Update 12Jan24

nluedtke · Jan 13, 2024 · d22c3fe · d22c3fe
1 parent 9df528c
commit d22c3fe
Show file tree

Hide file tree

Showing 109 changed files with 2,396 additions and 1,350 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,59 +1,58 @@
 
 # **Linux Kernel CVE Changes**
 
-## Last Update - 27Dec23 17:15
+## Last Update - 12Jan24 17:39
 
 ### **New CVEs Added:**
 
+[CVE-2023-6040](cves/CVE-2023-6040)  
+[CVE-2023-6270](cves/CVE-2023-6270)  
+[CVE-2023-6531](cves/CVE-2023-6531)  
+[CVE-2023-7192](cves/CVE-2023-7192)  
+[CVE-2024-0193](cves/CVE-2024-0193)  
+[CVE-2024-0340](cves/CVE-2024-0340)  
+[CVE-2024-0443](cves/CVE-2024-0443)  
+
+
+### **New Versions Checked:**
+
+[4.14.336](streams/4.14)  
+[4.19.304](streams/4.19)  
+[5.10.206](streams/5.10)  
+[5.15.146](streams/5.15)  
+[5.4.266](streams/5.4)  
+[6.1.72](streams/6.1)  
+[6.6.11](streams/6.6)  
+[6.7](streams/6.7)  
+
+
+### **Updated CVEs:**
+
+[CVE-2022-1508](cves/CVE-2022-1508)  
+[CVE-2022-1786](cves/CVE-2022-1786)  
+[CVE-2022-2327](cves/CVE-2022-2327)  
+[CVE-2023-1193](cves/CVE-2023-1193)  
+[CVE-2023-2430](cves/CVE-2023-2430)  
+[CVE-2023-39198](cves/CVE-2023-39198)  
 [CVE-2023-50431](cves/CVE-2023-50431)  
 [CVE-2023-51779](cves/CVE-2023-51779)  
 [CVE-2023-51780](cves/CVE-2023-51780)  
 [CVE-2023-51781](cves/CVE-2023-51781)  
-[CVE-2023-51782](cves/CVE-2023-51782)  
-[CVE-2023-6356](cves/CVE-2023-6356)  
-[CVE-2023-6535](cves/CVE-2023-6535)  
-[CVE-2023-6536](cves/CVE-2023-6536)  
+[CVE-2023-6121](cves/CVE-2023-6121)  
 [CVE-2023-6546](cves/CVE-2023-6546)  
 [CVE-2023-6560](cves/CVE-2023-6560)  
 [CVE-2023-6606](cves/CVE-2023-6606)  
 [CVE-2023-6610](cves/CVE-2023-6610)  
-[CVE-2023-6622](cves/CVE-2023-6622)  
 [CVE-2023-6679](cves/CVE-2023-6679)  
-[CVE-2023-6817](cves/CVE-2023-6817)  
-[CVE-2023-6931](cves/CVE-2023-6931)  
 [CVE-2023-6932](cves/CVE-2023-6932)  
 [CVE-2023-7042](cves/CVE-2023-7042)  
-
-
-### **New Versions Checked:**
-
-[4.14.334](streams/4.14)  
-[4.19.303](streams/4.19)  
-[5.10.205](streams/5.10)  
-[5.15.145](streams/5.15)  
-[5.4.265](streams/5.4)  
-[6.1.69](streams/6.1)  
-[6.6.8](streams/6.6)  
-
-
-### **Updated CVEs:**
-
-[CVE-2022-3630](cves/CVE-2022-3630)  
-[CVE-2022-47940](cves/CVE-2022-47940)  
-[CVE-2023-1095](cves/CVE-2023-1095)  
-[CVE-2023-1193](cves/CVE-2023-1193)  
-[CVE-2023-1194](cves/CVE-2023-1194)  
-[CVE-2023-25775](cves/CVE-2023-25775)  
-[CVE-2023-32247](cves/CVE-2023-32247)  
-[CVE-2023-32250](cves/CVE-2023-32250)  
-[CVE-2023-32252](cves/CVE-2023-32252)  
-[CVE-2023-32254](cves/CVE-2023-32254)  
-[CVE-2023-32257](cves/CVE-2023-32257)  
-[CVE-2023-32258](cves/CVE-2023-32258)  
-[CVE-2023-38427](cves/CVE-2023-38427)  
-[CVE-2023-38430](cves/CVE-2023-38430)  
-[CVE-2023-38431](cves/CVE-2023-38431)  
-[CVE-2023-3867](cves/CVE-2023-3867)  
-[CVE-2023-5972](cves/CVE-2023-5972)  
-[CVE-2023-6121](cves/CVE-2023-6121)  
-[CVE-2022-22942](cves/CVE-2022-22942)  
+[CVE-2021-3600](cves/CVE-2021-3600)  
+[CVE-2022-2585](cves/CVE-2022-2585)  
+[CVE-2022-2586](cves/CVE-2022-2586)  
+[CVE-2022-2588](cves/CVE-2022-2588)  
+[CVE-2022-2602](cves/CVE-2022-2602)  
+[CVE-2023-1032](cves/CVE-2023-1032)  
+[CVE-2023-33952](cves/CVE-2023-33952)  
+[CVE-2023-34324](cves/CVE-2023-34324)  
+[CVE-2023-51782](cves/CVE-2023-51782)  
+[CVE-2023-6931](cves/CVE-2023-6931)  
diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt
@@ -1105,7 +1105,6 @@ CVE-2022-1263: Fix not seen in stream
 CVE-2022-1280: Fix not seen in stream
 CVE-2022-1353: Fix not seen in stream
 CVE-2022-1462: Fix not seen in stream
-CVE-2022-1508: Fix not seen in stream
 CVE-2022-1652: Fix not seen in stream
 CVE-2022-1679: Fix not seen in stream
 CVE-2022-1786: Fix not seen in stream
@@ -1139,7 +1138,6 @@ CVE-2022-23040: Fix not seen in stream
 CVE-2022-23042: Fix not seen in stream
 CVE-2022-2318: Fix not seen in stream
 CVE-2022-23222: Fix not seen in stream
-CVE-2022-2327: Fix not seen in stream
 CVE-2022-2380: Fix not seen in stream
 CVE-2022-23816: Fix not seen in stream
 CVE-2022-23825: Fix unknown
@@ -1270,7 +1268,6 @@ CVE-2023-23039: Fix unknown
 CVE-2023-23454: Fix not seen in stream
 CVE-2023-23455: Fix not seen in stream
 CVE-2023-23559: Fix not seen in stream
-CVE-2023-2430: Fix not seen in stream
 CVE-2023-2513: Fix not seen in stream
 CVE-2023-26607: Fix not seen in stream
 CVE-2023-28328: Fix not seen in stream
@@ -1328,22 +1325,24 @@ CVE-2023-4623: Fix not seen in stream
 CVE-2023-47233: Fix unknown
 CVE-2023-4732: Fix not seen in stream
 CVE-2023-4921: Fix not seen in stream
-CVE-2023-50431: Fix unknown
 CVE-2023-51779: Fix not seen in stream
+CVE-2023-5178: Fix not seen in stream
 CVE-2023-51780: Fix not seen in stream
 CVE-2023-51781: Fix not seen in stream
 CVE-2023-51782: Fix not seen in stream
-CVE-2023-6121: Fix not seen in stream
+CVE-2023-6040: Fix not seen in stream
+CVE-2023-6270: Fix unknown
 CVE-2023-6356: Fix unknown
 CVE-2023-6535: Fix unknown
 CVE-2023-6536: Fix unknown
 CVE-2023-6546: Fix not seen in stream
-CVE-2023-6560: Fix not seen in stream
 CVE-2023-6606: Fix not seen in stream
 CVE-2023-6610: Fix not seen in stream
 CVE-2023-6622: Fix not seen in stream
-CVE-2023-6679: Fix not seen in stream
 CVE-2023-6817: Fix not seen in stream
 CVE-2023-6931: Fix not seen in stream
 CVE-2023-6932: Fix not seen in stream
 CVE-2023-7042: Fix unknown
+CVE-2023-7192: Fix not seen in stream
+CVE-2024-0193: Fix not seen in stream
+CVE-2024-0340: Fix not seen in stream
diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt
@@ -1243,7 +1243,6 @@ Outstanding CVEs:
   CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector 
   CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register 
   CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() 
-  CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters 
   CVE-2022-1652: (unk) floppy: use a statically allocated error counter 
   CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb 
   CVE-2022-1786: (unk) io_uring: remove io_identity 
@@ -1277,7 +1276,6 @@ Outstanding CVEs:
   CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() 
   CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler 
   CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL 
-  CVE-2022-2327: (unk) io_uring: remove any grabbing of context 
   CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() 
   CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean 
   CVE-2022-23825: (unk)  
@@ -1408,7 +1406,6 @@ Outstanding CVEs:
   CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop 
   CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop 
   CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid 
-  CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL 
   CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry 
   CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() 
   CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() 
@@ -1466,22 +1463,24 @@ Outstanding CVEs:
   CVE-2023-47233: (unk)  
   CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() 
   CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() 
-  CVE-2023-50431: (unk)  
   CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg 
+  CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup 
   CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl 
   CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl 
   CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl 
-  CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command 
+  CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family 
+  CVE-2023-6270: (unk)  
   CVE-2023-6356: (unk)  
   CVE-2023-6535: (unk)  
   CVE-2023-6536: (unk)  
   CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux 
-  CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP 
   CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() 
   CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() 
   CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions 
-  CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() 
   CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk 
   CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() 
   CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet 
   CVE-2023-7042: (unk)  
+  CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() 
+  CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets 
+  CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() 
diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt
@@ -1073,7 +1073,6 @@ CVE-2022-1263: Fix not seen in stream
 CVE-2022-1280: Fix not seen in stream
 CVE-2022-1353: Fix not seen in stream
 CVE-2022-1462: Fix not seen in stream
-CVE-2022-1508: Fix not seen in stream
 CVE-2022-1652: Fix not seen in stream
 CVE-2022-1679: Fix not seen in stream
 CVE-2022-1786: Fix not seen in stream
@@ -1107,7 +1106,6 @@ CVE-2022-23040: Fix not seen in stream
 CVE-2022-23042: Fix not seen in stream
 CVE-2022-2318: Fix not seen in stream
 CVE-2022-23222: Fix not seen in stream
-CVE-2022-2327: Fix not seen in stream
 CVE-2022-2380: Fix not seen in stream
 CVE-2022-23816: Fix not seen in stream
 CVE-2022-23825: Fix unknown
@@ -1239,7 +1237,6 @@ CVE-2023-23039: Fix unknown
 CVE-2023-23454: Fix not seen in stream
 CVE-2023-23455: Fix not seen in stream
 CVE-2023-23559: Fix not seen in stream
-CVE-2023-2430: Fix not seen in stream
 CVE-2023-2513: Fix not seen in stream
 CVE-2023-26607: Fix not seen in stream
 CVE-2023-28328: Fix not seen in stream
@@ -1298,22 +1295,24 @@ CVE-2023-4623: Fix not seen in stream
 CVE-2023-47233: Fix unknown
 CVE-2023-4732: Fix not seen in stream
 CVE-2023-4921: Fix not seen in stream
-CVE-2023-50431: Fix unknown
 CVE-2023-51779: Fix not seen in stream
+CVE-2023-5178: Fix not seen in stream
 CVE-2023-51780: Fix not seen in stream
 CVE-2023-51781: Fix not seen in stream
 CVE-2023-51782: Fix not seen in stream
-CVE-2023-6121: Fix not seen in stream
+CVE-2023-6040: Fix not seen in stream
+CVE-2023-6270: Fix unknown
 CVE-2023-6356: Fix unknown
 CVE-2023-6535: Fix unknown
 CVE-2023-6536: Fix unknown
 CVE-2023-6546: Fix not seen in stream
-CVE-2023-6560: Fix not seen in stream
 CVE-2023-6606: Fix not seen in stream
 CVE-2023-6610: Fix not seen in stream
 CVE-2023-6622: Fix not seen in stream
-CVE-2023-6679: Fix not seen in stream
 CVE-2023-6817: Fix not seen in stream
 CVE-2023-6931: Fix not seen in stream
 CVE-2023-6932: Fix not seen in stream
 CVE-2023-7042: Fix unknown
+CVE-2023-7192: Fix not seen in stream
+CVE-2024-0193: Fix not seen in stream
+CVE-2024-0340: Fix not seen in stream
diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt
@@ -1207,7 +1207,6 @@ Outstanding CVEs:
   CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector 
   CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register 
   CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() 
-  CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters 
   CVE-2022-1652: (unk) floppy: use a statically allocated error counter 
   CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb 
   CVE-2022-1786: (unk) io_uring: remove io_identity 
@@ -1241,7 +1240,6 @@ Outstanding CVEs:
   CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() 
   CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler 
   CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL 
-  CVE-2022-2327: (unk) io_uring: remove any grabbing of context 
   CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() 
   CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean 
   CVE-2022-23825: (unk)  
@@ -1373,7 +1371,6 @@ Outstanding CVEs:
   CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop 
   CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop 
   CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid 
-  CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL 
   CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry 
   CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() 
   CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() 
@@ -1432,22 +1429,24 @@ Outstanding CVEs:
   CVE-2023-47233: (unk)  
   CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() 
   CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() 
-  CVE-2023-50431: (unk)  
   CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg 
+  CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup 
   CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl 
   CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl 
   CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl 
-  CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command 
+  CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family 
+  CVE-2023-6270: (unk)  
   CVE-2023-6356: (unk)  
   CVE-2023-6535: (unk)  
   CVE-2023-6536: (unk)  
   CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux 
-  CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP 
   CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() 
   CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() 
   CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions 
-  CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() 
   CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk 
   CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() 
   CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet 
   CVE-2023-7042: (unk)  
+  CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() 
+  CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets 
+  CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() 
diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt
@@ -1055,7 +1055,6 @@ CVE-2022-1263: Fix not seen in stream
 CVE-2022-1280: Fix not seen in stream
 CVE-2022-1353: Fix not seen in stream
 CVE-2022-1462: Fix not seen in stream
-CVE-2022-1508: Fix not seen in stream
 CVE-2022-1652: Fix not seen in stream
 CVE-2022-1679: Fix not seen in stream
 CVE-2022-1786: Fix not seen in stream
@@ -1089,7 +1088,6 @@ CVE-2022-23040: Fix not seen in stream
 CVE-2022-23042: Fix not seen in stream
 CVE-2022-2318: Fix not seen in stream
 CVE-2022-23222: Fix not seen in stream
-CVE-2022-2327: Fix not seen in stream
 CVE-2022-2380: Fix not seen in stream
 CVE-2022-23816: Fix not seen in stream
 CVE-2022-23825: Fix unknown
@@ -1227,7 +1225,6 @@ CVE-2023-23039: Fix unknown
 CVE-2023-23454: Fix not seen in stream
 CVE-2023-23455: Fix not seen in stream
 CVE-2023-23559: Fix not seen in stream
-CVE-2023-2430: Fix not seen in stream
 CVE-2023-2513: Fix not seen in stream
 CVE-2023-26607: Fix not seen in stream
 CVE-2023-28328: Fix not seen in stream
@@ -1290,22 +1287,24 @@ CVE-2023-4623: Fix not seen in stream
 CVE-2023-47233: Fix unknown
 CVE-2023-4732: Fix not seen in stream
 CVE-2023-4921: Fix not seen in stream
-CVE-2023-50431: Fix unknown
 CVE-2023-51779: Fix not seen in stream
+CVE-2023-5178: Fix not seen in stream
 CVE-2023-51780: Fix not seen in stream
 CVE-2023-51781: Fix not seen in stream
 CVE-2023-51782: Fix not seen in stream
-CVE-2023-6121: Fix not seen in stream
+CVE-2023-6040: Fix not seen in stream
+CVE-2023-6270: Fix unknown
 CVE-2023-6356: Fix unknown
 CVE-2023-6535: Fix unknown
 CVE-2023-6536: Fix unknown
 CVE-2023-6546: Fix not seen in stream
-CVE-2023-6560: Fix not seen in stream
 CVE-2023-6606: Fix not seen in stream
 CVE-2023-6610: Fix not seen in stream
 CVE-2023-6622: Fix not seen in stream
-CVE-2023-6679: Fix not seen in stream
 CVE-2023-6817: Fix not seen in stream
 CVE-2023-6931: Fix not seen in stream
 CVE-2023-6932: Fix not seen in stream
 CVE-2023-7042: Fix unknown
+CVE-2023-7192: Fix not seen in stream
+CVE-2024-0193: Fix not seen in stream
+CVE-2024-0340: Fix not seen in stream