions": "unk to v6.7-rc5", - "breaks": "", + "affected_versions": "v4.3-rc4 to v6.7-rc5", + "breaks": "a723968c0ed36db676478c3d26078f13484fe01c", "cmt_msg": "perf: Fix perf_event_validate_size()", "cvss3": { "Attack Complexity": "Low", @@ -90244,7 +90288,7 @@ }, "fixes": "382c27f4ed28f803b1f1473ac2d8db0afc795a1b", "last_affected_version": "6.6.6", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.\n\n", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6931", @@ -90341,8 +90385,8 @@ } }, "CVE-2024-0193": { - "affected_versions": "unk to v6.7", - "breaks": "", + "affected_versions": "v6.5-rc6 to v6.7", + "breaks": "5f68718b34a531a556f2f50300ead2862278da26", "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", "cvss3": { "Attack Complexity": "Low", @@ -90358,7 +90402,7 @@ }, "fixes": "7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a", "last_affected_version": "6.6", - "last_modified": "2024-01-12", + "last_modified": "2024-01-15", "nvd_text": "A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0193", diff --git a/data/stream_data.json b/data/stream_data.json index 443486391..6778c150f 100644 --- a/data/stream_data.json +++ b/data/stream_data.json @@ -2463,9 +2463,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -2967,9 +2964,6 @@ "CVE-2015-4176": { "cmt_msg": "mnt: Update detach_mounts to leave mounts connected" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -3348,6 +3342,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -3546,9 +3543,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -3612,9 +3606,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -3804,6 +3795,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -5139,6 +5133,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "" }, @@ -5292,6 +5289,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -5409,9 +5409,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -6858,9 +6855,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -6951,9 +6945,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -8842,6 +8833,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "" }, @@ -8995,6 +8989,9 @@ "CVE-2023-3611": { "cmt_msg": "net/sched: sch_qfq: account for stab overhead in qfq_enqueue" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -9091,9 +9088,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -10441,9 +10435,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -10516,9 +10507,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -12206,6 +12194,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "" }, @@ -12359,6 +12350,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -12467,9 +12461,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -13889,9 +13880,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -13973,9 +13961,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -15848,6 +15833,9 @@ "CVE-2023-3611": { "cmt_msg": "net/sched: sch_qfq: account for stab overhead in qfq_enqueue" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2019-18675": { "cmt_msg": "mmap: introduce sane default mmap limits" }, @@ -15941,9 +15929,6 @@ "CVE-2019-16229": { "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -16151,6 +16136,9 @@ "CVE-2018-9518": { "cmt_msg": "NFC: llcp: Limit size of SDP URI" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -17216,9 +17204,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -17291,9 +17276,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -21696,14 +21678,18 @@ "cmt_msg": "floppy: use a statically allocated error counter", "cmt_id": "dc650d53bad770f169e498f1231671c51b0b321d" }, - "CVE-2023-4387": { - "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()", - "cmt_id": "2bee202d0649cb53b9860fe15d0642167bffd6bf" + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "9cc62ef5ba044b315c8761942db184a2ef8ff005" }, "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()", "cmt_id": "5fd9a74bf04a1eae5dbde8ca8585106d4410427f" }, + "CVE-2023-4387": { + "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()", + "cmt_id": "2bee202d0649cb53b9860fe15d0642167bffd6bf" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self", "cmt_id": "dee63319e2d1abd5d37a89de046ccf32ca8a8451" @@ -22537,6 +22523,9 @@ "CVE-2021-35477": { "cmt_msg": "bpf: Introduce BPF nospec instruction for mitigating Spectre v4" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -22768,12 +22757,6 @@ "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2013-7445": { "cmt_msg": "" }, @@ -22849,9 +22832,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -23925,9 +23905,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -24108,6 +24085,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -24885,6 +24865,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -25134,9 +25117,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -25206,9 +25186,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -27039,9 +27016,6 @@ "CVE-2019-16229": { "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -27231,6 +27205,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -28032,6 +28009,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -28287,9 +28267,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -28359,9 +28336,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -32204,6 +32178,14 @@ "cmt_msg": "Fix double fget() in vhost_net_set_backend()", "cmt_id": "6ca70982c646cc32e458150ee7f2530a24369b8c" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "01d41d7e7fc7eef99ae5b1065d9186f91ff099e7" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self", + "cmt_id": "6cdd53a49aa7413e53c14ece27d826f0b628b18a" + }, "CVE-2022-1652": { "cmt_msg": "floppy: use a statically allocated error counter", "cmt_id": "3392d8711ad9e5b688999c948fd36d798c0d075d" @@ -32215,10 +32197,6 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()", "cmt_id": "248a37ffd81c7121d30702d8caa31db48450680d" - }, - "CVE-2022-1729": { - "cmt_msg": "perf: Fix sys_perf_event_open() race against self", - "cmt_id": "6cdd53a49aa7413e53c14ece27d826f0b628b18a" } }, "4.19.246": { @@ -33116,6 +33094,9 @@ "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -33320,12 +33301,6 @@ "CVE-2023-2177": { "cmt_msg": "sctp: leave the err path free in sctp_stream_init to sctp_stream_free" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2013-7445": { "cmt_msg": "" }, @@ -33392,9 +33367,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -34422,9 +34394,6 @@ "CVE-2019-16229": { "cmt_msg": "drm/amdkfd: fix a potential NULL pointer dereference (v2)" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2022-20166": { "cmt_msg": "drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions" }, @@ -34593,6 +34562,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -35361,6 +35333,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -35598,9 +35573,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -35664,9 +35636,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -38710,6 +38679,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -38809,9 +38781,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -39391,9 +39360,6 @@ "CVE-2022-26966": { "cmt_msg": "sr9700: sanity check for packet length" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -40072,9 +40038,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -40153,9 +40116,6 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -40381,6 +40341,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -42765,6 +42728,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-22555": { "cmt_msg": "netfilter: x_tables: fix compat match/target pad out-of-bound write" }, @@ -42879,9 +42845,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -43515,9 +43478,6 @@ "CVE-2016-3672": { "cmt_msg": "x86/mm/32: Enable full randomization on i386 and X86_32" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2015-9004": { "cmt_msg": "perf: Tighten (and fix) the grouping condition" }, @@ -44271,9 +44231,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -44358,9 +44315,6 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -44613,6 +44567,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -48639,9 +48596,6 @@ "CVE-2023-3161": { "cmt_msg": "fbcon: Check font dimension limits" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -49053,9 +49007,6 @@ "CVE-2022-28390": { "cmt_msg": "can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -49311,6 +49262,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-18552": { "cmt_msg": "RDS: validate the requested traces user input against max supported" }, @@ -49458,9 +49412,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, @@ -49494,9 +49445,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -49650,6 +49598,9 @@ "CVE-2020-35519": { "cmt_msg": "net/x25: prevent a couple of overflows" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -50284,6 +50235,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -50643,6 +50597,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -51051,6 +51008,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -51635,6 +51595,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -51806,9 +51769,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2021-3714": { "cmt_msg": "" }, @@ -54601,9 +54561,6 @@ "CVE-2012-4398": { "cmt_msg": "usermodehelper: use UMH_WAIT_PROC consistently" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -55030,9 +54987,6 @@ "CVE-2023-34255": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -55375,6 +55329,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -55570,9 +55527,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2013-3228": { "cmt_msg": "irda: Fix missing msg_namelen update in irda_recvmsg_dgram()" }, @@ -55633,9 +55587,6 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -55837,6 +55788,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2012-6712": { "cmt_msg": "iwlwifi: Sanity check for sta_id" }, @@ -56926,6 +56880,9 @@ "CVE-2023-4004": { "cmt_msg": "netfilter: nft_set_pipapo: fix improper element removal" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4147": { "cmt_msg": "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" }, @@ -56995,9 +56952,6 @@ "CVE-2023-2898": { "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2023-21255": { "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup" }, @@ -57022,9 +56976,6 @@ "CVE-2023-25775": { "cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration" }, - "CVE-2023-46862": { - "cmt_msg": "io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid" - }, "CVE-2022-2961": { "cmt_msg": "" }, @@ -57082,8 +57033,8 @@ "CVE-2023-51782": { "cmt_msg": "net/rose: Fix Use-After-Free in rose_ioctl" }, - "CVE-2023-1193": { - "cmt_msg": "ksmbd: delete asynchronous work from list" + "CVE-2023-20588": { + "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, "CVE-2023-51780": { "cmt_msg": "atm: Fix Use-After-Free in do_vcc_ioctl" @@ -57136,8 +57087,8 @@ "CVE-2023-3609": { "cmt_msg": "net/sched: cls_u32: Fix reference counter leak leading to overflow" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" + "CVE-2023-46862": { + "cmt_msg": "io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid" }, "CVE-2022-48425": { "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs" @@ -57379,8 +57330,8 @@ "CVE-2023-1194": { "cmt_msg": "ksmbd: fix out-of-bound read in parse_lease_state()" }, - "CVE-2023-20588": { - "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" + "CVE-2023-1193": { + "cmt_msg": "ksmbd: delete asynchronous work from list" }, "CVE-2023-1192": { "cmt_msg": "fs/ntfs3: Validate MFT flags before replaying logs" @@ -58413,10 +58364,6 @@ } }, "6.1.71": { - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", - "cmt_id": "0105571f80edb96f81bb4bbdd5233a9130dc345b" - }, "CVE-2023-1193": { "cmt_msg": "ksmbd: delete asynchronous work from list", "cmt_id": "8d271ef5e5cac8a470076891b248a28a2c57fb1e" @@ -58471,6 +58418,9 @@ "CVE-2023-3397": { "cmt_msg": "" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -58654,9 +58604,6 @@ "CVE-2023-6536": { "cmt_msg": "" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-17977": { "cmt_msg": "" }, @@ -59220,6 +59167,9 @@ "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4147": { "cmt_msg": "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" }, @@ -59325,9 +59275,6 @@ "CVE-2023-2483": { "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2023-21255": { "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup" }, @@ -59358,9 +59305,6 @@ "CVE-2023-25775": { "cmt_msg": "RDMA/irdma: Prevent zero-length STAG registration" }, - "CVE-2023-46862": { - "cmt_msg": "io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid" - }, "CVE-2022-2961": { "cmt_msg": "" }, @@ -59520,8 +59464,8 @@ "CVE-2022-4382": { "cmt_msg": "USB: gadgetfs: Fix race between mounting and unmounting" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" + "CVE-2023-46862": { + "cmt_msg": "io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid" }, "CVE-2013-7445": { "cmt_msg": "" @@ -60593,6 +60537,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2015-8952": { "cmt_msg": "ext2: convert to mbcache2" }, @@ -60749,6 +60696,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -60872,9 +60822,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -62387,9 +62334,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2022-3424": { "cmt_msg": "misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os" }, @@ -62489,9 +62433,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -67614,9 +67555,6 @@ "CVE-2022-29901": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -68031,8 +67969,8 @@ "CVE-2019-12381": { "cmt_msg": "ip_sockglue: Fix missing-check bug in ip_ra_control()" }, - "CVE-2019-12382": { - "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" }, "CVE-2017-13166": { "cmt_msg": "media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt" @@ -68109,6 +68047,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-18552": { "cmt_msg": "RDS: validate the requested traces user input against max supported" }, @@ -68211,9 +68152,6 @@ "CVE-2022-42895": { "cmt_msg": "Bluetooth: L2CAP: Fix attempting to access uninitialized memory" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2021-39648": { "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" }, @@ -68238,9 +68176,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -68358,6 +68293,9 @@ "CVE-2020-36313": { "cmt_msg": "KVM: Fix out of range accesses to memslots" }, + "CVE-2019-12382": { + "cmt_msg": "drm/edid: Fix a missing-check bug in drm_load_edid_firmware()" + }, "CVE-2022-4744": { "cmt_msg": "tun: avoid double free in tun_free_netdev" }, @@ -69300,6 +69238,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "unknown" }, @@ -69444,6 +69385,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -69573,9 +69517,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -71040,9 +70981,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -71136,9 +71074,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -72974,6 +72909,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "unknown" }, @@ -73124,6 +73062,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -73250,9 +73191,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -74723,9 +74661,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2022-3424": { "cmt_msg": "misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os" }, @@ -74822,9 +74757,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -77907,6 +77839,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -78003,9 +77938,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -78543,9 +78475,6 @@ "CVE-2022-26966": { "cmt_msg": "sr9700: sanity check for packet length" }, - "CVE-2023-6931": { - "cmt_msg": "perf: Fix perf_event_validate_size()" - }, "CVE-2022-38096": { "cmt_msg": "" }, @@ -79164,9 +79093,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -79239,9 +79165,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -79458,6 +79381,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -80775,6 +80701,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2021-32399": { "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" }, @@ -80901,8 +80830,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -80943,9 +80872,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -81567,9 +81493,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -81660,6 +81583,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -81849,18 +81775,12 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-10732": { "cmt_msg": "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()" }, "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -81894,9 +81814,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -83465,6 +83382,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -83594,9 +83514,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -85160,9 +85077,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2022-3424": { "cmt_msg": "misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os" }, @@ -85262,9 +85176,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -85556,6 +85467,9 @@ "CVE-2022-33740": { "cmt_msg": "xen/netfront: fix leaking data in shared pages" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -87149,8 +87063,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -87185,9 +87099,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -87791,9 +87702,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, @@ -87875,6 +87783,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -88082,9 +87993,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -88121,9 +88029,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -88304,6 +88209,9 @@ "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -89516,8 +89424,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -89555,9 +89463,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -90134,9 +90039,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, @@ -90221,6 +90123,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -90407,9 +90312,6 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -90446,9 +90348,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2020-12912": { "cmt_msg": "hwmon: (amd_energy) modify the visibility of the counters" }, @@ -90617,6 +90516,9 @@ "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -91637,8 +91539,8 @@ "CVE-2023-28772": { "cmt_msg": "seq_buf: Fix overflow in seq_buf_putmem_hex()" }, - "CVE-2022-2588": { - "cmt_msg": "net_sched: cls_route: remove from list when handle is 0" + "CVE-2021-39656": { + "cmt_msg": "configfs: fix a use-after-free in __configfs_open_file" }, "CVE-2022-3707": { "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" @@ -91766,8 +91668,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -91805,9 +91707,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -92147,8 +92046,8 @@ "CVE-2021-4154": { "cmt_msg": "cgroup: verify that source is a string" }, - "CVE-2021-39656": { - "cmt_msg": "configfs: fix a use-after-free in __configfs_open_file" + "CVE-2022-2588": { + "cmt_msg": "net_sched: cls_route: remove from list when handle is 0" }, "CVE-2021-39657": { "cmt_msg": "scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback" @@ -92384,9 +92283,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, @@ -92468,6 +92364,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -92651,9 +92550,6 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -92693,9 +92589,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -92858,6 +92751,9 @@ "CVE-2021-28972": { "cmt_msg": "PCI: rpadlpar: Fix potential drc_name corruption in store functions" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -97063,14 +96959,18 @@ "cmt_msg": "floppy: use a statically allocated error counter", "cmt_id": "2adafe1c646b462c755e99216f966927eec96059" }, - "CVE-2023-4387": { - "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()", - "cmt_id": "aae66daa4a8925109c87702979e767346291d1e2" + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "3e6fa9e4a7a89d67e01424317f7a2e9551025022" }, "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()", "cmt_id": "e40ed72f8c8b04ae629d895ed7eb221d8938cdd7" }, + "CVE-2023-4387": { + "cmt_msg": "net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()", + "cmt_id": "aae66daa4a8925109c87702979e767346291d1e2" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self", "cmt_id": "a1466528d8ae5d9a3bb29781f0098fa3476e9e1c" @@ -97547,9 +97447,6 @@ "CVE-2022-29901": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2022-1116": { "cmt_msg": "" }, @@ -97919,6 +97816,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2020-27835": { "cmt_msg": "IB/hfi1: Ensure correct mm is used at all times" }, @@ -98006,9 +97906,6 @@ "CVE-2022-21385": { "cmt_msg": "net/rds: fix warn in rds_message_alloc_sgs" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -98027,9 +97924,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -98979,6 +98873,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "unknown" }, @@ -99132,6 +99029,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -99261,9 +99161,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-20511": { "cmt_msg": "net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT" }, @@ -100716,9 +100613,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -100812,9 +100706,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -102645,6 +102536,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-18680": { "cmt_msg": "" }, @@ -102798,6 +102692,9 @@ "CVE-2019-9506": { "cmt_msg": "Bluetooth: Fix faulty expression for minimum encryption key size check" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2017-16995": { "cmt_msg": "bpf: fix incorrect sign extension in check_alu_op()" }, @@ -102906,9 +102803,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-9465": { "cmt_msg": "binder: fix proc->files use-after-free" }, @@ -104331,9 +104225,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -104421,9 +104312,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -106448,9 +106336,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -106607,6 +106492,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -107312,6 +107200,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -107552,9 +107443,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -107612,9 +107500,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -109314,8 +109199,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" @@ -109380,9 +109265,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -109542,6 +109424,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -110127,9 +110012,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -110253,6 +110135,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -110475,9 +110360,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -110487,9 +110369,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -110538,9 +110417,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -112235,8 +112111,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" @@ -112298,9 +112174,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -113006,9 +112879,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -113120,6 +112990,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -113213,9 +113086,6 @@ "CVE-2020-25705": { "cmt_msg": "icmp: randomize the global rate limiter" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-0435": { "cmt_msg": "tipc: improve size validations for received domain records" }, @@ -113336,9 +113206,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -113348,9 +113215,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -113630,6 +113494,9 @@ "CVE-2023-31436": { "cmt_msg": "net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -114911,8 +114778,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2021-42327": { "cmt_msg": "drm/amdgpu: fix out of bounds write" @@ -114956,9 +114823,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -115403,6 +115267,9 @@ "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2022-22942": { "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" }, @@ -115439,9 +115306,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, @@ -115514,6 +115378,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -115703,9 +115570,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -116880,8 +116744,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2021-42327": { "cmt_msg": "drm/amdgpu: fix out of bounds write" @@ -116919,9 +116783,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -117366,6 +117227,9 @@ "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2022-22942": { "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" }, @@ -117396,9 +117260,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -117465,6 +117326,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -117651,9 +117515,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -119611,6 +119472,14 @@ "cmt_msg": "Fix double fget() in vhost_net_set_backend()", "cmt_id": "ec0d801d1a44d9259377142c6218885ecd685e41" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "d5e88c2d76efa9d7bb7ceffaec60fe6c76c748d7" + }, + "CVE-2022-1729": { + "cmt_msg": "perf: Fix sys_perf_event_open() race against self", + "cmt_id": "3ee8e109c3c316073a3e0f83ec0769c7ee8a7375" + }, "CVE-2022-1652": { "cmt_msg": "floppy: use a statically allocated error counter", "cmt_id": "911b36267855501f7f80a75927c128c0ac03fe58" @@ -119622,10 +119491,6 @@ "CVE-2023-4459": { "cmt_msg": "net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()", "cmt_id": "6e2caee5cddc3d9e0ad0484c9c21b9f10676c044" - }, - "CVE-2022-1729": { - "cmt_msg": "perf: Fix sys_perf_event_open() race against self", - "cmt_id": "3ee8e109c3c316073a3e0f83ec0769c7ee8a7375" } }, "5.10.119": { @@ -120805,10 +120670,6 @@ } }, "5.10.206": { - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", - "cmt_id": "73117ea03363d4493bd4e9f82f29b34b92d88a91" - }, "CVE-2023-6606": { "cmt_msg": "smb: client: fix OOB in smbCalcSize()", "cmt_id": "0c54b79d1d9b25f5a406bcf1969f956e14c4704d" @@ -120864,8 +120725,8 @@ "CVE-2023-23000": { "cmt_msg": "phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-1872": { "cmt_msg": "io_uring: propagate issue_flags state down to file assignment" @@ -120885,9 +120746,6 @@ "CVE-2020-11725": { "cmt_msg": "" }, - "CVE-2023-31084": { - "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" - }, "CVE-2022-0382": { "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" }, @@ -120903,6 +120761,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -121050,9 +120911,6 @@ "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2013-7445": { "cmt_msg": "" }, @@ -121062,8 +120920,8 @@ "CVE-2005-3660": { "cmt_msg": "" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-31084": { + "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, "CVE-2023-31083": { "cmt_msg": "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" @@ -121119,9 +120977,6 @@ "CVE-2023-20928": { "cmt_msg": "android: binder: stop saving a pointer to the VMA" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-12362": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" }, @@ -121938,8 +121793,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2021-42327": { "cmt_msg": "drm/amdgpu: fix out of bounds write" @@ -121980,9 +121835,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -122469,6 +122321,9 @@ "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2022-22942": { "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" }, @@ -122508,9 +122363,6 @@ "CVE-2022-47518": { "cmt_msg": "wifi: wilc1000: validate number of channels" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, @@ -122598,6 +122450,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -122799,9 +122654,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -124147,9 +123999,6 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -124177,9 +124026,6 @@ "CVE-2023-39192": { "cmt_msg": "netfilter: xt_u32: validate user space input" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -124537,6 +124383,9 @@ "CVE-2023-32248": { "cmt_msg": "ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2022-2308": { "cmt_msg": "vduse: prevent uninitialized memory accesses" }, @@ -124594,8 +124443,8 @@ "CVE-2022-43945": { "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-1872": { "cmt_msg": "io_uring: propagate issue_flags state down to file assignment" @@ -124633,6 +124482,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -124789,9 +124641,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -125593,6 +125442,10 @@ "cmt_msg": "Fix double fget() in vhost_net_set_backend()", "cmt_id": "d759015c9bcaa87d2ebf41c7bab561f7033c3e80" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "93cf9a32d6c21325761503dcaae3c58ae55cc018" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self", "cmt_id": "22fb2974224c9836eeaf0d24fdd481fcdaa0aea8" @@ -125914,9 +125767,6 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2023-37454": { "cmt_msg": "" }, @@ -125944,9 +125794,6 @@ "CVE-2023-39192": { "cmt_msg": "netfilter: xt_u32: validate user space input" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -126331,8 +126178,8 @@ "CVE-2022-43945": { "cmt_msg": "NFSD: Protect against send buffer overflow in NFSv2 READDIR" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-39194": { "cmt_msg": "net: xfrm: Fix xfrm_address_filter OOB read" @@ -126367,6 +126214,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -126514,9 +126364,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -127515,8 +127362,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -127551,9 +127398,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -127992,6 +127836,9 @@ "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2022-22942": { "cmt_msg": "drm/vmwgfx: Fix stale file descriptors on failed usercopy" }, @@ -128019,9 +127866,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -128085,6 +127929,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -128250,9 +128097,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -129547,6 +129391,10 @@ "cmt_msg": "Fix double fget() in vhost_net_set_backend()", "cmt_id": "42d8a6dc45fc6619b8def1a70b7bd0800bcc4574" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "0211383109832103cfddfd5c5cc99b29d40bb749" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self", "cmt_id": "e085354dde254bc6c83ee604ea66c2b36f9f9067" @@ -130987,10 +130835,6 @@ } }, "5.15.146": { - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", - "cmt_id": "d10f7540c5541ad9f4fe2a02a73153d25d4a540d" - }, "CVE-2023-6606": { "cmt_msg": "smb: client: fix OOB in smbCalcSize()", "cmt_id": "ded3cfdefec8b2accc767f176419316b61c157c3" @@ -131034,9 +130878,6 @@ "CVE-2023-23000": { "cmt_msg": "phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2023-1872": { "cmt_msg": "io_uring: propagate issue_flags state down to file assignment" }, @@ -131064,6 +130905,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -131187,9 +131031,6 @@ "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2021-4095": { "cmt_msg": "KVM: x86: Fix wall clock writes in Xen shared_info not to mark page dirty" }, @@ -132136,9 +131977,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -132310,6 +132148,9 @@ "CVE-2020-26557": { "cmt_msg": "" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2020-26555": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -133039,6 +132880,9 @@ "CVE-2021-33061": { "cmt_msg": "ixgbe: add improvement for MDD response functionality" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -133282,9 +133126,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -133348,9 +133189,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -136327,6 +136165,10 @@ "cmt_msg": "Fix double fget() in vhost_net_set_backend()", "cmt_id": "3a12b2c413b20c17832ec51cb836a0b713b916ac" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()", + "cmt_id": "bb83a744bc671804016e23861a892e9db2aee73f" + }, "CVE-2022-1729": { "cmt_msg": "perf: Fix sys_perf_event_open() race against self", "cmt_id": "dd0ea88b0a0f913f82500e988ef38158a9ad9885" @@ -137374,8 +137216,8 @@ "CVE-2023-23000": { "cmt_msg": "phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2020-24503": { "cmt_msg": "" @@ -137395,9 +137237,6 @@ "CVE-2020-11725": { "cmt_msg": "" }, - "CVE-2023-31084": { - "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" - }, "CVE-2022-0382": { "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" }, @@ -137416,6 +137255,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4010": { "cmt_msg": "" }, @@ -137581,12 +137423,6 @@ "CVE-2023-2176": { "cmt_msg": "RDMA/core: Refactor rdma_bind_addr" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2013-7445": { "cmt_msg": "" }, @@ -137596,8 +137432,8 @@ "CVE-2005-3660": { "cmt_msg": "" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-31084": { + "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, "CVE-2023-31083": { "cmt_msg": "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" @@ -137635,9 +137471,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -137659,9 +137492,6 @@ "CVE-2023-20928": { "cmt_msg": "android: binder: stop saving a pointer to the VMA" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-12362": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" }, @@ -138389,9 +138219,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -138770,6 +138597,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -138917,9 +138747,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -139796,9 +139623,6 @@ "CVE-2023-39192": { "cmt_msg": "netfilter: xt_u32: validate user space input" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35829": { "cmt_msg": "media: rkvdec: fix use after free bug in rkvdec_remove" }, @@ -140153,6 +139977,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -140288,9 +140115,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -141378,6 +141202,9 @@ "CVE-2019-19072": { "cmt_msg": "tracing: Have error path in predicate_parse() free its allocated memory" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2019-19070": { "cmt_msg": "spi: gpio: prevent memory leak in spi_gpio_probe" }, @@ -141519,8 +141346,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2022-0185": { "cmt_msg": "vfs: fs_context: fix up param length parsing in legacy_parse_param" @@ -141573,9 +141400,6 @@ "CVE-2020-10757": { "cmt_msg": "mm: Fix mremap not considering huge pmd devmap" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -142251,9 +142075,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -142353,6 +142174,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -142560,9 +142384,6 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-11608": { "cmt_msg": "media: ov519: add missing endpoint sanity checks" }, @@ -142572,9 +142393,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -142623,9 +142441,6 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -143920,6 +143735,9 @@ "CVE-2022-2503": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, + "CVE-2022-48619": { + "cmt_msg": "Input: add bounds checking to input_set_capability()" + }, "CVE-2021-32399": { "cmt_msg": "bluetooth: eliminate the potential race condition when removing the HCI controller" }, @@ -144046,8 +143864,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2023-37454": { "cmt_msg": "" @@ -144082,9 +143900,6 @@ "CVE-2023-25012": { "cmt_msg": "HID: bigben: use spinlock to safely schedule workers" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2023-35828": { "cmt_msg": "usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition" }, @@ -144685,9 +144500,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -144778,6 +144590,9 @@ "CVE-2023-3389": { "cmt_msg": "io_uring: mutex locked poll hashing" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2021-3864": { "cmt_msg": "" }, @@ -144970,15 +144785,9 @@ "CVE-2022-36123": { "cmt_msg": "x86: Clear .brk area at early boot" }, - "CVE-2023-4732": { - "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" - }, "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -145012,9 +144821,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -146177,6 +145983,9 @@ "CVE-2023-4004": { "cmt_msg": "netfilter: nft_set_pipapo: fix improper element removal" }, + "CVE-2023-1476": { + "cmt_msg": "" + }, "CVE-2023-4147": { "cmt_msg": "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" }, @@ -146402,9 +146211,6 @@ "CVE-2020-0347": { "cmt_msg": "" }, - "CVE-2024-0193": { - "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" - }, "CVE-2023-3611": { "cmt_msg": "net/sched: sch_qfq: account for stab overhead in qfq_enqueue" }, @@ -146474,9 +146280,6 @@ "CVE-2023-6622": { "cmt_msg": "netfilter: nf_tables: bail out on mismatching dynset and set expressions" }, - "CVE-2023-4610": { - "cmt_msg": "Revert \"mm: vmscan: make global slab shrink lockless\"" - }, "CVE-2018-17977": { "cmt_msg": "" }, diff --git a/data/stream_fixes.json b/data/stream_fixes.json index 0c7b48e6b..1d3021949 100644 --- a/data/stream_fixes.json +++ b/data/stream_fixes.json @@ -36461,6 +36461,36 @@ "fixed_version": "6.1.40" } }, + "CVE-2022-48619": { + "4.14": { + "cmt_id": "9cc62ef5ba044b315c8761942db184a2ef8ff005", + "fixed_version": "4.14.281" + }, + "4.19": { + "cmt_id": "01d41d7e7fc7eef99ae5b1065d9186f91ff099e7", + "fixed_version": "4.19.245" + }, + "4.9": { + "cmt_id": "3e6fa9e4a7a89d67e01424317f7a2e9551025022", + "fixed_version": "4.9.316" + }, + "5.10": { + "cmt_id": "d5e88c2d76efa9d7bb7ceffaec60fe6c76c748d7", + "fixed_version": "5.10.118" + }, + "5.15": { + "cmt_id": "0211383109832103cfddfd5c5cc99b29d40bb749", + "fixed_version": "5.15.42" + }, + "5.17": { + "cmt_id": "93cf9a32d6c21325761503dcaae3c58ae55cc018", + "fixed_version": "5.17.10" + }, + "5.4": { + "cmt_id": "bb83a744bc671804016e23861a892e9db2aee73f", + "fixed_version": "5.4.196" + } + }, "CVE-2023-0045": { "5.10": { "cmt_id": "67e39c4f4cb318cfbbf8982ab016c649ed97edaf",