From d22c3fe64b1eb67f3d085dc4b8060b49ae1475d7 Mon Sep 17 00:00:00 2001 From: Nicholas Luedtke Date: Fri, 12 Jan 2024 20:49:48 -0500 Subject: [PATCH] Update 12Jan24 --- CHANGES.md | 83 +- data/3.12/3.12_CVEs.txt | 13 +- data/3.12/3.12_security.txt | 13 +- data/3.14/3.14_CVEs.txt | 13 +- data/3.14/3.14_security.txt | 13 +- data/3.16/3.16_CVEs.txt | 13 +- data/3.16/3.16_security.txt | 13 +- data/3.18/3.18_CVEs.txt | 13 +- data/3.18/3.18_security.txt | 13 +- data/3.2/3.2_CVEs.txt | 14 +- data/3.2/3.2_security.txt | 14 +- data/4.1/4.1_CVEs.txt | 13 +- data/4.1/4.1_security.txt | 13 +- data/4.10/4.10_CVEs.txt | 12 +- data/4.10/4.10_security.txt | 12 +- data/4.11/4.11_CVEs.txt | 12 +- data/4.11/4.11_security.txt | 12 +- data/4.12/4.12_CVEs.txt | 12 +- data/4.12/4.12_security.txt | 12 +- data/4.13/4.13_CVEs.txt | 12 +- data/4.13/4.13_security.txt | 12 +- data/4.14/4.14_CVEs.txt | 12 +- data/4.14/4.14_security.txt | 12 +- data/4.15/4.15_CVEs.txt | 12 +- data/4.15/4.15_security.txt | 12 +- data/4.16/4.16_CVEs.txt | 12 +- data/4.16/4.16_security.txt | 12 +- data/4.17/4.17_CVEs.txt | 12 +- data/4.17/4.17_security.txt | 12 +- data/4.18/4.18_CVEs.txt | 12 +- data/4.18/4.18_security.txt | 12 +- data/4.19/4.19_CVEs.txt | 14 +- data/4.19/4.19_security.txt | 16 +- data/4.20/4.20_CVEs.txt | 12 +- data/4.20/4.20_security.txt | 12 +- data/4.3/4.3_CVEs.txt | 13 +- data/4.3/4.3_security.txt | 13 +- data/4.4/4.4_CVEs.txt | 13 +- data/4.4/4.4_security.txt | 13 +- data/4.5/4.5_CVEs.txt | 13 +- data/4.5/4.5_security.txt | 13 +- data/4.6/4.6_CVEs.txt | 13 +- data/4.6/4.6_security.txt | 13 +- data/4.7/4.7_CVEs.txt | 13 +- data/4.7/4.7_security.txt | 13 +- data/4.8/4.8_CVEs.txt | 12 +- data/4.8/4.8_security.txt | 12 +- data/4.9/4.9_CVEs.txt | 12 +- data/4.9/4.9_security.txt | 12 +- data/5.0/5.0_CVEs.txt | 12 +- data/5.0/5.0_security.txt | 12 +- data/5.1/5.1_CVEs.txt | 7 +- data/5.1/5.1_security.txt | 7 +- data/5.10/5.10_CVEs.txt | 11 +- data/5.10/5.10_security.txt | 13 +- data/5.11/5.11_CVEs.txt | 7 +- data/5.11/5.11_security.txt | 7 +- data/5.12/5.12_CVEs.txt | 7 +- data/5.12/5.12_security.txt | 7 +- data/5.13/5.13_CVEs.txt | 7 +- data/5.13/5.13_security.txt | 7 +- data/5.14/5.14_CVEs.txt | 7 +- data/5.14/5.14_security.txt | 7 +- data/5.15/5.15_CVEs.txt | 11 +- data/5.15/5.15_security.txt | 13 +- data/5.16/5.16_CVEs.txt | 7 +- data/5.16/5.16_security.txt | 7 +- data/5.17/5.17_CVEs.txt | 7 +- data/5.17/5.17_security.txt | 7 +- data/5.18/5.18_CVEs.txt | 6 +- data/5.18/5.18_security.txt | 6 +- data/5.19/5.19_CVEs.txt | 6 +- data/5.19/5.19_security.txt | 6 +- data/5.2/5.2_CVEs.txt | 7 +- data/5.2/5.2_security.txt | 7 +- data/5.3/5.3_CVEs.txt | 7 +- data/5.3/5.3_security.txt | 7 +- data/5.4/5.4_CVEs.txt | 9 +- data/5.4/5.4_security.txt | 11 +- data/5.5/5.5_CVEs.txt | 7 +- data/5.5/5.5_security.txt | 7 +- data/5.6/5.6_CVEs.txt | 7 +- data/5.6/5.6_security.txt | 7 +- data/5.7/5.7_CVEs.txt | 7 +- data/5.7/5.7_security.txt | 7 +- data/5.8/5.8_CVEs.txt | 7 +- data/5.8/5.8_security.txt | 7 +- data/5.9/5.9_CVEs.txt | 7 +- data/5.9/5.9_security.txt | 7 +- data/6.0/6.0_CVEs.txt | 6 +- data/6.0/6.0_security.txt | 6 +- data/6.1/6.1_CVEs.txt | 13 +- data/6.1/6.1_security.txt | 17 +- data/6.2/6.2_CVEs.txt | 8 +- data/6.2/6.2_security.txt | 8 +- data/6.3/6.3_CVEs.txt | 7 +- data/6.3/6.3_security.txt | 7 +- data/6.4/6.4_CVEs.txt | 5 +- data/6.4/6.4_security.txt | 5 +- data/6.5/6.5_CVEs.txt | 5 +- data/6.5/6.5_security.txt | 5 +- data/6.6/6.6_CVEs.txt | 8 +- data/6.6/6.6_security.txt | 12 +- data/CVEs.txt | 45 +- data/cmts.json | 15 + data/kernel_cves.json | 427 ++++++-- data/stream_data.json | 2025 ++++++++++++++++++++++------------- data/stream_fixes.json | 116 ++ kern.json | 5 +- 109 files changed, 2396 insertions(+), 1350 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index e19430863..cb1faa2ee 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,59 +1,58 @@ # **Linux Kernel CVE Changes** -## Last Update - 27Dec23 17:15 +## Last Update - 12Jan24 17:39 ### **New CVEs Added:** +[CVE-2023-6040](cves/CVE-2023-6040) +[CVE-2023-6270](cves/CVE-2023-6270) +[CVE-2023-6531](cves/CVE-2023-6531) +[CVE-2023-7192](cves/CVE-2023-7192) +[CVE-2024-0193](cves/CVE-2024-0193) +[CVE-2024-0340](cves/CVE-2024-0340) +[CVE-2024-0443](cves/CVE-2024-0443) + + +### **New Versions Checked:** + +[4.14.336](streams/4.14) +[4.19.304](streams/4.19) +[5.10.206](streams/5.10) +[5.15.146](streams/5.15) +[5.4.266](streams/5.4) +[6.1.72](streams/6.1) +[6.6.11](streams/6.6) +[6.7](streams/6.7) + + +### **Updated CVEs:** + +[CVE-2022-1508](cves/CVE-2022-1508) +[CVE-2022-1786](cves/CVE-2022-1786) +[CVE-2022-2327](cves/CVE-2022-2327) +[CVE-2023-1193](cves/CVE-2023-1193) +[CVE-2023-2430](cves/CVE-2023-2430) +[CVE-2023-39198](cves/CVE-2023-39198) [CVE-2023-50431](cves/CVE-2023-50431) [CVE-2023-51779](cves/CVE-2023-51779) [CVE-2023-51780](cves/CVE-2023-51780) [CVE-2023-51781](cves/CVE-2023-51781) -[CVE-2023-51782](cves/CVE-2023-51782) -[CVE-2023-6356](cves/CVE-2023-6356) -[CVE-2023-6535](cves/CVE-2023-6535) -[CVE-2023-6536](cves/CVE-2023-6536) +[CVE-2023-6121](cves/CVE-2023-6121) [CVE-2023-6546](cves/CVE-2023-6546) [CVE-2023-6560](cves/CVE-2023-6560) [CVE-2023-6606](cves/CVE-2023-6606) [CVE-2023-6610](cves/CVE-2023-6610) -[CVE-2023-6622](cves/CVE-2023-6622) [CVE-2023-6679](cves/CVE-2023-6679) -[CVE-2023-6817](cves/CVE-2023-6817) -[CVE-2023-6931](cves/CVE-2023-6931) [CVE-2023-6932](cves/CVE-2023-6932) [CVE-2023-7042](cves/CVE-2023-7042) - - -### **New Versions Checked:** - -[4.14.334](streams/4.14) -[4.19.303](streams/4.19) -[5.10.205](streams/5.10) -[5.15.145](streams/5.15) -[5.4.265](streams/5.4) -[6.1.69](streams/6.1) -[6.6.8](streams/6.6) - - -### **Updated CVEs:** - -[CVE-2022-3630](cves/CVE-2022-3630) -[CVE-2022-47940](cves/CVE-2022-47940) -[CVE-2023-1095](cves/CVE-2023-1095) -[CVE-2023-1193](cves/CVE-2023-1193) -[CVE-2023-1194](cves/CVE-2023-1194) -[CVE-2023-25775](cves/CVE-2023-25775) -[CVE-2023-32247](cves/CVE-2023-32247) -[CVE-2023-32250](cves/CVE-2023-32250) -[CVE-2023-32252](cves/CVE-2023-32252) -[CVE-2023-32254](cves/CVE-2023-32254) -[CVE-2023-32257](cves/CVE-2023-32257) -[CVE-2023-32258](cves/CVE-2023-32258) -[CVE-2023-38427](cves/CVE-2023-38427) -[CVE-2023-38430](cves/CVE-2023-38430) -[CVE-2023-38431](cves/CVE-2023-38431) -[CVE-2023-3867](cves/CVE-2023-3867) -[CVE-2023-5972](cves/CVE-2023-5972) -[CVE-2023-6121](cves/CVE-2023-6121) -[CVE-2022-22942](cves/CVE-2022-22942) +[CVE-2021-3600](cves/CVE-2021-3600) +[CVE-2022-2585](cves/CVE-2022-2585) +[CVE-2022-2586](cves/CVE-2022-2586) +[CVE-2022-2588](cves/CVE-2022-2588) +[CVE-2022-2602](cves/CVE-2022-2602) +[CVE-2023-1032](cves/CVE-2023-1032) +[CVE-2023-33952](cves/CVE-2023-33952) +[CVE-2023-34324](cves/CVE-2023-34324) +[CVE-2023-51782](cves/CVE-2023-51782) +[CVE-2023-6931](cves/CVE-2023-6931) diff --git a/data/3.12/3.12_CVEs.txt b/data/3.12/3.12_CVEs.txt index afc2c086c..57d582c07 100644 --- a/data/3.12/3.12_CVEs.txt +++ b/data/3.12/3.12_CVEs.txt @@ -1105,7 +1105,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1786: Fix not seen in stream @@ -1139,7 +1138,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1270,7 +1268,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream @@ -1328,22 +1325,24 @@ CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/3.12/3.12_security.txt b/data/3.12/3.12_security.txt index 59fc55e2e..8d0267e6e 100644 --- a/data/3.12/3.12_security.txt +++ b/data/3.12/3.12_security.txt @@ -1243,7 +1243,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity @@ -1277,7 +1276,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1408,7 +1406,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() @@ -1466,22 +1463,24 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.14/3.14_CVEs.txt b/data/3.14/3.14_CVEs.txt index 9aedb2365..1bdf08e77 100644 --- a/data/3.14/3.14_CVEs.txt +++ b/data/3.14/3.14_CVEs.txt @@ -1073,7 +1073,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1786: Fix not seen in stream @@ -1107,7 +1106,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1239,7 +1237,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream @@ -1298,22 +1295,24 @@ CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/3.14/3.14_security.txt b/data/3.14/3.14_security.txt index f550a41c3..b3ce7d017 100644 --- a/data/3.14/3.14_security.txt +++ b/data/3.14/3.14_security.txt @@ -1207,7 +1207,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity @@ -1241,7 +1240,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1373,7 +1371,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() @@ -1432,22 +1429,24 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.16/3.16_CVEs.txt b/data/3.16/3.16_CVEs.txt index a428d59bd..264ca0817 100644 --- a/data/3.16/3.16_CVEs.txt +++ b/data/3.16/3.16_CVEs.txt @@ -1055,7 +1055,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1786: Fix not seen in stream @@ -1089,7 +1088,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1227,7 +1225,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream @@ -1290,22 +1287,24 @@ CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/3.16/3.16_security.txt b/data/3.16/3.16_security.txt index 03cc56a96..c21122beb 100644 --- a/data/3.16/3.16_security.txt +++ b/data/3.16/3.16_security.txt @@ -1162,7 +1162,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity @@ -1196,7 +1195,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1334,7 +1332,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() @@ -1396,22 +1393,24 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.18/3.18_CVEs.txt b/data/3.18/3.18_CVEs.txt index e840175b5..9f0db8b33 100644 --- a/data/3.18/3.18_CVEs.txt +++ b/data/3.18/3.18_CVEs.txt @@ -1039,7 +1039,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1786: Fix not seen in stream @@ -1073,7 +1072,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1214,7 +1212,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream @@ -1281,22 +1278,24 @@ CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/3.18/3.18_security.txt b/data/3.18/3.18_security.txt index eff15c760..aa8192402 100644 --- a/data/3.18/3.18_security.txt +++ b/data/3.18/3.18_security.txt @@ -1275,7 +1275,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity @@ -1309,7 +1308,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1450,7 +1448,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() @@ -1517,22 +1514,24 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/3.2/3.2_CVEs.txt b/data/3.2/3.2_CVEs.txt index f11edae89..972501f1b 100644 --- a/data/3.2/3.2_CVEs.txt +++ b/data/3.2/3.2_CVEs.txt @@ -1090,7 +1090,6 @@ CVE-2022-1263: Fix not seen in stream CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1786: Fix not seen in stream @@ -1121,7 +1120,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1238,7 +1236,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26607: Fix not seen in stream CVE-2023-28328: Fix not seen in stream @@ -1277,7 +1274,6 @@ CVE-2023-39189: Fix not seen in stream CVE-2023-39192: Fix not seen in stream CVE-2023-39193: Fix not seen in stream CVE-2023-39197: Fix not seen in stream -CVE-2023-39198: Fix not seen in stream CVE-2023-4010: Fix unknown CVE-2023-40283: Fix not seen in stream CVE-2023-42752: Fix not seen in stream @@ -1290,22 +1286,22 @@ CVE-2023-4610: Fix not seen in stream CVE-2023-4623: Fix not seen in stream CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream -CVE-2023-7042: Fix unknown +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/3.2/3.2_security.txt b/data/3.2/3.2_security.txt index b237946cb..072bda0b2 100644 --- a/data/3.2/3.2_security.txt +++ b/data/3.2/3.2_security.txt @@ -1248,7 +1248,6 @@ Outstanding CVEs: CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity @@ -1279,7 +1278,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1396,7 +1394,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() CVE-2023-28328: (unk) media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() @@ -1435,7 +1432,6 @@ Outstanding CVEs: CVE-2023-39192: (unk) netfilter: xt_u32: validate user space input CVE-2023-39193: (unk) netfilter: xt_sctp: validate the flag_info count CVE-2023-39197: (unk) netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one - CVE-2023-39198: (unk) drm/qxl: fix UAF on handle creation CVE-2023-4010: (unk) CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU @@ -1448,22 +1444,22 @@ Outstanding CVEs: CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.1/4.1_CVEs.txt b/data/4.1/4.1_CVEs.txt index 518c4abf9..b763e5f27 100644 --- a/data/4.1/4.1_CVEs.txt +++ b/data/4.1/4.1_CVEs.txt @@ -997,7 +997,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -1033,7 +1032,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1179,7 +1177,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1249,22 +1246,24 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.1/4.1_security.txt b/data/4.1/4.1_security.txt index 6ca62c8c6..e7cb8a488 100644 --- a/data/4.1/4.1_security.txt +++ b/data/4.1/4.1_security.txt @@ -1095,7 +1095,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -1131,7 +1130,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1277,7 +1275,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1347,22 +1344,24 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.10/4.10_CVEs.txt b/data/4.10/4.10_CVEs.txt index 12236ab58..2a10d5895 100644 --- a/data/4.10/4.10_CVEs.txt +++ b/data/4.10/4.10_CVEs.txt @@ -892,7 +892,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -929,7 +928,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1089,7 +1087,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1165,23 +1162,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.10/4.10_security.txt b/data/4.10/4.10_security.txt index f897cf323..aaa4c3743 100644 --- a/data/4.10/4.10_security.txt +++ b/data/4.10/4.10_security.txt @@ -926,7 +926,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -963,7 +962,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1123,7 +1121,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1199,23 +1196,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.11/4.11_CVEs.txt b/data/4.11/4.11_CVEs.txt index 9a71bcf67..d921eef9f 100644 --- a/data/4.11/4.11_CVEs.txt +++ b/data/4.11/4.11_CVEs.txt @@ -863,7 +863,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -900,7 +899,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1061,7 +1059,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1137,23 +1134,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.11/4.11_security.txt b/data/4.11/4.11_security.txt index 37c514e61..fdd36a5db 100644 --- a/data/4.11/4.11_security.txt +++ b/data/4.11/4.11_security.txt @@ -885,7 +885,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -922,7 +921,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1083,7 +1081,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1159,23 +1156,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.12/4.12_CVEs.txt b/data/4.12/4.12_CVEs.txt index 77754539e..f1fd9bc8b 100644 --- a/data/4.12/4.12_CVEs.txt +++ b/data/4.12/4.12_CVEs.txt @@ -844,7 +844,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -882,7 +881,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1048,7 +1046,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1124,23 +1121,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.12/4.12_security.txt b/data/4.12/4.12_security.txt index 62d001a0a..ec508b4cd 100644 --- a/data/4.12/4.12_security.txt +++ b/data/4.12/4.12_security.txt @@ -870,7 +870,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -908,7 +907,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1074,7 +1072,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1150,23 +1147,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.13/4.13_CVEs.txt b/data/4.13/4.13_CVEs.txt index 3ab06b289..d53b7b941 100644 --- a/data/4.13/4.13_CVEs.txt +++ b/data/4.13/4.13_CVEs.txt @@ -827,7 +827,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -865,7 +864,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1032,7 +1030,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1109,23 +1106,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.13/4.13_security.txt b/data/4.13/4.13_security.txt index 57a545726..16f5a7c48 100644 --- a/data/4.13/4.13_security.txt +++ b/data/4.13/4.13_security.txt @@ -855,7 +855,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -893,7 +892,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1060,7 +1058,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1137,23 +1134,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.14/4.14_CVEs.txt b/data/4.14/4.14_CVEs.txt index a2a0a857a..e845e9d61 100644 --- a/data/4.14/4.14_CVEs.txt +++ b/data/4.14/4.14_CVEs.txt @@ -792,7 +792,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.14.276 CVE-2022-1419: Fixed with 4.14.278 CVE-2022-1462: Fixed with 4.14.290 -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fixed with 4.14.281 CVE-2022-1679: Fixed with 4.14.291 CVE-2022-1729: Fixed with 4.14.281 @@ -833,7 +832,6 @@ CVE-2022-23041: Fixed with 4.14.271 CVE-2022-23042: Fixed with 4.14.271 CVE-2022-2318: Fixed with 4.14.287 CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fixed with 4.14.276 CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1003,7 +1001,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fixed with 4.14.312 CVE-2023-23455: Fixed with 4.14.303 CVE-2023-23559: Fixed with 4.14.305 -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fixed with 4.14.312 CVE-2023-2513: Fixed with 4.14.314 CVE-2023-26545: Fixed with 4.14.306 @@ -1081,23 +1078,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 4.14.326 -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fixed with 4.14.334 CVE-2023-51781: Fixed with 4.14.334 CVE-2023-51782: Fixed with 4.14.334 CVE-2023-5717: Fixed with 4.14.328 +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fixed with 4.14.332 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 4.14.308 +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.14/4.14_security.txt b/data/4.14/4.14_security.txt index b1435d6eb..c00cedb58 100644 --- a/data/4.14/4.14_security.txt +++ b/data/4.14/4.14_security.txt @@ -1314,6 +1314,7 @@ CVEs fixed in 4.14.308: CVE-2023-1829: 53af9c793f644d5841d84d8e0ad83bd7ab47f3e0 net/sched: Retire tcindex classifier CVE-2023-2985: a9433406837c211af58a533d9e6f7a8f865b01f3 fs: hfsplus: fix UAF issue in hfsplus_put_super CVE-2023-45862: 26f31c6e1389c23a1b822a61c59d5d1f357cb478 USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 8df5f3b50d9ce523251edf9cd0470963be20004b netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 4.14.311: CVE-2023-1855: c809ed776e190edfc04f8d6b25a62855b1386a0d hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -1540,7 +1541,6 @@ Outstanding CVEs: CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory CVE-2022-20166: (unk) drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions @@ -1549,7 +1549,6 @@ Outstanding CVEs: CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use CVE-2022-2209: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) CVE-2022-25265: (unk) @@ -1611,7 +1610,6 @@ Outstanding CVEs: CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list CVE-2023-3022: (unk) ipv6: Use result arg in fib_lookup_arg consistently @@ -1638,18 +1636,20 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.15/4.15_CVEs.txt b/data/4.15/4.15_CVEs.txt index 194cda75d..05602af55 100644 --- a/data/4.15/4.15_CVEs.txt +++ b/data/4.15/4.15_CVEs.txt @@ -743,7 +743,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -785,7 +784,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -956,7 +954,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1037,23 +1034,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.15/4.15_security.txt b/data/4.15/4.15_security.txt index 6b65ecee6..8e43463c9 100644 --- a/data/4.15/4.15_security.txt +++ b/data/4.15/4.15_security.txt @@ -776,7 +776,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -817,7 +816,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -988,7 +986,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1069,23 +1066,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.16/4.16_CVEs.txt b/data/4.16/4.16_CVEs.txt index 9c22d773a..2f360d6a3 100644 --- a/data/4.16/4.16_CVEs.txt +++ b/data/4.16/4.16_CVEs.txt @@ -721,7 +721,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -763,7 +762,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -936,7 +934,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -1017,23 +1014,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.16/4.16_security.txt b/data/4.16/4.16_security.txt index d7c03f22c..5b733d013 100644 --- a/data/4.16/4.16_security.txt +++ b/data/4.16/4.16_security.txt @@ -753,7 +753,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -795,7 +794,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -968,7 +966,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1049,23 +1046,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.17/4.17_CVEs.txt b/data/4.17/4.17_CVEs.txt index 580116e97..d898a3df1 100644 --- a/data/4.17/4.17_CVEs.txt +++ b/data/4.17/4.17_CVEs.txt @@ -701,7 +701,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -743,7 +742,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -918,7 +916,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -999,23 +996,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.17/4.17_security.txt b/data/4.17/4.17_security.txt index 2b5cfdd95..4737b6bca 100644 --- a/data/4.17/4.17_security.txt +++ b/data/4.17/4.17_security.txt @@ -733,7 +733,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -775,7 +774,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -950,7 +948,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1031,23 +1028,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.18/4.18_CVEs.txt b/data/4.18/4.18_CVEs.txt index af78e8910..d930ba122 100644 --- a/data/4.18/4.18_CVEs.txt +++ b/data/4.18/4.18_CVEs.txt @@ -678,7 +678,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1678: Fix not seen in stream CVE-2022-1679: Fix not seen in stream @@ -721,7 +720,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -896,7 +894,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream @@ -977,23 +974,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.18/4.18_security.txt b/data/4.18/4.18_security.txt index a05438ae0..82fe65871 100644 --- a/data/4.18/4.18_security.txt +++ b/data/4.18/4.18_security.txt @@ -710,7 +710,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1678: (unk) tcp: optimize tcp internal pacing CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb @@ -753,7 +752,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -928,7 +926,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename @@ -1009,23 +1006,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.19/4.19_CVEs.txt b/data/4.19/4.19_CVEs.txt index 7fd3950a8..ef8f8ae82 100644 --- a/data/4.19/4.19_CVEs.txt +++ b/data/4.19/4.19_CVEs.txt @@ -651,7 +651,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.19.238 CVE-2022-1419: Fixed with 4.19.242 CVE-2022-1462: Fixed with 4.19.254 -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fixed with 4.19.245 CVE-2022-1678: Fixed with 4.19.228 CVE-2022-1679: Fixed with 4.19.256 @@ -695,7 +694,6 @@ CVE-2022-23041: Fixed with 4.19.234 CVE-2022-23042: Fixed with 4.19.234 CVE-2022-2318: Fixed with 4.19.251 CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fixed with 4.19.238 CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -875,7 +873,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fixed with 4.19.280 CVE-2023-23455: Fixed with 4.19.270 CVE-2023-23559: Fixed with 4.19.272 -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fixed with 4.19.280 CVE-2023-2513: Fixed with 4.19.282 CVE-2023-26242: Fix unknown @@ -960,23 +957,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 4.19.295 -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fixed with 4.19.303 CVE-2023-51781: Fixed with 4.19.303 CVE-2023-51782: Fixed with 4.19.303 CVE-2023-5717: Fixed with 4.19.297 +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 4.19.304 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fixed with 4.19.302 CVE-2023-6932: Fixed with 4.19.301 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 4.19.276 +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.19/4.19_security.txt b/data/4.19/4.19_security.txt index a7e827767..1da8d7087 100644 --- a/data/4.19/4.19_security.txt +++ b/data/4.19/4.19_security.txt @@ -1134,6 +1134,7 @@ CVEs fixed in 4.19.276: CVE-2023-2985: e226f1fdcee1ca6e68233b132718deb578a84e38 fs: hfsplus: fix UAF issue in hfsplus_put_super CVE-2023-3220: c746a0b9210cebb29511f01d2becf240408327bf drm/msm/dpu: Add check for pstates CVE-2023-45862: cef5e33d8b893891817236db819982f87943e8fd USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 43b9a9c78e37a5532c2a9260dff9d9989f2bbb23 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 4.19.279: CVE-2023-1855: e0a37b43cd732038e37b4e7f6c6c0658fe0b6d73 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -1247,6 +1248,9 @@ CVEs fixed in 4.19.303: CVE-2023-51781: 580ff9f59ab6537d8ce1d0d9f012cf970553ef3d appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: 6c9afea8827dde62c4062185d22ac035090ba39b net/rose: Fix Use-After-Free in rose_ioctl +CVEs fixed in 4.19.304: + CVE-2023-6606: 89b6ae907c6bcc175bc95a67d6936217530a29ff smb: client: fix OOB in smbCalcSize() + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -1354,7 +1358,6 @@ Outstanding CVEs: CVE-2022-1247: (unk) CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-1789: (unk) KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory @@ -1363,7 +1366,6 @@ Outstanding CVEs: CVE-2022-21499: (unk) lockdown: also lock down previous kgdb use CVE-2022-2209: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) CVE-2022-25265: (unk) @@ -1424,7 +1426,6 @@ Outstanding CVEs: CVE-2023-22995: (unk) usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core CVE-2023-23000: (unk) phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function CVE-2023-23039: (unk) - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-26242: (unk) CVE-2023-28466: (unk) net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() CVE-2023-3006: (unk) arm64: Add AMPERE1 to the Spectre-BHB affected list @@ -1450,17 +1451,18 @@ Outstanding CVEs: CVE-2023-47233: (unk) CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.20/4.20_CVEs.txt b/data/4.20/4.20_CVEs.txt index b54e9a1a2..587f9ca79 100644 --- a/data/4.20/4.20_CVEs.txt +++ b/data/4.20/4.20_CVEs.txt @@ -640,7 +640,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -683,7 +682,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -872,7 +870,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -958,23 +955,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.20/4.20_security.txt b/data/4.20/4.20_security.txt index 95629a9c6..c64f365d8 100644 --- a/data/4.20/4.20_security.txt +++ b/data/4.20/4.20_security.txt @@ -673,7 +673,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -715,7 +714,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -904,7 +902,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -990,23 +987,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.3/4.3_CVEs.txt b/data/4.3/4.3_CVEs.txt index a5114d925..3e630ed95 100644 --- a/data/4.3/4.3_CVEs.txt +++ b/data/4.3/4.3_CVEs.txt @@ -993,7 +993,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -1029,7 +1028,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1180,7 +1178,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1251,22 +1248,24 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.3/4.3_security.txt b/data/4.3/4.3_security.txt index fc4f9d8fa..9096fe668 100644 --- a/data/4.3/4.3_security.txt +++ b/data/4.3/4.3_security.txt @@ -1009,7 +1009,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -1045,7 +1044,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1196,7 +1194,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1267,22 +1264,24 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.4/4.4_CVEs.txt b/data/4.4/4.4_CVEs.txt index 0739b8198..f59de3418 100644 --- a/data/4.4/4.4_CVEs.txt +++ b/data/4.4/4.4_CVEs.txt @@ -972,7 +972,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -1009,7 +1008,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1161,7 +1159,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1233,23 +1230,25 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.4/4.4_security.txt b/data/4.4/4.4_security.txt index a32f52e15..4ef841038 100644 --- a/data/4.4/4.4_security.txt +++ b/data/4.4/4.4_security.txt @@ -1463,7 +1463,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -1497,7 +1496,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1649,7 +1647,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1719,23 +1716,25 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.5/4.5_CVEs.txt b/data/4.5/4.5_CVEs.txt index b02b8434d..92b819299 100644 --- a/data/4.5/4.5_CVEs.txt +++ b/data/4.5/4.5_CVEs.txt @@ -954,7 +954,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -991,7 +990,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1144,7 +1142,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1216,23 +1213,25 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.5/4.5_security.txt b/data/4.5/4.5_security.txt index 8e091a221..9b79d95d7 100644 --- a/data/4.5/4.5_security.txt +++ b/data/4.5/4.5_security.txt @@ -970,7 +970,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -1007,7 +1006,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1160,7 +1158,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1232,23 +1229,25 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.6/4.6_CVEs.txt b/data/4.6/4.6_CVEs.txt index 16c926bf4..512c1d0ba 100644 --- a/data/4.6/4.6_CVEs.txt +++ b/data/4.6/4.6_CVEs.txt @@ -926,7 +926,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -963,7 +962,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1117,7 +1115,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1190,23 +1187,25 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.6/4.6_security.txt b/data/4.6/4.6_security.txt index 63bb29685..6011d997b 100644 --- a/data/4.6/4.6_security.txt +++ b/data/4.6/4.6_security.txt @@ -944,7 +944,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -981,7 +980,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1135,7 +1133,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1208,23 +1205,25 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.7/4.7_CVEs.txt b/data/4.7/4.7_CVEs.txt index 04f1662a8..1365710ca 100644 --- a/data/4.7/4.7_CVEs.txt +++ b/data/4.7/4.7_CVEs.txt @@ -908,7 +908,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -945,7 +944,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1100,7 +1098,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1173,23 +1170,25 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream -CVE-2023-6121: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.7/4.7_security.txt b/data/4.7/4.7_security.txt index 407c30747..032f5657d 100644 --- a/data/4.7/4.7_security.txt +++ b/data/4.7/4.7_security.txt @@ -928,7 +928,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -965,7 +964,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1120,7 +1118,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1193,23 +1190,25 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads - CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.8/4.8_CVEs.txt b/data/4.8/4.8_CVEs.txt index 47ff223c7..6448cf513 100644 --- a/data/4.8/4.8_CVEs.txt +++ b/data/4.8/4.8_CVEs.txt @@ -912,7 +912,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -949,7 +948,6 @@ CVE-2022-23040: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1104,7 +1102,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26545: Fix not seen in stream CVE-2023-26607: Fix not seen in stream @@ -1176,23 +1173,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.8/4.8_security.txt b/data/4.8/4.8_security.txt index c22af93de..4c5db9184 100644 --- a/data/4.8/4.8_security.txt +++ b/data/4.8/4.8_security.txt @@ -942,7 +942,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -979,7 +978,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -1134,7 +1132,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26607: (unk) ntfs: fix out-of-bounds read in ntfs_attr_find() @@ -1206,23 +1203,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/4.9/4.9_CVEs.txt b/data/4.9/4.9_CVEs.txt index b2df8da8f..c5b74927c 100644 --- a/data/4.9/4.9_CVEs.txt +++ b/data/4.9/4.9_CVEs.txt @@ -911,7 +911,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fixed with 4.9.311 CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fixed with 4.9.325 -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fixed with 4.9.316 CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fixed with 4.9.316 @@ -948,7 +947,6 @@ CVE-2022-23040: Fixed with 4.9.306 CVE-2022-23042: Fixed with 4.9.306 CVE-2022-2318: Fixed with 4.9.322 CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fixed with 4.9.311 CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -1105,7 +1103,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fixed with 4.9.326 CVE-2023-26545: Fix not seen in stream @@ -1180,23 +1177,26 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream +CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/4.9/4.9_security.txt b/data/4.9/4.9_security.txt index c7e4a2e4c..c28fb96b7 100644 --- a/data/4.9/4.9_security.txt +++ b/data/4.9/4.9_security.txt @@ -1555,7 +1555,6 @@ Outstanding CVEs: CVE-2022-1263: (unk) KVM: avoid NULL pointer dereference in kvm_dirty_ring_push CVE-2022-1280: (unk) drm: avoid circular locks in drm_mode_getconnector CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1786: (unk) io_uring: remove io_identity CVE-2022-20148: (unk) f2fs: fix UAF in f2fs_available_free_memory @@ -1568,7 +1567,6 @@ Outstanding CVEs: CVE-2022-2153: (unk) KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() CVE-2022-2209: (unk) CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) CVE-2022-25265: (unk) @@ -1661,7 +1659,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-26545: (unk) net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-2985: (unk) fs: hfsplus: fix UAF issue in hfsplus_put_super @@ -1728,23 +1725,26 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.0/5.0_CVEs.txt b/data/5.0/5.0_CVEs.txt index ef7c0ac0d..3f8033fdc 100644 --- a/data/5.0/5.0_CVEs.txt +++ b/data/5.0/5.0_CVEs.txt @@ -620,7 +620,6 @@ CVE-2022-1280: Fix not seen in stream CVE-2022-1353: Fix not seen in stream CVE-2022-1419: Fix not seen in stream CVE-2022-1462: Fix not seen in stream -CVE-2022-1508: Fix not seen in stream CVE-2022-1652: Fix not seen in stream CVE-2022-1679: Fix not seen in stream CVE-2022-1729: Fix not seen in stream @@ -662,7 +661,6 @@ CVE-2022-23041: Fix not seen in stream CVE-2022-23042: Fix not seen in stream CVE-2022-2318: Fix not seen in stream CVE-2022-23222: Fix not seen in stream -CVE-2022-2327: Fix not seen in stream CVE-2022-2380: Fix not seen in stream CVE-2022-23816: Fix not seen in stream CVE-2022-23825: Fix unknown @@ -851,7 +849,6 @@ CVE-2023-23039: Fix unknown CVE-2023-23454: Fix not seen in stream CVE-2023-23455: Fix not seen in stream CVE-2023-23559: Fix not seen in stream -CVE-2023-2430: Fix not seen in stream CVE-2023-2483: Fix not seen in stream CVE-2023-2513: Fix not seen in stream CVE-2023-26242: Fix unknown @@ -937,24 +934,25 @@ CVE-2023-47233: Fix unknown CVE-2023-4732: Fix not seen in stream CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream -CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream -CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.0/5.0_security.txt b/data/5.0/5.0_security.txt index af04df059..d5731417f 100644 --- a/data/5.0/5.0_security.txt +++ b/data/5.0/5.0_security.txt @@ -668,7 +668,6 @@ Outstanding CVEs: CVE-2022-1353: (unk) af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register CVE-2022-1419: (unk) drm/vgem: Close use-after-free race in vgem_gem_create CVE-2022-1462: (unk) tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - CVE-2022-1508: (unk) io_uring: reexpand under-reexpanded iters CVE-2022-1652: (unk) floppy: use a statically allocated error counter CVE-2022-1679: (unk) ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2022-1729: (unk) perf: Fix sys_perf_event_open() race against self @@ -710,7 +709,6 @@ Outstanding CVEs: CVE-2022-23042: (unk) xen/netfront: react properly to failing gnttab_end_foreign_access_ref() CVE-2022-2318: (unk) net: rose: fix UAF bugs caused by timer handler CVE-2022-23222: (unk) bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL - CVE-2022-2327: (unk) io_uring: remove any grabbing of context CVE-2022-2380: (unk) video: fbdev: sm712fb: Fix crash in smtcfb_read() CVE-2022-23816: (unk) x86/kvm/vmx: Make noinstr clean CVE-2022-23825: (unk) @@ -899,7 +897,6 @@ Outstanding CVEs: CVE-2023-23454: (unk) net: sched: cbq: dont intepret cls results when asked to drop CVE-2023-23455: (unk) net: sched: atm: dont intepret cls results when asked to drop CVE-2023-23559: (unk) wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid - CVE-2023-2430: (unk) io_uring/msg_ring: fix missing lock on overflow for IOPOLL CVE-2023-2483: (unk) net: qcom/emac: Fix use after free bug in emac_remove due to race condition CVE-2023-2513: (unk) ext4: fix use-after-free in ext4_xattr_set_entry CVE-2023-26242: (unk) @@ -985,24 +982,25 @@ Outstanding CVEs: CVE-2023-4732: (unk) mm/userfaultfd: fix uffd-wp special cases for fork() CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() - CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.1/5.1_CVEs.txt b/data/5.1/5.1_CVEs.txt index eda06940f..54bf0a062 100644 --- a/data/5.1/5.1_CVEs.txt +++ b/data/5.1/5.1_CVEs.txt @@ -920,12 +920,13 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -934,8 +935,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.1/5.1_security.txt b/data/5.1/5.1_security.txt index c5d28534b..4cfb5a2eb 100644 --- a/data/5.1/5.1_security.txt +++ b/data/5.1/5.1_security.txt @@ -956,12 +956,13 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -970,8 +971,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.10/5.10_CVEs.txt b/data/5.10/5.10_CVEs.txt index a7b4ea39e..9a329667d 100644 --- a/data/5.10/5.10_CVEs.txt +++ b/data/5.10/5.10_CVEs.txt @@ -677,25 +677,28 @@ CVE-2023-4732: Fixed with 5.10.53 CVE-2023-4881: Fixed with 5.10.198 CVE-2023-4921: Fixed with 5.10.195 CVE-2023-50431: Fix unknown -CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fixed with 5.10.199 +CVE-2023-51779: Fixed with 5.10.206 CVE-2023-51780: Fixed with 5.10.205 CVE-2023-51781: Fixed with 5.10.205 CVE-2023-51782: Fixed with 5.10.205 CVE-2023-5197: Fixed with 5.10.198 CVE-2023-5717: Fixed with 5.10.199 +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fixed with 5.10.203 CVE-2023-6176: Fixed with 5.10.195 +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fixed with 5.10.192 CVE-2023-6560: Fix not seen in stream -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 5.10.206 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fixed with 5.10.204 CVE-2023-6931: Fixed with 5.10.204 CVE-2023-6932: Fixed with 5.10.203 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 5.10.173 +CVE-2024-0193: Fixed with 5.10.206 +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.10/5.10_security.txt b/data/5.10/5.10_security.txt index b227b1cd1..61d34dd9b 100644 --- a/data/5.10/5.10_security.txt +++ b/data/5.10/5.10_security.txt @@ -697,6 +697,7 @@ CVEs fixed in 5.10.173: CVE-2023-2985: ef7d71d7bd57b8b7fe514e459927696c1c6d1047 fs: hfsplus: fix UAF issue in hfsplus_put_super CVE-2023-3220: e9743b3052e125c44b555f07f2876a4bdccfd983 drm/msm/dpu: Add check for pstates CVE-2023-45862: 961f93d63da72f5fcaa6793fb2dcbc995c119a8e USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 1ff0b87df98b93e10ced45773aa7d35377355421 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 5.10.176: CVE-2023-1855: 0a73c8b3cc99d214dff83c51805c844240c4f749 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -825,7 +826,6 @@ CVEs fixed in 5.10.198: CVEs fixed in 5.10.199: CVE-2023-35827: db9aafa19547833240f58c2998aed7baf414dc82 ravb: Fix use-after-free issue in ravb_tx_timeout_work() CVE-2023-46813: 6550cbe25de182f6c0176909a90b324cb375133f x86/sev: Check for user-space IOIO pointing to kernel space - CVE-2023-5178: e985d78bdcf37f7ef73666a43b0d2407715f00d3 nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-5717: 487a8e24643a0effb2ba19cad3227fc75dc3c4b7 perf: Disallow mis-matched inherited group reads CVEs fixed in 5.10.200: @@ -848,6 +848,11 @@ CVEs fixed in 5.10.205: CVE-2023-51781: a232eb81c7cb5d4dbd325d4611ed029b7fa07596 appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: 7eda5960a5332654b10d951e735750ed60d7f0a9 net/rose: Fix Use-After-Free in rose_ioctl +CVEs fixed in 5.10.206: + CVE-2023-51779: db1b14eec8c61a20374de9f9c2ddc6c9406a8c42 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6606: 0c54b79d1d9b25f5a406bcf1969f956e14c4704d smb: client: fix OOB in smbCalcSize() + CVE-2024-0193: 73117ea03363d4493bd4e9f82f29b34b92d88a91 netfilter: nf_tables: skip set commit for deleted/destroyed sets + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -995,13 +1000,13 @@ Outstanding CVEs: CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) - CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-7042: (unk) + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.11/5.11_CVEs.txt b/data/5.11/5.11_CVEs.txt index 275cfa1b2..6d62b379b 100644 --- a/data/5.11/5.11_CVEs.txt +++ b/data/5.11/5.11_CVEs.txt @@ -673,14 +673,15 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -689,8 +690,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.11/5.11_security.txt b/data/5.11/5.11_security.txt index 474eda2b1..ba2601a83 100644 --- a/data/5.11/5.11_security.txt +++ b/data/5.11/5.11_security.txt @@ -715,14 +715,15 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -731,8 +732,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.12/5.12_CVEs.txt b/data/5.12/5.12_CVEs.txt index d96b0dda6..628619d81 100644 --- a/data/5.12/5.12_CVEs.txt +++ b/data/5.12/5.12_CVEs.txt @@ -625,14 +625,15 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -641,8 +642,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.12/5.12_security.txt b/data/5.12/5.12_security.txt index 84cc7a9b9..ea2af7176 100644 --- a/data/5.12/5.12_security.txt +++ b/data/5.12/5.12_security.txt @@ -657,14 +657,15 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -673,8 +674,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.13/5.13_CVEs.txt b/data/5.13/5.13_CVEs.txt index bcdbf9dbf..687ae770e 100644 --- a/data/5.13/5.13_CVEs.txt +++ b/data/5.13/5.13_CVEs.txt @@ -596,14 +596,15 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -612,8 +613,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.13/5.13_security.txt b/data/5.13/5.13_security.txt index 689e653db..90a748b92 100644 --- a/data/5.13/5.13_security.txt +++ b/data/5.13/5.13_security.txt @@ -630,14 +630,15 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -646,8 +647,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.14/5.14_CVEs.txt b/data/5.14/5.14_CVEs.txt index 1d0a45159..183f78c5c 100644 --- a/data/5.14/5.14_CVEs.txt +++ b/data/5.14/5.14_CVEs.txt @@ -570,14 +570,15 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -586,8 +587,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.14/5.14_security.txt b/data/5.14/5.14_security.txt index aa52b346d..4858963a5 100644 --- a/data/5.14/5.14_security.txt +++ b/data/5.14/5.14_security.txt @@ -604,14 +604,15 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -620,8 +621,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.15/5.15_CVEs.txt b/data/5.15/5.15_CVEs.txt index 436aaf6cb..b13bedd8e 100644 --- a/data/5.15/5.15_CVEs.txt +++ b/data/5.15/5.15_CVEs.txt @@ -575,26 +575,29 @@ CVE-2023-4881: Fixed with 5.15.132 CVE-2023-4921: Fixed with 5.15.132 CVE-2023-50431: Fix unknown CVE-2023-5158: Fixed with 5.15.135 -CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fixed with 5.15.137 +CVE-2023-51779: Fixed with 5.15.146 CVE-2023-51780: Fixed with 5.15.144 CVE-2023-51781: Fixed with 5.15.144 CVE-2023-51782: Fixed with 5.15.144 CVE-2023-5197: Fixed with 5.15.134 CVE-2023-5717: Fixed with 5.15.137 CVE-2023-6039: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fixed with 5.15.141 CVE-2023-6176: Fixed with 5.15.132 +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fixed with 5.15.128 CVE-2023-6560: Fix not seen in stream -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 5.15.146 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fixed with 5.15.143 -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fixed with 5.15.143 CVE-2023-6931: Fixed with 5.15.143 CVE-2023-6932: Fixed with 5.15.142 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 5.15.100 +CVE-2024-0193: Fixed with 5.15.146 +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.15/5.15_security.txt b/data/5.15/5.15_security.txt index 4018b2b30..1753bc6f4 100644 --- a/data/5.15/5.15_security.txt +++ b/data/5.15/5.15_security.txt @@ -501,6 +501,7 @@ CVEs fixed in 5.15.100: CVE-2023-1829: 7c183dc0af472dec33d2c0786a5e356baa8cad19 net/sched: Retire tcindex classifier CVE-2023-23004: 1c7988d5c79f72287177bb774cde15fde69f3c97 malidp: Fix NULL vs IS_ERR() checking CVE-2023-45862: 7e902b949600c51c94d06b137f874126a27e6557 USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: af41b3cd9a9245f482b8855bd3c62c6f04ae68ab netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 5.15.104: CVE-2023-1855: 7091951c2ca9d3fbec75ef1d677cbd89eeac9793 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -657,7 +658,6 @@ CVEs fixed in 5.15.136: CVEs fixed in 5.15.137: CVE-2023-46813: 582f7993353c7b116651f88385b1785dffa14c5d x86/sev: Check for user-space IOIO pointing to kernel space - CVE-2023-5178: 34f62612be2a7f90ab68a14154db6664a32f8db0 nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-5717: 71d224acc4d1df1b61a294abee0f1032a9b03b40 perf: Disallow mis-matched inherited group reads CVEs fixed in 5.15.140: @@ -695,6 +695,11 @@ CVEs fixed in 5.15.145: CVE-2023-38431: df3a4518aee64f21bcafa891105b468413f27431 ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop CVE-2023-3867: 97f5c1e3086c8ba1473c265d9a5523cc9ef5579e ksmbd: add missing compound request handing in some commands +CVEs fixed in 5.15.146: + CVE-2023-51779: 2b16d960c79abc397f102c3d23d30005b68cb036 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6606: ded3cfdefec8b2accc767f176419316b61c157c3 smb: client: fix OOB in smbCalcSize() + CVE-2024-0193: d10f7540c5541ad9f4fe2a02a73153d25d4a540d netfilter: nf_tables: skip set commit for deleted/destroyed sets + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -816,13 +821,13 @@ Outstanding CVEs: CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) - CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-7042: (unk) + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.16/5.16_CVEs.txt b/data/5.16/5.16_CVEs.txt index e6da0009c..46c9bd4e4 100644 --- a/data/5.16/5.16_CVEs.txt +++ b/data/5.16/5.16_CVEs.txt @@ -545,15 +545,16 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6039: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -562,8 +563,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.16/5.16_security.txt b/data/5.16/5.16_security.txt index 35ef2c399..022023a2d 100644 --- a/data/5.16/5.16_security.txt +++ b/data/5.16/5.16_security.txt @@ -581,15 +581,16 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -598,8 +599,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.17/5.17_CVEs.txt b/data/5.17/5.17_CVEs.txt index 2cdd2ae5e..f75a55b52 100644 --- a/data/5.17/5.17_CVEs.txt +++ b/data/5.17/5.17_CVEs.txt @@ -491,15 +491,16 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream CVE-2023-6039: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -508,8 +509,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.17/5.17_security.txt b/data/5.17/5.17_security.txt index fa19571dd..4806850a1 100644 --- a/data/5.17/5.17_security.txt +++ b/data/5.17/5.17_security.txt @@ -523,15 +523,16 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -540,8 +541,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.18/5.18_CVEs.txt b/data/5.18/5.18_CVEs.txt index 69ff5b256..fda3fbebe 100644 --- a/data/5.18/5.18_CVEs.txt +++ b/data/5.18/5.18_CVEs.txt @@ -440,7 +440,6 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -449,6 +448,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -457,8 +457,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.18/5.18_security.txt b/data/5.18/5.18_security.txt index 9fc8b0f51..0fb2cb82c 100644 --- a/data/5.18/5.18_security.txt +++ b/data/5.18/5.18_security.txt @@ -476,7 +476,6 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -485,6 +484,7 @@ Outstanding CVEs: CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -493,8 +493,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.19/5.19_CVEs.txt b/data/5.19/5.19_CVEs.txt index a8b0c6b0f..8dc75f151 100644 --- a/data/5.19/5.19_CVEs.txt +++ b/data/5.19/5.19_CVEs.txt @@ -397,7 +397,6 @@ CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -406,6 +405,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -414,8 +414,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.19/5.19_security.txt b/data/5.19/5.19_security.txt index d0bee3bcf..e6cdf262f 100644 --- a/data/5.19/5.19_security.txt +++ b/data/5.19/5.19_security.txt @@ -427,7 +427,6 @@ Outstanding CVEs: CVE-2023-50431: (unk) CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -436,6 +435,7 @@ Outstanding CVEs: CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -444,8 +444,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.2/5.2_CVEs.txt b/data/5.2/5.2_CVEs.txt index 570c0968a..046c49efc 100644 --- a/data/5.2/5.2_CVEs.txt +++ b/data/5.2/5.2_CVEs.txt @@ -882,12 +882,13 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -896,8 +897,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.2/5.2_security.txt b/data/5.2/5.2_security.txt index 1bf3276f3..0147f9507 100644 --- a/data/5.2/5.2_security.txt +++ b/data/5.2/5.2_security.txt @@ -920,12 +920,13 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -934,8 +935,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.3/5.3_CVEs.txt b/data/5.3/5.3_CVEs.txt index 09339d566..18dec1876 100644 --- a/data/5.3/5.3_CVEs.txt +++ b/data/5.3/5.3_CVEs.txt @@ -857,12 +857,13 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -871,8 +872,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.3/5.3_security.txt b/data/5.3/5.3_security.txt index 811dcb5cc..fad16cded 100644 --- a/data/5.3/5.3_security.txt +++ b/data/5.3/5.3_security.txt @@ -893,12 +893,13 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -907,8 +908,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.4/5.4_CVEs.txt b/data/5.4/5.4_CVEs.txt index b8fa1c12d..803aedf27 100644 --- a/data/5.4/5.4_CVEs.txt +++ b/data/5.4/5.4_CVEs.txt @@ -787,22 +787,25 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fixed with 5.4.257 CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fixed with 5.4.260 CVE-2023-51780: Fixed with 5.4.265 CVE-2023-51781: Fixed with 5.4.265 CVE-2023-51782: Fixed with 5.4.265 CVE-2023-5717: Fixed with 5.4.259 +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fixed with 5.4.263 +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream CVE-2023-6560: Fix not seen in stream -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 5.4.266 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fixed with 5.4.264 CVE-2023-6932: Fixed with 5.4.263 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 5.4.235 +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.4/5.4_security.txt b/data/5.4/5.4_security.txt index 160264356..779e37e59 100644 --- a/data/5.4/5.4_security.txt +++ b/data/5.4/5.4_security.txt @@ -897,6 +897,7 @@ CVEs fixed in 5.4.235: CVE-2023-2985: 3776ef785e1005355cdd86c751a8e838bac8e2e8 fs: hfsplus: fix UAF issue in hfsplus_put_super CVE-2023-3220: dadd30fcc7e3e01561ef3624f6c0e323105ab523 drm/msm/dpu: Add check for pstates CVE-2023-45862: da4e715a466ca982d4584da21ea385f28ca79ce6 USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 5d0d38805d3234ca2cd6fbeb74d706348f4bbc43 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 5.4.238: CVE-2023-1855: 26c176ce902861a45f8d699e057245ed7e0bcdf2 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition @@ -1013,7 +1014,6 @@ CVEs fixed in 5.4.259: CVEs fixed in 5.4.260: CVE-2021-44879: e9a988cd4c8baac7550aa0c2f1efc9533ed9da36 f2fs: fix to do sanity check on inode type during garbage collection CVE-2023-45863: 5776aeee2a604ccc03e8269713624f9c8fd318e0 kobject: Fix slab-out-of-bounds in fill_kobj_path() - CVE-2023-5178: 4e53bab11f01a401a5acd3bc94335b27ec79106b nvmet-tcp: Fix a possible UAF in queue intialization setup CVEs fixed in 5.4.263: CVE-2023-6121: afbedd6136cbff0b4412efd09d98d2cb7348563c nvmet: nul-terminate the NQNs passed in the connect command @@ -1027,6 +1027,9 @@ CVEs fixed in 5.4.265: CVE-2023-51781: 9112bd107208cd6a4f0175ca36289ed170622cce appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: 3df812627e7d0bf557f3781c3448d42c8fe8313e net/rose: Fix Use-After-Free in rose_ioctl +CVEs fixed in 5.4.266: + CVE-2023-6606: 508e2fdd978e4c26798eac2059f9520255904f82 smb: client: fix OOB in smbCalcSize() + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -1197,14 +1200,16 @@ Outstanding CVEs: CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.5/5.5_CVEs.txt b/data/5.5/5.5_CVEs.txt index 6c668a25d..45397a1b6 100644 --- a/data/5.5/5.5_CVEs.txt +++ b/data/5.5/5.5_CVEs.txt @@ -748,12 +748,13 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -762,8 +763,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.5/5.5_security.txt b/data/5.5/5.5_security.txt index f6c11ea3c..d16733e6a 100644 --- a/data/5.5/5.5_security.txt +++ b/data/5.5/5.5_security.txt @@ -782,12 +782,13 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -796,8 +797,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.6/5.6_CVEs.txt b/data/5.6/5.6_CVEs.txt index 0b9ca182f..72c3290fc 100644 --- a/data/5.6/5.6_CVEs.txt +++ b/data/5.6/5.6_CVEs.txt @@ -729,12 +729,13 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -743,8 +744,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.6/5.6_security.txt b/data/5.6/5.6_security.txt index 5a85946da..bc73a9e20 100644 --- a/data/5.6/5.6_security.txt +++ b/data/5.6/5.6_security.txt @@ -763,12 +763,13 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -777,8 +778,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.7/5.7_CVEs.txt b/data/5.7/5.7_CVEs.txt index 02a96d12a..f96334e42 100644 --- a/data/5.7/5.7_CVEs.txt +++ b/data/5.7/5.7_CVEs.txt @@ -729,13 +729,14 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -744,8 +745,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.7/5.7_security.txt b/data/5.7/5.7_security.txt index d3a8c7a2e..30f110335 100644 --- a/data/5.7/5.7_security.txt +++ b/data/5.7/5.7_security.txt @@ -763,13 +763,14 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -778,8 +779,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.8/5.8_CVEs.txt b/data/5.8/5.8_CVEs.txt index db84c1e0d..e3d5a3268 100644 --- a/data/5.8/5.8_CVEs.txt +++ b/data/5.8/5.8_CVEs.txt @@ -716,13 +716,14 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -731,8 +732,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.8/5.8_security.txt b/data/5.8/5.8_security.txt index 1a4296de6..21d645402 100644 --- a/data/5.8/5.8_security.txt +++ b/data/5.8/5.8_security.txt @@ -750,13 +750,14 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -765,8 +766,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/5.9/5.9_CVEs.txt b/data/5.9/5.9_CVEs.txt index 956ecd5e9..965f75996 100644 --- a/data/5.9/5.9_CVEs.txt +++ b/data/5.9/5.9_CVEs.txt @@ -693,14 +693,15 @@ CVE-2023-4881: Fix not seen in stream CVE-2023-4921: Fix not seen in stream CVE-2023-50431: Fix unknown CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream CVE-2023-5197: Fix not seen in stream CVE-2023-5717: Fix not seen in stream +CVE-2023-6040: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -709,8 +710,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/5.9/5.9_security.txt b/data/5.9/5.9_security.txt index ef5149293..b343b6954 100644 --- a/data/5.9/5.9_security.txt +++ b/data/5.9/5.9_security.txt @@ -723,14 +723,15 @@ Outstanding CVEs: CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue() CVE-2023-50431: (unk) CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads + CVE-2023-6040: (unk) netfilter: nf_tables: Reject tables of unsupported family CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -739,8 +740,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.0/6.0_CVEs.txt b/data/6.0/6.0_CVEs.txt index db8d5d7dc..e6fde3bf5 100644 --- a/data/6.0/6.0_CVEs.txt +++ b/data/6.0/6.0_CVEs.txt @@ -352,7 +352,6 @@ CVE-2023-50431: Fix unknown CVE-2023-5090: Fix not seen in stream CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -361,6 +360,7 @@ CVE-2023-5717: Fix not seen in stream CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown @@ -369,8 +369,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fix not seen in stream +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream diff --git a/data/6.0/6.0_security.txt b/data/6.0/6.0_security.txt index 74012cb44..fb458bb1c 100644 --- a/data/6.0/6.0_security.txt +++ b/data/6.0/6.0_security.txt @@ -386,7 +386,6 @@ Outstanding CVEs: CVE-2023-5090: (unk) x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -395,6 +394,7 @@ Outstanding CVEs: CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) @@ -403,8 +403,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2023-7192: (unk) netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.1/6.1_CVEs.txt b/data/6.1/6.1_CVEs.txt index a7dcb9255..4501d9ca5 100644 --- a/data/6.1/6.1_CVEs.txt +++ b/data/6.1/6.1_CVEs.txt @@ -124,7 +124,7 @@ CVE-2023-1078: Fixed with 6.1.12 CVE-2023-1079: Fixed with 6.1.16 CVE-2023-1118: Fixed with 6.1.16 CVE-2023-1192: Fixed with 6.1.33 -CVE-2023-1193: Fix not seen in stream +CVE-2023-1193: Fixed with 6.1.71 CVE-2023-1194: Fixed with 6.1.34 CVE-2023-1206: Fixed with 6.1.43 CVE-2023-1281: Fixed with 6.1.13 @@ -295,8 +295,7 @@ CVE-2023-4921: Fixed with 6.1.54 CVE-2023-50431: Fix unknown CVE-2023-5090: Fixed with 6.1.62 CVE-2023-5158: Fixed with 6.1.57 -CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fixed with 6.1.60 +CVE-2023-51779: Fixed with 6.1.70 CVE-2023-51780: Fixed with 6.1.69 CVE-2023-51781: Fixed with 6.1.69 CVE-2023-51782: Fixed with 6.1.69 @@ -306,16 +305,20 @@ CVE-2023-5717: Fixed with 6.1.60 CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fixed with 6.1.65 CVE-2023-6176: Fixed with 6.1.54 +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fixed with 6.1.68 CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fixed with 6.1.47 CVE-2023-6560: Fix not seen in stream -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 6.1.70 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fixed with 6.1.68 -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fixed with 6.1.68 CVE-2023-6931: Fixed with 6.1.68 CVE-2023-6932: Fixed with 6.1.66 CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 6.1.18 +CVE-2024-0193: Fixed with 6.1.71 +CVE-2024-0340: Fix not seen in stream diff --git a/data/6.1/6.1_security.txt b/data/6.1/6.1_security.txt index cd43bde83..540a7690f 100644 --- a/data/6.1/6.1_security.txt +++ b/data/6.1/6.1_security.txt @@ -100,6 +100,7 @@ CVEs fixed in 6.1.16: CVEs fixed in 6.1.18: CVE-2023-1829: 3abebc503a5148072052c229c6b04b329a420ecd net/sched: Retire tcindex classifier CVE-2023-45862: ff542083b105c9c72d83899d3f74eeec354f808e USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 4f25d1dff80535f088b8f8568dd731fb098e29b4 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 6.1.20: CVE-2023-28466: 14c17c673e1bba08032d245d5fb025d1cbfee123 net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() @@ -291,7 +292,6 @@ CVEs fixed in 6.1.59: CVEs fixed in 6.1.60: CVE-2023-46813: 57d0639f60f1ff04cbe7fd52823b94b894d7f812 x86/sev: Check for user-space IOIO pointing to kernel space - CVE-2023-5178: f691ec5a548257edb3aacd952e2a574e4e57b2c4 nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-5717: f6952655a61264900ed08e9d642adad8222f8e29 perf: Disallow mis-matched inherited group reads CVEs fixed in 6.1.61: @@ -307,6 +307,7 @@ CVEs fixed in 6.1.66: CVE-2023-6932: 94445d9583079e0ccc5dde1370076ff24800d86e ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVEs fixed in 6.1.68: + CVE-2023-6531: f2f57f51b53be153a522300454ddb3887722fb2c io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6622: 96f8654b701f772af5f358b91807ce2836ff3444 netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: 189c2a82933c67ad360c421258d5449f6647544a netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: 06dec254c59afd01b7a44838cf8bfc382bef019b perf: Fix perf_event_validate_size() @@ -316,6 +317,14 @@ CVEs fixed in 6.1.69: CVE-2023-51781: 1646b2929d5efc3861139ba58556b0f149c848f6 appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: 01540ee2366a0a8671c35cd57a66bf0817106ffa net/rose: Fix Use-After-Free in rose_ioctl +CVEs fixed in 6.1.70: + CVE-2023-51779: 37f71e2c9f515834841826f4eb68ec33cfb2a1ff Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6606: c60e10d1549f8748a68ec13dcd177c62843985ff smb: client: fix OOB in smbCalcSize() + +CVEs fixed in 6.1.71: + CVE-2023-1193: 8d271ef5e5cac8a470076891b248a28a2c57fb1e ksmbd: delete asynchronous work from list + CVE-2024-0193: 0105571f80edb96f81bb4bbdd5233a9130dc345b netfilter: nf_tables: skip set commit for deleted/destroyed sets + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -394,7 +403,6 @@ Outstanding CVEs: CVE-2022-45885: (unk) CVE-2022-45888: (unk) char: xillybus: Prevent use-after-free due to race condition CVE-2023-0597: (unk) x86/mm: Randomize per-cpu entry area - CVE-2023-1193: (unk) ksmbd: delete asynchronous work from list CVE-2023-20941: (unk) CVE-2023-21264: (unk) KVM: arm64: Prevent unconditional donation of unmapped regions from the host CVE-2023-21400: (unk) @@ -419,13 +427,12 @@ Outstanding CVEs: CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES CVE-2023-47233: (unk) CVE-2023-50431: (unk) - CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-7042: (unk) + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.2/6.2_CVEs.txt b/data/6.2/6.2_CVEs.txt index 672105ba5..d40c28556 100644 --- a/data/6.2/6.2_CVEs.txt +++ b/data/6.2/6.2_CVEs.txt @@ -242,7 +242,6 @@ CVE-2023-50431: Fix unknown CVE-2023-5090: Fix not seen in stream CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -255,7 +254,9 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fix not seen in stream CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream @@ -263,8 +264,11 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2023-7192: Fixed with 6.2.5 +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream +CVE-2024-0443: Fix not seen in stream diff --git a/data/6.2/6.2_security.txt b/data/6.2/6.2_security.txt index 5d20a4c55..d029d1a92 100644 --- a/data/6.2/6.2_security.txt +++ b/data/6.2/6.2_security.txt @@ -27,6 +27,7 @@ CVEs fixed in 6.2.3: CVEs fixed in 6.2.5: CVE-2023-1829: 372ae77cf11d11fb118cbe2d37def9dd5f826abd net/sched: Retire tcindex classifier CVE-2023-45862: 5ee39d2216dc98a894ffc38d15e1ef2d41e2266b USB: ene_usb6250: Allocate enough memory for full object + CVE-2023-7192: 033ac6ea4b513f9a4a20882f431f68cea307ba87 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() CVEs fixed in 6.2.7: CVE-2023-28466: 5231fa057bb0e52095591b303cf95ebd17bc62ce net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() @@ -270,7 +271,6 @@ Outstanding CVEs: CVE-2023-5090: (unk) x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -283,7 +283,9 @@ Outstanding CVEs: CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6270: (unk) CVE-2023-6356: (unk) + CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux @@ -291,8 +293,10 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() + CVE-2024-0443: (unk) blk-cgroup: Flush stats before releasing blkcg_gq diff --git a/data/6.3/6.3_CVEs.txt b/data/6.3/6.3_CVEs.txt index b6255bf83..b82dd3470 100644 --- a/data/6.3/6.3_CVEs.txt +++ b/data/6.3/6.3_CVEs.txt @@ -205,7 +205,6 @@ CVE-2023-50431: Fix unknown CVE-2023-5090: Fix not seen in stream CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -218,7 +217,9 @@ CVE-2023-6039: Fix not seen in stream CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fix not seen in stream CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fix not seen in stream @@ -226,8 +227,10 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2024-0193: Fix not seen in stream +CVE-2024-0340: Fix not seen in stream +CVE-2024-0443: Fixed with 6.3.9 diff --git a/data/6.3/6.3_security.txt b/data/6.3/6.3_security.txt index 85cc0c86f..00a1b4889 100644 --- a/data/6.3/6.3_security.txt +++ b/data/6.3/6.3_security.txt @@ -69,6 +69,7 @@ CVEs fixed in 6.3.9: CVE-2023-3390: bdace3b1a51887211d3e49417a18fdbd315a313b netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE CVE-2023-3609: 4efd555a43dc24f3342bcc036522c430f5869e6f net/sched: cls_u32: Fix reference counter leak leading to overflow CVE-2023-38430: 75e7d81679ef7995422adc84ef597fded99c24a6 ksmbd: validate smb request protocol id + CVE-2024-0443: 0f6090d90f627d8c58f939067d6c6821ce1b3c68 blk-cgroup: Flush stats before releasing blkcg_gq CVEs fixed in 6.3.10: CVE-2023-3610: a1547f81341f14b1b355df04218152e8b5d4b264 netfilter: nf_tables: fix chain binding transaction logic @@ -233,7 +234,6 @@ Outstanding CVEs: CVE-2023-5090: (unk) x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -246,7 +246,9 @@ Outstanding CVEs: CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6270: (unk) CVE-2023-6356: (unk) + CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux @@ -254,8 +256,9 @@ Outstanding CVEs: CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets + CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset() diff --git a/data/6.4/6.4_CVEs.txt b/data/6.4/6.4_CVEs.txt index a0c4d6c5c..1e5a05227 100644 --- a/data/6.4/6.4_CVEs.txt +++ b/data/6.4/6.4_CVEs.txt @@ -152,7 +152,6 @@ CVE-2023-50431: Fix unknown CVE-2023-5090: Fix not seen in stream CVE-2023-5158: Fix not seen in stream CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fix not seen in stream CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -165,7 +164,9 @@ CVE-2023-6039: Fixed with 6.4.10 CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fix not seen in stream CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fix not seen in stream CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6546: Fixed with 6.4.12 @@ -173,8 +174,8 @@ CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2024-0193: Fix not seen in stream diff --git a/data/6.4/6.4_security.txt b/data/6.4/6.4_security.txt index ca91899c2..7949337c4 100644 --- a/data/6.4/6.4_security.txt +++ b/data/6.4/6.4_security.txt @@ -180,7 +180,6 @@ Outstanding CVEs: CVE-2023-5090: (unk) x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - CVE-2023-5178: (unk) nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl @@ -192,15 +191,17 @@ Outstanding CVEs: CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() CVE-2023-6238: (unk) + CVE-2023-6270: (unk) CVE-2023-6356: (unk) + CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets diff --git a/data/6.5/6.5_CVEs.txt b/data/6.5/6.5_CVEs.txt index 12446e2e6..0556d3395 100644 --- a/data/6.5/6.5_CVEs.txt +++ b/data/6.5/6.5_CVEs.txt @@ -107,7 +107,6 @@ CVE-2023-50431: Fix unknown CVE-2023-5090: Fixed with 6.5.9 CVE-2023-5158: Fixed with 6.5.7 CVE-2023-51779: Fix not seen in stream -CVE-2023-5178: Fixed with 6.5.9 CVE-2023-51780: Fix not seen in stream CVE-2023-51781: Fix not seen in stream CVE-2023-51782: Fix not seen in stream @@ -119,15 +118,17 @@ CVE-2023-5972: Fixed with 6.5.9 CVE-2023-6121: Fix not seen in stream CVE-2023-6176: Fixed with 6.5.4 CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fix not seen in stream CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6560: Fix not seen in stream CVE-2023-6606: Fix not seen in stream CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fix not seen in stream -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fix not seen in stream CVE-2023-6931: Fix not seen in stream CVE-2023-6932: Fix not seen in stream CVE-2023-7042: Fix unknown +CVE-2024-0193: Fix not seen in stream diff --git a/data/6.5/6.5_security.txt b/data/6.5/6.5_security.txt index e228607a7..d22303d2a 100644 --- a/data/6.5/6.5_security.txt +++ b/data/6.5/6.5_security.txt @@ -34,7 +34,6 @@ CVEs fixed in 6.5.8: CVEs fixed in 6.5.9: CVE-2023-46813: 11b975cb82cc6d88e8b04f77a673077ac5c30c8b x86/sev: Check for user-space IOIO pointing to kernel space CVE-2023-5090: 94805f9d3a3fb1f091bcc08b9c4846c4346706eb x86: KVM: SVM: always update the x2avic msr interception - CVE-2023-5178: 675f0e9bb716fa3252979145b9b1a950140e94e9 nvmet-tcp: Fix a possible UAF in queue intialization setup CVE-2023-5717: 20f925d38e1ecc1d36ee6bf6e325fb514a6f727d perf: Disallow mis-matched inherited group reads CVE-2023-5972: 8a544721329e711f85358f73fe56964cdedeb531 nf_tables: fix NULL pointer dereference in nft_expr_inner_parse() @@ -135,15 +134,17 @@ Outstanding CVEs: CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command CVE-2023-6238: (unk) + CVE-2023-6270: (unk) CVE-2023-6356: (unk) + CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6535: (unk) CVE-2023-6536: (unk) CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: (unk) perf: Fix perf_event_validate_size() CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-7042: (unk) + CVE-2024-0193: (unk) netfilter: nf_tables: skip set commit for deleted/destroyed sets diff --git a/data/6.6/6.6_CVEs.txt b/data/6.6/6.6_CVEs.txt index 5771b6ec7..5c2cb6d92 100644 --- a/data/6.6/6.6_CVEs.txt +++ b/data/6.6/6.6_CVEs.txt @@ -85,22 +85,24 @@ CVE-2023-4010: Fix unknown CVE-2023-46862: Fixed with 6.6 CVE-2023-47233: Fix unknown CVE-2023-50431: Fix unknown -CVE-2023-51779: Fix not seen in stream +CVE-2023-51779: Fixed with 6.6.9 CVE-2023-51780: Fixed with 6.6.8 CVE-2023-51781: Fixed with 6.6.8 CVE-2023-51782: Fixed with 6.6.8 CVE-2023-6111: Fixed with 6.6.3 CVE-2023-6121: Fixed with 6.6.4 CVE-2023-6238: Fix unknown +CVE-2023-6270: Fix unknown CVE-2023-6356: Fix unknown +CVE-2023-6531: Fixed with 6.6.7 CVE-2023-6535: Fix unknown CVE-2023-6536: Fix unknown CVE-2023-6560: Fixed with 6.6.5 -CVE-2023-6606: Fix not seen in stream +CVE-2023-6606: Fixed with 6.6.9 CVE-2023-6610: Fix not seen in stream CVE-2023-6622: Fixed with 6.6.7 -CVE-2023-6679: Fix not seen in stream CVE-2023-6817: Fixed with 6.6.7 CVE-2023-6931: Fixed with 6.6.7 CVE-2023-6932: Fixed with 6.6.5 CVE-2023-7042: Fix unknown +CVE-2024-0193: Fixed with 6.6.10 diff --git a/data/6.6/6.6_security.txt b/data/6.6/6.6_security.txt index 344e30dab..a0d313e18 100644 --- a/data/6.6/6.6_security.txt +++ b/data/6.6/6.6_security.txt @@ -13,6 +13,7 @@ CVEs fixed in 6.6.5: CVE-2023-6932: bf8601dabed0c134a7d58085824e3e466840c5d1 ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVEs fixed in 6.6.7: + CVE-2023-6531: 5a33d385eb36991a91e3dddb189d8679e2aac2be io_uring/af_unix: disable sending io_uring over sockets CVE-2023-6622: 5eeba00a89c5c6be4e45b69bef20d1d1b9edb968 netfilter: nf_tables: bail out on mismatching dynset and set expressions CVE-2023-6817: c66d39f18e0ef16bac8c8491b657051f531a1eba netfilter: nft_set_pipapo: skip inactive elements during set walk CVE-2023-6931: cfe9295db0932f1b8e0d94ffc75521898e5a5a8a perf: Fix perf_event_validate_size() @@ -22,6 +23,13 @@ CVEs fixed in 6.6.8: CVE-2023-51781: e15ded324a3911358e8541a1b573665f99f216ef appletalk: Fix Use-After-Free in atalk_ioctl CVE-2023-51782: 63caa51833e8701248a8a89d83effe96f30e4c80 net/rose: Fix Use-After-Free in rose_ioctl +CVEs fixed in 6.6.9: + CVE-2023-51779: 1d576c3a5af850bf11fbd103f9ba11aa6d6061fb Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + CVE-2023-6606: ac48fcef5ec2e9ac85c0b39045d874e60eac75d7 smb: client: fix OOB in smbCalcSize() + +CVEs fixed in 6.6.10: + CVE-2024-0193: b7f1c01b55ad2a5da12f08e5ec3c76dabb99882a netfilter: nf_tables: skip set commit for deleted/destroyed sets + Outstanding CVEs: CVE-2005-3660: (unk) CVE-2007-3719: (unk) @@ -109,12 +117,10 @@ Outstanding CVEs: CVE-2023-4010: (unk) CVE-2023-47233: (unk) CVE-2023-50431: (unk) - CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg CVE-2023-6238: (unk) + CVE-2023-6270: (unk) CVE-2023-6356: (unk) CVE-2023-6535: (unk) CVE-2023-6536: (unk) - CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize() CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail() - CVE-2023-6679: (unk) dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set() CVE-2023-7042: (unk) diff --git a/data/CVEs.txt b/data/CVEs.txt index ca2335090..57f3ea1cd 100644 --- a/data/CVEs.txt +++ b/data/CVEs.txt @@ -1320,7 +1320,7 @@ CVE-2019-15792: Vendor Specific CVE-2019-15793: Vendor Specific CVE-2019-15794: 2f502839e85ab265f03f25f30d6463154aee5473 - 2896900e22f8212606a1837d89a6bbce314ceeda (v4.19-rc1 to v5.12) CVE-2019-15807: 2908d778ab3e244900c310974e1fc1c69066e450 - 3b0541791453fbe7f42867e310e0c9eb6295364d (v2.6.19-rc1 to v5.2-rc3) -CVE-2019-15902: local - (n/a) (unk to unk) +CVE-2019-15902: (n/a) - (n/a) (unk to unk) CVE-2019-15916: 1d24eb4815d1e0e8b451ecc546645f8ef1176d4f - 895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab (v2.6.38-rc1 to v5.1-rc1) CVE-2019-15917: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 56897b217a1d0a91c9920cb418d6b3fe922f590a (v2.6.12-rc2 to v5.1-rc1) CVE-2019-15918: 9764c02fcbad40001fd3f63558d918e4d519bb75 - b57a55e2200ede754e4dc9cce4ba9402544b9365 (v4.14-rc2 to v5.1-rc6) @@ -1403,7 +1403,7 @@ CVE-2019-19066: a36c61f9025b8924f99f54d518763bee7aa84085 - 0e62395da2bd5166d7c9e CVE-2019-19067: a8fe58cec351c25e09c393bf46117c0c47b5a17c - 57be09c6e8747bf48704136d9e3f92bfb93f5725 (v4.6-rc1 to v5.4-rc2) CVE-2019-19068: 26f1fad29ad973b0fb26a9ca3dcb2a73dde781aa - a2cdd07488e666aa93a49a3fc9c9b1299e27ef3c (v4.4-rc1 to v5.5-rc1) CVE-2019-19069: 6cffd79504ce040f460831030d3069fa1c99bb71 - fc739a058d99c9297ef6bfd923b809d85855b9a9 (v5.1-rc1 to v5.4-rc3) -CVE-2019-19070: 9b00bc7b901ff672a9252002d3810fdf9489bc64 - d3b0ffa1d75d5305ebe34735598993afbb8a869 (v4.17-rc1 to v5.5-rc1) +CVE-2019-19070: 9b00bc7b901ff672a9252002d3810fdf9489bc64 - d3b0ffa1d75d5305ebe34735598993afbb8a869d (v4.17-rc1 to v5.5-rc1) CVE-2019-19071: d26a9559403c7c3ec3b430f5825bc22c3d40abdb - d563131ef23cbc756026f839a82598c8445bc45f (v4.14-rc1 to v5.5-rc1) CVE-2019-19072: 80765597bc587feae8dbc8ce97a0f32e12a6e625 - 96c5c6e6a5b6db592acae039fed54b5c8844cd35 (v4.17-rc1 to v5.4-rc1) CVE-2019-19073: fb9987d0f748c983bb795a86f47522313f701a08 - 853acf7caf10b828102d92d05b5c101666a6142b (v2.6.35-rc1 to v5.4-rc1) @@ -2013,7 +2013,7 @@ CVE-2022-1280: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 869e76f7a918f010bd4518 CVE-2022-1353: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9a564bccb78a76740ea9d75a259942df8143d02c (v2.6.12-rc2 to v5.17) CVE-2022-1419: 502e95c6678505474f1056480310cd9382bacbac - 4b848f20eda5974020f043ca14bacf7a7e634fc8 (v4.1-rc1 to v5.6-rc2) CVE-2022-1462: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a501ab75e7624d133a5a3c7ec010687c8b961d23 (v2.6.12-rc2 to v5.19-rc7) -CVE-2022-1508: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 89c2b3b74918200e46699338d7bcc19b1ea12110 (v2.6.12-rc2 to v5.15-rc1) +CVE-2022-1508: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - 89c2b3b74918200e46699338d7bcc19b1ea12110 (v5.1-rc1 to v5.15-rc1) CVE-2022-1516: 4becb7ee5b3d2829ed7b9261a245a77d5b7de902 - 7781607938c8371d4c2b243527430241c62e39c2 (v5.7-rc5 to v5.18-rc1) CVE-2022-1651: 9c5137aedd112f78a968bdd2325de2ea06df46c0 - ecd1735f14d6ac868ae5d8b7a2bf193fa11f388b (v5.12-rc1-dontuse to v5.18-rc1) CVE-2022-1652: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f71f01394f742fc4558b3f9f4c7ef4c4cf3b07c8 (v2.6.12-rc2 to v5.18-rc6) @@ -2076,7 +2076,7 @@ CVE-2022-23042: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 66e3531b33ee51dad17c4 CVE-2022-2308: c8a6153b6c59d95c0e091f053f6f180952ade91e - 46f8a29272e51b6df7393d58fc5cb8967397ef2b (v5.15-rc1 to v6.0) CVE-2022-2318: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9cc02ede696272c5271a401e4f27c262359bc2f6 (v2.6.12-rc2 to v5.19-rc5) CVE-2022-23222: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c25b2ae136039ffa820c26138ed4a5e5f3ab3841 (v2.6.12-rc2 to v5.17-rc1) -CVE-2022-2327: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 44526bedc2ff8fcd58552e3c5bae928524b6f13c (v2.6.12-rc2 to v5.12-rc1-dontuse) +CVE-2022-2327: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - 44526bedc2ff8fcd58552e3c5bae928524b6f13c (v5.1-rc1 to v5.12-rc1-dontuse) CVE-2022-2380: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - bd771cf5c4254511cc4abb88f3dab3bd58bdf8e8 (v2.6.12-rc2 to v5.18-rc1) CVE-2022-23816: (n/a) - 742ab6df974ae8384a2dd213db1a3a06cf6d8936 (unk to v5.19-rc7) CVE-2022-23825: (n/a) - (n/a) (unk to unk) @@ -2389,7 +2389,7 @@ CVE-2023-23454: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - caa4b35b4317d5147b3ab CVE-2023-23455: b0188d4dbe5f4285372dd033acf7c92a97006629 - a2965c7be0522eaa18808684b7b82b248515511b (v2.6.23-rc1 to v6.2-rc3) CVE-2023-23559: 80f8c5b434f94926c6489d7350d58aecb53ab70f - b870e73a56c4cccbec33224233eaf295839f228c (v2.6.35-rc1 to v6.2-rc5) CVE-2023-23586: 500a373d731ac506612db12631ec21295c1ff360 - 4379bf8bd70b5de6bba7d53015b0c36c57a634ee (v5.10-rc1 to v5.12-rc1-dontuse) -CVE-2023-2430: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d (v2.6.12-rc2 to v6.2-rc5) +CVE-2023-2430: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d (v5.1-rc1 to v6.2-rc5) CVE-2023-2483: b9b17debc69d27cd55e21ee51a5ba7fc50a426cf - 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75 (v4.9-rc1 to v6.3-rc4) CVE-2023-25012: 4eb1b01de5b9d8596d6c103efcf1a15cfc1bedf7 - 76ca8da989c7d97a7f76c75d475fe95a584439d7 (v5.6-rc4 to v6.3-rc1) CVE-2023-2513: ac27a0ec112a089f1a5102bc8dffc79c8c815571 - 67d7d8ad99beccd9fe92d585b87f1760dc9018e3 (v2.6.19-rc2 to v6.0-rc1) @@ -2504,7 +2504,7 @@ CVE-2023-39192: 1b50b8a371e90a5e110f466e4ac02cf6b5f681de - 69c5d284f67089b4750d2 CVE-2023-39193: 2e4e6a17af35be359cc8f1c924f8f198fbd478cc - e99476497687ef9e850748fe6d232264f30bc8f9 (v2.6.16-rc1 to v6.6-rc1) CVE-2023-39194: d3623099d3509fa68fa28235366049dd3156c63a - dfa73c17d55b921e1d4e154976de35317e43a93a (v3.15-rc1 to v6.5-rc7) CVE-2023-39197: 2bc780499aa33311ec0f3e42624dfaa7be0ade5e - ff0a3a7d52ff7282dbd183e7fc29a1fe386b0c30 (v2.6.26-rc1 to v6.5-rc1) -CVE-2023-39198: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c611589b4259ed63b9b77be6872b1ce07ec0ac16 (v2.6.12-rc2 to v6.5-rc7) +CVE-2023-39198: f64122c1f6ade301585569863b4b3b18f6e4e332 - c611589b4259ed63b9b77be6872b1ce07ec0ac16 (v3.10-rc1 to v6.5-rc7) CVE-2023-4004: 3c4287f62044a90e73a561aa05fc46e62da173da - 87b5a5c209405cb6b57424cdfa226a6dbd349232 (v5.6-rc1 to v6.5-rc3) CVE-2023-4010: (n/a) - (n/a) (unk to unk) CVE-2023-4015: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - 0a771f7b266b02d262900c75f1e175c7fe76fec2 (v5.9-rc1 to v6.5-rc4) @@ -2549,13 +2549,13 @@ CVE-2023-47233: (n/a) - (n/a) (unk to unk) CVE-2023-4732: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8f34f1eac3820fc2722e5159acceb22545b30b0d (v2.6.12-rc2 to v5.14-rc1) CVE-2023-4881: 49499c3e6e18b7677a63316f3ff54a16533dc28f - fd94d9dadee58e09b49075240fe83423eb1dcd36 (v4.1-rc1 to v6.6-rc1) CVE-2023-4921: 462dbc9101acd38e92eda93c0726857517a24bbd - 8fc134fee27f2263988ae38920bc03da416b03d8 (v3.8-rc1 to v6.6-rc1) -CVE-2023-50431: (n/a) - (n/a) (unk to unk) +CVE-2023-50431: c4d66343a46a4931d6a547042198896e4fd1c592 - (n/a) (v5.1-rc1 to unk) CVE-2023-5090: 4d1d7942e36add0aa741a62d0c8e3aba2d5b3ab1 - b65235f6e102354ccafda601eaa1c5bef5284d21 (v6.0-rc1 to v6.6-rc7) CVE-2023-5158: b8c06ad4d67db56ed6bdfb685c134da74e92a2c7 - 7aed44babc7f97e82b38e9a68515e699692cc100 (v5.13-rc1 to v6.6-rc5) -CVE-2023-51779: (n/a) - 2e07e8348ea454615e268222ae3fc240421be768 (unk to v6.7-rc7) -CVE-2023-5178: 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - d920abd1e7c4884f9ecd0749d1921b7ab19ddfbd (v5.0-rc1 to v6.6-rc7) -CVE-2023-51780: (n/a) - 24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 (unk to v6.7-rc6) -CVE-2023-51781: (n/a) - 189ff16722ee36ced4d2a2469d4ab65a8fee4198 (unk to v6.7-rc6) +CVE-2023-51779: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2e07e8348ea454615e268222ae3fc240421be768 (v2.6.12-rc2 to v6.7-rc7) +CVE-2023-5178: 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - 872d26a391da92ed8f0c0f5cb5fef428067b7f30 (CVE Caused by Backporting) +CVE-2023-51780: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 (v2.6.12-rc2 to v6.7-rc6) +CVE-2023-51781: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 189ff16722ee36ced4d2a2469d4ab65a8fee4198 (v2.6.12-rc2 to v6.7-rc6) CVE-2023-51782: (n/a) - 810c38a369a0a0ce625b5c12169abce1dd9ccd53 (unk to v6.7-rc6) CVE-2023-5197: d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 - f15f29fd4779be8a418b66e9d52979bb6d6c2325 (v5.9-rc1 to v6.6-rc3) CVE-2023-5345: a4e430c8c8ba96be8c6ec4f2eb108bb8bcbee069 - e6e43b8aa7cd3c3af686caf0c2e11819a886d705 (v6.1-rc1 to v6.6-rc4) @@ -2563,20 +2563,27 @@ CVE-2023-5633: a950b989ea29ab3b38ea7f6e3d2540700a3c54e8 - 91398b413d03660fd5828f CVE-2023-5717: fa8c269353d560b7c28119ad7617029f92e40b15 - 32671e3799ca2e4590773fd0e63aaa4229e50c06 (v4.4-rc1 to v6.6-rc7) CVE-2023-5972: 3a07327d10a09379315c844c63f27941f5081e0a - 505ce0630ad5d31185695f8a29dde8d29f28faa7 (v6.2-rc1 to v6.6-rc7) CVE-2023-6039: 77dfff5bb7e20ce1eaaf4c599d9c54a8f4331124 - 1e7417c188d0a83fb385ba2dbe35fd2563f2b6f3 (v5.15-rc1 to v6.5-rc5) +CVE-2023-6040: (n/a) - f1082dd31fe461d482d69da2a8eccfeb7bf07ac2 (unk to v5.18-rc1) CVE-2023-6111: 4a9e12ea7e70223555ec010bec9f711089ce96f6 - 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630 (v6.6-rc3 to v6.7-rc1) -CVE-2023-6121: (n/a) - 1c22e0295a5eb571c27b53c7371f95699ef705ff (unk to v6.7-rc3) +CVE-2023-6121: a07b4970f464f13640e28e16dad6cfa33647cc99 - 1c22e0295a5eb571c27b53c7371f95699ef705ff (v4.8-rc1 to v6.7-rc3) CVE-2023-6176: 635d9398178659d8ddba79dd061f9451cec0b4d1 - cfaa80c91f6f99b9342b6557f0f0e1143e434066 (v5.7-rc7 to v6.6-rc2) CVE-2023-6238: 855b7717f44b13e0990aa5ad36bbf9aa35051516 - (n/a) (v6.2-rc1 to unk) +CVE-2023-6270: (n/a) - (n/a) (unk to unk) CVE-2023-6356: (n/a) - (n/a) (unk to unk) +CVE-2023-6531: 0091bfc81741b8d3aeb3b7ab8636f911b2de6e80 - 705318a99a138c29a512a72c3e0043b3cd7f55f4 (v6.1-rc1 to v6.7-rc5) CVE-2023-6535: (n/a) - (n/a) (unk to unk) CVE-2023-6536: (n/a) - (n/a) (unk to unk) -CVE-2023-6546: (n/a) - 3c4f8333b582487a2d1e02171f1465531cde53e3 (unk to v6.5-rc7) -CVE-2023-6560: (n/a) - 820d070feb668aab5bc9413c285a1dda2a70e076 (unk to v6.7-rc4) -CVE-2023-6606: (n/a) - b35858b3786ddbb56e1c35138ba25d6adf8d0bef (unk to v6.7-rc7) -CVE-2023-6610: (n/a) - 567320c46a60a3c39b69aa1df802d753817a3f86 (unk to v6.7-rc7) +CVE-2023-6546: e1eaea46bb4020b38a141b84f88565d4603f8dd0 - 3c4f8333b582487a2d1e02171f1465531cde53e3 (v2.6.35-rc1 to v6.5-rc7) +CVE-2023-6560: 2b188cc1bb857a9d4701ae59aa7768b5124e262e - 820d070feb668aab5bc9413c285a1dda2a70e076 (v5.1-rc1 to v6.7-rc4) +CVE-2023-6606: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b35858b3786ddbb56e1c35138ba25d6adf8d0bef (v2.6.12-rc2 to v6.7-rc7) +CVE-2023-6610: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 567320c46a60a3c39b69aa1df802d753817a3f86 (v2.6.12-rc2 to v6.7-rc7) CVE-2023-6622: (n/a) - 3701cd390fd731ee7ae8b8006246c8db82c72bea (unk to v6.7-rc5) -CVE-2023-6679: (n/a) - 65c95f78917ea6fa7ff189a2c19879c4fe161873 (unk to v6.7-rc6) +CVE-2023-6679: 9d71b54b65b1fb6c0d3a6c5c88ba9b915c783fbc - 65c95f78917ea6fa7ff189a2c19879c4fe161873 (v6.7-rc1 to v6.7-rc6) CVE-2023-6817: (n/a) - 317eb9685095678f2c9f5a8189de698c5354316a (unk to v6.7-rc5) CVE-2023-6931: (n/a) - 382c27f4ed28f803b1f1473ac2d8db0afc795a1b (unk to v6.7-rc5) -CVE-2023-6932: (n/a) - e2b706c691905fe78468c361aaabc719d0a496f1 (unk to v6.7-rc4) -CVE-2023-7042: (n/a) - (n/a) (unk to unk) +CVE-2023-6932: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e2b706c691905fe78468c361aaabc719d0a496f1 (v2.6.12-rc2 to v6.7-rc4) +CVE-2023-7042: 5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5 - (n/a) (v3.11-rc1 to unk) +CVE-2023-7192: 7d367e06688dc7a2cc98c2ace04e1296e1d987e2 - ac4893980bbe79ce383daf9a0885666a30fe4c83 (v3.3-rc6 to v6.3-rc1) +CVE-2024-0193: (n/a) - 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a (unk to v6.7) +CVE-2024-0340: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 (v2.6.12-rc2 to v6.4-rc6) +CVE-2024-0443: 3b8cc6298724021da845f2f9fd7dd4b6829a6817 - 20cb1c2fb7568a6054c55defe044311397e01ddb (v6.2-rc1 to v6.4-rc7) diff --git a/data/cmts.json b/data/cmts.json index d1c1fe65d..9c56bf8d6 100644 --- a/data/cmts.json +++ b/data/cmts.json @@ -465,6 +465,7 @@ "20aedafdf4926e7a957f8b302a18c8fb75c7e332": "v5.1-rc1", "20b2aff4bc15bda809f994761d5719827d66c0b4": "v5.17-rc1", "20c40794eb85ea29852d7bc37c55713802a543d6": "v5.12-rc3", + "20cb1c2fb7568a6054c55defe044311397e01ddb": "v6.4-rc7", "20e0fa98b751facf9a1101edaefbc19c82616a68": "v3.4-rc1", "20e1db19db5d6b9e4e83021595eab0dc8f107bef": "v3.6-rc5", "20e2b791796bd68816fa115f12be5320de2b8021": "v4.13-rc1", @@ -855,6 +856,7 @@ "3b49e2e94e6ebb8b23d0955d9e898254455734f8": "v4.16-rc1", "3b56496865f9f7d9bcb2f93b44c63f274f08e3b6": "v3.14-rc1", "3b82a4db8eaccce735dffd50b4d4e1578099b8e8": "v4.16-rc7", + "3b8cc6298724021da845f2f9fd7dd4b6829a6817": "v6.2-rc1", "3ba880a12df5aa4488c18281701b5b1bc3d4531a": "v5.17-rc1", "3bb2a01caa813d3a1845d378bbe4169ef280d394": "v6.3-rc1", "3bcd6c7eaa53b56c3f584da46a1f7652e759d0e5": "v6.1-rc7", @@ -1097,6 +1099,7 @@ "4d6636498c41891d0482a914dd570343a838ad79": "v5.4-rc7", "4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee": "v4.11", "4d7ea8ee90e42fc75995f6fb24032d3233314528": "v5.12-rc1-dontuse", + "4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9": "v6.4-rc6", "4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf": "v5.8-rc1", "4d97f7d53da7dc830dbf416a3d2a6778d267ae68": "v4.19-rc1", "4db66499df91b9398435e2dbee0e42cd6df0bc27": "v4.14-rc1", @@ -1335,6 +1338,7 @@ "5e31275cc997f8ec5d9e8d65fe9840ebed89db19": "v6.4-rc1", "5e3ca0ec76fce92daa4eed0d02de9c79b1fe3920": "v2.6.27-rc1", "5e3cc1ee1405a7eb3487ed24f786dec01b4cbe1f": "v5.1-rc1", + "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5": "v3.11-rc1", "5e6e3a92b9a4c9416b17f468fa5c7fa2233b8b4e": "v3.0-rc1", "5e87ddbe3942e27e939bdc02deb8579b0cbd8ecc": "v5.13-rc7", "5e99456c20f712dcc13d9f6ca4278937d5367355": "v5.0-rc1", @@ -1592,6 +1596,7 @@ "702171adeed3607ee9603ec30ce081411e36ae42": "v2.6.32-rc1", "70303420b5721c38998cf987e6b7d30cc62d4ff1": "v4.18-rc2", "704620afc70cf47abb9d6a1a57f3825d2bca49cf": "v4.20-rc6", + "705318a99a138c29a512a72c3e0043b3cd7f55f4": "v6.7-rc5", "7053aee26a3548ebaba046ae2e52396ccf56ac6c": "v3.14-rc1", "705c7091262d02b09eb686c24491de61bf42fdb2": "v4.14-rc1", "70789d7052239992824628db8133de08dc78e593": "v2.6.36-rc4", @@ -1631,6 +1636,7 @@ "72cd43ba64fc172a443410ce01645895850844c8": "v4.18-rc7", "72cf90124e87d975d0b2114d930808c58b4c05e4": "v3.18-rc1", "72dc1c096c7051a48ab1dbb12f71976656b55eb5": "v2.6.27-rc1", + "7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a": "v6.7", "73223e4e2e3867ebf033a5a8eb2e5df0158ccc99": "v4.13-rc6", "732d41c545bb359cbb8c94698bdc1f8bcf82279c": "v5.10-rc1", "734942cc4ea6478eed125af258da1bdbb4afe578": "v4.13-rc1", @@ -1771,6 +1777,7 @@ "7d0a06586b2686ba80c4a2da5f91cb10ffbea736": "v5.3-rc7", "7d11f77f84b27cef452cee332f4e469503084737": "v4.15-rc8", "7d267278a9ece963d77eefec61630223fce08c6c": "v4.4-rc4", + "7d367e06688dc7a2cc98c2ace04e1296e1d987e2": "v3.3-rc6", "7d3baf0afa3aa9102d6a521a8e4c41888bb79882": "v5.16-rc6", "7d3e91a89b7adbc2831334def9e494dd9892f9af": "v3.8-rc1", "7d5145d8eb2b9791533ffe4dc003b129b9696c48": "v3.8-rc7", @@ -2188,6 +2195,7 @@ "9d2231c5d74e13b2a0546fee6737ee4446017903": "v5.17-rc6", "9d47964bfd471f0dd4c89f28556aec68bffa0020": "v4.9-rc1", "9d538fa60bad4f7b23193c89e843797a1cf71ef3": "v4.14-rc4", + "9d71b54b65b1fb6c0d3a6c5c88ba9b915c783fbc": "v6.7-rc1", "9d71dd0c70099914fcd063135da3c580865e924c": "v5.4-rc1", "9d94c04c0db024922e886c9fd429659f22f48ea4": "v6.1-rc7", "9dc956b2c8523aed39d1e6508438be9fea28c8fc": "v4.19-rc1", @@ -2230,6 +2238,7 @@ "a00df2caffed3883c341d5685f830434312e4a43": "v5.15-rc1", "a03ffcf873fe0f2565386ca8ef832144c42e67fa": "v3.2-rc7", "a06247c6804f1a7c86a2e5398a4c1f1db1471848": "v5.17-rc2", + "a07b4970f464f13640e28e16dad6cfa33647cc99": "v4.8-rc1", "a08d3b3b99efd509133946056531cdf8f3a0c09b": "v3.14-rc5", "a096ccca6e503a5c575717ff8a36ace27510ab0a": "v6.3-rc1", "a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7": "v5.19-rc4", @@ -2388,6 +2397,7 @@ "abfaf0eee97925905e742aa3b0b72e04a918fa9e": "v5.17-rc1", "ac1e516d5a4c56bf0cb4a3dfc0672f689131cfd4": "v5.1-rc6", "ac27a0ec112a089f1a5102bc8dffc79c8c815571": "v2.6.19-rc2", + "ac4893980bbe79ce383daf9a0885666a30fe4c83": "v6.3-rc1", "ac60778b87e45576d7bfdbd6f53df902654e6f09": "v6.0-rc1", "ac64115a66c18c01745bbd3c47a36b124e5fd8c0": "v4.14-rc7", "ac6e780070e30e4c35bd395acfe9191e6268bdd3": "v4.9-rc6", @@ -2744,6 +2754,7 @@ "c4a3e0a529ab3e65223e81681c7c6b1bc188fa58": "v2.6.14-rc4", "c4baad50297d84bde1a7ad45e50c73adae4a2192": "v4.11-rc1", "c4c07b4d6fa1f11880eab8e076d3d060ef3f55fc": "v5.0-rc7", + "c4d66343a46a4931d6a547042198896e4fd1c592": "v5.1-rc1", "c4e490cf148e85ead0d1b1c2caaba833f1d5b29f": "v4.10-rc4", "c4eb1f403243fc7bbb7de644db8587c03de36da6": "v5.14-rc6", "c50ac050811d6485616a193eb0f37bfbd191cc89": "v3.5-rc1", @@ -2958,6 +2969,7 @@ "d3623099d3509fa68fa28235366049dd3156c63a": "v3.15-rc1", "d39083234c60519724c6ed59509a2129fd2aed41": "v5.5-rc1", "d3b0ffa1d75d5305ebe34735598993afbb8a869": "v5.5-rc1", + "d3b0ffa1d75d5305ebe34735598993afbb8a869d": "v5.5-rc1", "d3b16034a24a112bb83aeb669ac5b9b01f744bb7": "v5.14-rc1", "d3b6372c5881cb54925212abb62c521df8ba4809": "v5.17-rc8", "d3bd7413e0ca40b60cf60d4003246d067cafdeda": "v5.0-rc3", @@ -3104,6 +3116,7 @@ "e159332b9af4b04d882dbcfe1bb0117f0a6d4b58": "v3.19-rc3", "e16b859872b87650bb55b12cca5a5fcdc49c1442": "v5.18-rc3", "e192be9d9a30555aae2ca1dc3aad37cba484cd4a": "v4.8-rc1", + "e1eaea46bb4020b38a141b84f88565d4603f8dd0": "v2.6.35-rc1", "e1f32190cf7ddd55778b460e7d44af3f76529698": "v5.5-rc1", "e20cf8d3f1f763ad28a9cb3b41305b8a8a42653e": "v5.0-rc1", "e230a4455ac3e9b112f0367d1b8e255e141afae0": "v6.0-rc4", @@ -3300,6 +3313,7 @@ "f0d1bec9d58d4c038d0ac958c9af82be6eb18045": "v3.16-rc1", "f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9": "v2.6.19-rc4", "f106eee10038c2ee5b6056aaf3f6d5229be6dcdd": "v2.6.35-rc1", + "f1082dd31fe461d482d69da2a8eccfeb7bf07ac2": "v5.18-rc1", "f1174f77b50c94eecaa658fdc56fa69b421de4b8": "v4.14-rc1", "f14e22435a27ef183bbfa78f77ad86644c0b354c": "v3.10-rc5", "f15133df088ecadd141ea1907f2c96df67c729f0": "v4.1-rc3", @@ -3375,6 +3389,7 @@ "f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a": "v5.14-rc3", "f63a8daa5812afef4f06c962351687e1ff9ccb2b": "v4.0-rc1", "f63c2c2032c2e3caad9add3b82cc6e91c376fd26": "v5.19-rc6", + "f64122c1f6ade301585569863b4b3b18f6e4e332": "v3.10-rc1", "f644bc449b37cc32d3ce7b36a88073873aa21bd5": "v5.13-rc7", "f647d7c155f069c1a068030255c300663516420e": "v3.19-rc1", "f6505fbabc426b9e293da5bb702ace2eb1ccf87d": "v4.2-rc1", diff --git a/data/kernel_cves.json b/data/kernel_cves.json index 65d1a95ef..0463bb1d0 100644 --- a/data/kernel_cves.json +++ b/data/kernel_cves.json @@ -49755,9 +49755,9 @@ "score": 7.5 }, "cwe": "Uncontrolled Resource Consumption", - "fixes": "d3b0ffa1d75d5305ebe34735598993afbb8a869", + "fixes": "d3b0ffa1d75d5305ebe34735598993afbb8a869d", "last_affected_version": "5.4.6", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2019-19070", @@ -67346,9 +67346,22 @@ "affected_versions": "v4.15-rc9 to v5.11", "breaks": "68fda450a7df51cff9e5a4d4a4d9d0d5f2589153", "cmt_msg": "bpf: Fix 32 bit src register truncation on div/mod", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, "fixes": "e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90", "last_affected_version": "5.10", - "last_modified": "2021-09-04", + "last_modified": "2024-01-12", + "nvd_text": "It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2021-3600", "ExploitDB": "https://www.exploit-db.com/search?cve=2021-3600", @@ -73242,8 +73255,8 @@ } }, "CVE-2022-1508": { - "affected_versions": "v2.6.12-rc2 to v5.15-rc1", - "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "affected_versions": "v5.1-rc1 to v5.15-rc1", + "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", "cmt_msg": "io_uring: reexpand under-reexpanded iters", "cvss3": { "Attack Complexity": "Low", @@ -73259,7 +73272,7 @@ }, "cwe": "Out-of-bounds Read", "fixes": "89c2b3b74918200e46699338d7bcc19b1ea12110", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1508", @@ -73592,7 +73605,7 @@ "cwe": "Use After Free", "fixes": "4379bf8bd70b5de6bba7d53015b0c36c57a634ee", "last_affected_version": "5.10.116", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "A use-after-free flaw was found in the Linux kernel\u2019s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-1786", @@ -75382,8 +75395,8 @@ } }, "CVE-2022-2327": { - "affected_versions": "v2.6.12-rc2 to v5.12-rc1-dontuse", - "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "affected_versions": "v5.1-rc1 to v5.12-rc1-dontuse", + "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", "cmt_msg": "io_uring: remove any grabbing of context", "cvss3": { "Attack Complexity": "Low", @@ -75399,7 +75412,7 @@ }, "cwe": "Double Free", "fixes": "44526bedc2ff8fcd58552e3c5bae928524b6f13c", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2327", @@ -75890,7 +75903,8 @@ "cmt_msg": "posix-cpu-timers: Cleanup CPU timers before freeing them during exec", "fixes": "e362359ace6f87c201531872486ff295df306d13", "last_affected_version": "5.19.1", - "last_modified": "2022-09-22", + "last_modified": "2024-01-12", + "nvd_text": "It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2585", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2585", @@ -75904,9 +75918,22 @@ "affected_versions": "v3.16-rc1 to v6.0-rc1", "breaks": "958bee14d0718ca7a5002c0f48a099d1d345812a", "cmt_msg": "netfilter: nf_tables: do not allow SET_ID to refer to another table", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, "fixes": "470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2", "last_affected_version": "5.19.1", - "last_modified": "2023-06-04", + "last_modified": "2024-01-12", + "nvd_text": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2586", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2586", @@ -75920,9 +75947,22 @@ "affected_versions": "v2.6.12-rc2 to v6.0-rc1", "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "net_sched: cls_route: remove from list when handle is 0", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, "fixes": "9ad36309e2719a884f946678e0296be10f0bb4c1", "last_affected_version": "5.19.1", - "last_modified": "2022-09-22", + "last_modified": "2024-01-12", + "nvd_text": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2588", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2588", @@ -75966,9 +76006,22 @@ "affected_versions": "v5.1-rc1 to v6.1-rc1", "breaks": "6b06314c47e141031be043539900d80d2c7ba10f", "cmt_msg": "io_uring/af_unix: defer registered files gc to io_uring release", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.0 + }, "fixes": "0091bfc81741b8d3aeb3b7ab8636f911b2de6e80", "last_affected_version": "6.0.2", - "last_modified": "2023-03-31", + "last_modified": "2024-01-12", + "nvd_text": "io_uring UAF, Unix SCM garbage collection", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2022-2602", "ExploitDB": "https://www.exploit-db.com/search?cve=2022-2602", @@ -82506,9 +82559,22 @@ "affected_versions": "v5.19-rc1 to v6.3-rc2", "breaks": "da214a475f8bd1d3e9e7a19ddfeb4d1617551bab", "cmt_msg": "net: avoid double iput when sock_alloc_file fails", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 5.5 + }, "fixes": "649c15c7691e9b13cbe9bf6c65c365350e056067", "last_affected_version": "6.2.2", - "last_modified": "2023-03-21", + "last_modified": "2024-01-12", + "nvd_text": "The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1032", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-1032", @@ -82825,8 +82891,8 @@ "score": 6.5 }, "fixes": "3a9b557f44ea8f216aab515a7db20e23f0eb51b9", - "last_affected_version": "5.15.144", - "last_modified": "2023-12-27", + "last_affected_version": "6.1.70", + "last_modified": "2024-01-12", "nvd_text": "A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-1193", @@ -84878,8 +84944,8 @@ } }, "CVE-2023-2430": { - "affected_versions": "v2.6.12-rc2 to v6.2-rc5", - "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "affected_versions": "v5.1-rc1 to v6.2-rc5", + "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL", "cvss3": { "Attack Complexity": "Low", @@ -84895,7 +84961,7 @@ }, "fixes": "e12d7a46f65ae4b7d58a5e0c1cbfa825cf8d830d", "last_affected_version": "6.1.49", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-2430", @@ -86871,8 +86937,8 @@ }, "fixes": "9ef8d83e8e25d5f1811b3a38eb1484f85f64296c", "last_affected_version": "None", - "last_modified": "2023-12-06", - "nvd_text": "A double-free vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of vmw_buffer_object objects. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. This flaw allows a local privileged user to escalate privileges and execute code in the context of the kernel.", + "last_modified": "2024-01-12", + "nvd_text": "A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-33952", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-33952", @@ -86989,9 +87055,22 @@ "affected_versions": "v5.10-rc1 to v6.6-rc6", "breaks": "54c9de89895e0a36047fcc4ae754ea5b8655fb9d", "cmt_msg": "xen/events: replace evtchn_rwlock with RCU", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Network", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "High", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "score": 4.9 + }, "fixes": "87797fad6cce28ec9be3c13f031776ff4f104cfc", "last_affected_version": "6.5.6", - "last_modified": "2023-11-08", + "last_modified": "2024-01-12", + "nvd_text": "Closing of an event channel in the Linux kernel can result in a deadlock.\nThis happens when the close is being performed in parallel to an unrelated\nXen console action and the handling of a Xen console interrupt in an\nunprivileged guest.\n\nThe closing of an event channel is e.g. triggered by removal of a\nparavirtual device on the other side. As this action will cause console\nmessages to be issued on the other side quite often, the chance of\ntriggering the deadlock is not neglectable.\n\nNote that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel\non Arm doesn't use queued-RW-locks, which are required to trigger the\nissue (on Arm32 a waiting writer doesn't block further readers to get\nthe lock).\n", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-34324", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-34324", @@ -88107,8 +88186,8 @@ } }, "CVE-2023-39198": { - "affected_versions": "v2.6.12-rc2 to v6.5-rc7", - "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "affected_versions": "v3.10-rc1 to v6.5-rc7", + "breaks": "f64122c1f6ade301585569863b4b3b18f6e4e332", "cmt_msg": "drm/qxl: fix UAF on handle creation", "cvss3": { "Attack Complexity": "High", @@ -88124,7 +88203,7 @@ }, "fixes": "c611589b4259ed63b9b77be6872b1ce07ec0ac16", "last_affected_version": "6.4.11", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-39198", @@ -89374,8 +89453,8 @@ } }, "CVE-2023-50431": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v5.1-rc1 to unk", + "breaks": "c4d66343a46a4931d6a547042198896e4fd1c592", "cvss3": { "Attack Complexity": "Low", "Attack Vector": "Local", @@ -89390,7 +89469,7 @@ }, "cwe": "Unspecified", "fixes": "", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-50431", @@ -89461,11 +89540,12 @@ } }, "CVE-2023-51779": { - "affected_versions": "unk to v6.7-rc7", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc7", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg", "fixes": "2e07e8348ea454615e268222ae3fc240421be768", - "last_modified": "2023-12-27", + "last_affected_version": "6.6.8", + "last_modified": "2024-01-12", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-51779", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-51779", @@ -89477,6 +89557,7 @@ }, "CVE-2023-5178": { "affected_versions": "v5.0-rc1 to v6.6-rc7", + "backport": true, "breaks": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", "cvss3": { @@ -89491,9 +89572,9 @@ "raw": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "score": 8.8 }, - "fixes": "d920abd1e7c4884f9ecd0749d1921b7ab19ddfbd", + "fixes": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "last_affected_version": "6.5.8", - "last_modified": "2023-12-06", + "last_modified": "2024-01-12", "nvd_text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious local privileged user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation problem.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-5178", @@ -89505,12 +89586,13 @@ } }, "CVE-2023-51780": { - "affected_versions": "unk to v6.7-rc6", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc6", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "atm: Fix Use-After-Free in do_vcc_ioctl", "fixes": "24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3", "last_affected_version": "6.6.7", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", + "nvd_text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-51780", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-51780", @@ -89521,12 +89603,13 @@ } }, "CVE-2023-51781": { - "affected_versions": "unk to v6.7-rc6", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc6", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "appletalk: Fix Use-After-Free in atalk_ioctl", "fixes": "189ff16722ee36ced4d2a2469d4ab65a8fee4198", "last_affected_version": "6.6.7", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", + "nvd_text": "An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-51781", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-51781", @@ -89542,7 +89625,8 @@ "cmt_msg": "net/rose: Fix Use-After-Free in rose_ioctl", "fixes": "810c38a369a0a0ce625b5c12169abce1dd9ccd53", "last_affected_version": "6.6.7", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", + "nvd_text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-51782", "ExploitDB": "https://www.exploit-db.com/search?cve=2023-51782", @@ -89726,6 +89810,22 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-6039" } }, + "CVE-2023-6040": { + "affected_versions": "unk to v5.18-rc1", + "breaks": "", + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family", + "fixes": "f1082dd31fe461d482d69da2a8eccfeb7bf07ac2", + "last_modified": "2024-01-12", + "nvd_text": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6040", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6040", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-6040", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-6040", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-6040", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-6040" + } + }, "CVE-2023-6111": { "affected_versions": "v6.6-rc3 to v6.7-rc1", "breaks": "4a9e12ea7e70223555ec010bec9f711089ce96f6", @@ -89756,8 +89856,8 @@ } }, "CVE-2023-6121": { - "affected_versions": "unk to v6.7-rc3", - "breaks": "", + "affected_versions": "v4.8-rc1 to v6.7-rc3", + "breaks": "a07b4970f464f13640e28e16dad6cfa33647cc99", "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command", "cvss3": { "Attack Complexity": "Low", @@ -89773,7 +89873,7 @@ }, "fixes": "1c22e0295a5eb571c27b53c7371f95699ef705ff", "last_affected_version": "6.6.3", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6121", @@ -89840,6 +89940,33 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-6238" } }, + "CVE-2023-6270": { + "affected_versions": "unk to unk", + "breaks": "", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.0 + }, + "fixes": "", + "last_modified": "2024-01-12", + "nvd_text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6270", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6270", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-6270", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-6270", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-6270", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-6270" + } + }, "CVE-2023-6356": { "affected_versions": "unk to unk", "breaks": "", @@ -89854,6 +89981,22 @@ "Ubuntu": "https://ubuntu.com/security/CVE-2023-6356" } }, + "CVE-2023-6531": { + "affected_versions": "v6.1-rc1 to v6.7-rc5", + "breaks": "0091bfc81741b8d3aeb3b7ab8636f911b2de6e80", + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets", + "fixes": "705318a99a138c29a512a72c3e0043b3cd7f55f4", + "last_affected_version": "6.6.6", + "last_modified": "2024-01-12", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6531", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-6531", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-6531", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-6531", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-6531", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-6531" + } + }, "CVE-2023-6535": { "affected_versions": "unk to unk", "breaks": "", @@ -89883,12 +90026,24 @@ } }, "CVE-2023-6546": { - "affected_versions": "unk to v6.5-rc7", - "breaks": "", + "affected_versions": "v2.6.35-rc1 to v6.5-rc7", + "breaks": "e1eaea46bb4020b38a141b84f88565d4603f8dd0", "cmt_msg": "tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.0 + }, "fixes": "3c4f8333b582487a2d1e02171f1465531cde53e3", "last_affected_version": "6.4.11", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6546", @@ -89900,8 +90055,8 @@ } }, "CVE-2023-6560": { - "affected_versions": "unk to v6.7-rc4", - "breaks": "", + "affected_versions": "v5.1-rc1 to v6.7-rc4", + "breaks": "2b188cc1bb857a9d4701ae59aa7768b5124e262e", "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP", "cvss3": { "Attack Complexity": "Low", @@ -89917,7 +90072,7 @@ }, "fixes": "820d070feb668aab5bc9413c285a1dda2a70e076", "last_affected_version": "6.6.4", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6560", @@ -89929,8 +90084,8 @@ } }, "CVE-2023-6606": { - "affected_versions": "unk to v6.7-rc7", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc7", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "smb: client: fix OOB in smbCalcSize()", "cvss3": { "Attack Complexity": "Low", @@ -89945,7 +90100,8 @@ "score": 7.1 }, "fixes": "b35858b3786ddbb56e1c35138ba25d6adf8d0bef", - "last_modified": "2023-12-27", + "last_affected_version": "6.6.8", + "last_modified": "2024-01-12", "nvd_text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6606", @@ -89957,8 +90113,8 @@ } }, "CVE-2023-6610": { - "affected_versions": "unk to v6.7-rc7", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc7", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "smb: client: fix potential OOB in smb2_dump_detail()", "cvss3": { "Attack Complexity": "Low", @@ -89973,7 +90129,7 @@ "score": 7.1 }, "fixes": "567320c46a60a3c39b69aa1df802d753817a3f86", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6610", @@ -90014,8 +90170,8 @@ } }, "CVE-2023-6679": { - "affected_versions": "unk to v6.7-rc6", - "breaks": "", + "affected_versions": "v6.7-rc1 to v6.7-rc6", + "breaks": "9d71b54b65b1fb6c0d3a6c5c88ba9b915c783fbc", "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()", "cvss3": { "Attack Complexity": "Low", @@ -90030,7 +90186,7 @@ "score": 5.5 }, "fixes": "65c95f78917ea6fa7ff189a2c19879c4fe161873", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6679", @@ -90074,9 +90230,21 @@ "affected_versions": "unk to v6.7-rc5", "breaks": "", "cmt_msg": "perf: Fix perf_event_validate_size()", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.8 + }, "fixes": "382c27f4ed28f803b1f1473ac2d8db0afc795a1b", "last_affected_version": "6.6.6", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.\n\n", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6931", @@ -90088,12 +90256,24 @@ } }, "CVE-2023-6932": { - "affected_versions": "unk to v6.7-rc4", - "breaks": "", + "affected_versions": "v2.6.12-rc2 to v6.7-rc4", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "cmt_msg": "ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet", + "cvss3": { + "Attack Complexity": "High", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "score": 7.0 + }, "fixes": "e2b706c691905fe78468c361aaabc719d0a496f1", "last_affected_version": "6.6.4", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.\n\n", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-6932", @@ -90105,10 +90285,22 @@ } }, "CVE-2023-7042": { - "affected_versions": "unk to unk", - "breaks": "", + "affected_versions": "v3.11-rc1 to unk", + "breaks": "5e3dd157d7e70f0e3cea3f2573ed69fb156a19d5", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "Low", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "score": 5.5 + }, "fixes": "", - "last_modified": "2023-12-27", + "last_modified": "2024-01-12", "nvd_text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.", "ref_urls": { "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-7042", @@ -90118,5 +90310,108 @@ "SUSE": "https://www.suse.com/security/cve/CVE-2023-7042", "Ubuntu": "https://ubuntu.com/security/CVE-2023-7042" } + }, + "CVE-2023-7192": { + "affected_versions": "v3.3-rc6 to v6.3-rc1", + "breaks": "7d367e06688dc7a2cc98c2ace04e1296e1d987e2", + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "None", + "Integrity": "None", + "Privileges Required": "High", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "score": 4.4 + }, + "fixes": "ac4893980bbe79ce383daf9a0885666a30fe4c83", + "last_affected_version": "6.2.4", + "last_modified": "2024-01-12", + "nvd_text": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2023-7192", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-7192", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2023-7192", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2023-7192", + "SUSE": "https://www.suse.com/security/cve/CVE-2023-7192", + "Ubuntu": "https://ubuntu.com/security/CVE-2023-7192" + } + }, + "CVE-2024-0193": { + "affected_versions": "unk to v6.7", + "breaks": "", + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cvss3": { + "Attack Complexity": "Low", + "Attack Vector": "Local", + "Availability": "High", + "Confidentiality": "High", + "Integrity": "High", + "Privileges Required": "High", + "Scope": "Unchanged", + "User Interaction": "None", + "raw": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "score": 6.7 + }, + "fixes": "7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a", + "last_affected_version": "6.6", + "last_modified": "2024-01-12", + "nvd_text": "A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0193", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-0193", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-0193", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-0193", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-0193", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-0193" + } + }, + "CVE-2024-0340": { + "affected_versions": "v2.6.12-rc2 to v6.4-rc6", + "breaks": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()", + "fixes": "4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9", + "last_modified": "2024-01-12", + "nvd_text": "A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0340", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-0340", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-0340", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-0340", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-0340", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-0340" + } + }, + "CVE-2024-0443": { + "affected_versions": "v6.2-rc1 to v6.4-rc7", + "breaks": "3b8cc6298724021da845f2f9fd7dd4b6829a6817", + "cmt_msg": "blk-cgroup: Flush stats before releasing blkcg_gq", + "fixes": "20cb1c2fb7568a6054c55defe044311397e01ddb", + "last_affected_version": "6.3.8", + "last_modified": "2024-01-12", + "nvd_text": "A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.", + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/CVE-2024-0443", + "ExploitDB": "https://www.exploit-db.com/search?cve=2024-0443", + "NVD": "https://nvd.nist.gov/vuln/detail/CVE-2024-0443", + "Red Hat": "https://access.redhat.com/security/cve/CVE-2024-0443", + "SUSE": "https://www.suse.com/security/cve/CVE-2024-0443", + "Ubuntu": "https://ubuntu.com/security/CVE-2024-0443" + } + }, + "dd=CVE-2023-1476": { + "last_modified": "2024-01-12", + "new": true, + "ref_urls": { + "Debian": "https://security-tracker.debian.org/tracker/dd=CVE-2023-1476", + "ExploitDB": "https://www.exploit-db.com/search?cve=2023-1476", + "NVD": "https://nvd.nist.gov/vuln/detail/dd=CVE-2023-1476", + "Red Hat": "https://access.redhat.com/security/cve/dd=CVE-2023-1476", + "SUSE": "https://www.suse.com/security/cve/dd=CVE-2023-1476", + "Ubuntu": "https://ubuntu.com/security/dd=CVE-2023-1476" + } } } \ No newline at end of file diff --git a/data/stream_data.json b/data/stream_data.json index 98a306993..443486391 100644 --- a/data/stream_data.json +++ b/data/stream_data.json @@ -1974,8 +1974,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -2394,8 +2394,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -2409,9 +2409,6 @@ "CVE-2023-35824": { "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -2553,9 +2550,6 @@ "CVE-2019-11599": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-15572": { "cmt_msg": "x86/speculation: Protect against userspace-userspace spectreRSB" }, @@ -3213,9 +3207,6 @@ "CVE-2016-1576": { "cmt_msg": "ovl: setattr: check permissions before copy-up" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10323": { "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" }, @@ -3294,9 +3285,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -3408,6 +3396,9 @@ "CVE-2023-40283": { "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -3528,9 +3519,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -3624,6 +3612,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -3699,6 +3690,9 @@ "CVE-2019-15902": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -3720,9 +3714,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -3741,6 +3732,9 @@ "CVE-2017-5967": { "cmt_msg": "time: Remove CONFIG_TIMER_STATS" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -4128,6 +4122,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -4335,9 +4332,6 @@ "CVE-2017-18193": { "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -4437,6 +4431,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -4812,6 +4809,9 @@ "CVE-2017-1000410": { "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -4851,8 +4851,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -5307,8 +5307,8 @@ "CVE-2022-38096": { "cmt_msg": "" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -5340,9 +5340,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -6216,6 +6213,9 @@ "CVE-2018-1118": { "cmt_msg": "vhost: fix info leak due to uninitialized memory" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -6330,6 +6330,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -6474,9 +6477,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -6951,6 +6951,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -7026,9 +7029,6 @@ "CVE-2017-17807": { "cmt_msg": "KEYS: add missing permission check for request_key() destination" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2017-17805": { "cmt_msg": "crypto: salsa20 - fix blkcipher_walk API usage" }, @@ -7038,9 +7038,6 @@ "CVE-2019-19527": { "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2017-7542": { "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" }, @@ -7071,6 +7068,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -7095,9 +7095,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -7539,6 +7536,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -7917,9 +7917,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -8515,6 +8512,9 @@ "CVE-2017-1000410": { "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2021-0129": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -8548,8 +8548,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -9028,9 +9028,6 @@ "CVE-2021-3892": { "cmt_msg": "" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -9535,9 +9532,6 @@ "CVE-2019-9445": { "cmt_msg": "f2fs: check if file namelen exceeds max value" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -9853,6 +9847,9 @@ "CVE-2018-1118": { "cmt_msg": "vhost: fix info leak due to uninitialized memory" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -9952,9 +9949,6 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -10090,9 +10084,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -10525,6 +10516,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -10624,6 +10618,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -11059,6 +11056,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -11416,9 +11416,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers" }, @@ -11542,6 +11539,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -11569,9 +11569,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2021-1048": { "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" }, @@ -11885,6 +11882,9 @@ "CVE-2017-1000410": { "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2021-0129": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -11918,8 +11918,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -12395,9 +12395,6 @@ "CVE-2021-3892": { "cmt_msg": "" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -12929,9 +12926,6 @@ "CVE-2019-9445": { "cmt_msg": "f2fs: check if file namelen exceeds max value" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -13268,6 +13262,9 @@ "CVE-2018-1118": { "cmt_msg": "vhost: fix info leak due to uninitialized memory" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -13367,8 +13364,8 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." @@ -13508,9 +13505,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -13979,6 +13973,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -14081,6 +14078,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -14531,6 +14531,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -14897,9 +14900,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2023-1079": { "cmt_msg": "HID: asus: use spinlock to safely schedule workers" }, @@ -15059,9 +15059,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2021-1048": { "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" }, @@ -15374,6 +15371,9 @@ "CVE-2020-24586": { "cmt_msg": "mac80211: prevent mixed key and fragment cache attacks" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2021-0129": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -15407,8 +15407,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -15884,9 +15884,6 @@ "CVE-2021-3892": { "cmt_msg": "" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -16370,9 +16367,6 @@ "CVE-2020-10690": { "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -16766,9 +16760,6 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -16889,9 +16880,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -17303,6 +17291,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -17393,6 +17384,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -17825,6 +17819,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -17918,6 +17915,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -18161,9 +18161,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -18278,6 +18275,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-51779": { "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" }, @@ -18314,9 +18314,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2021-1048": { "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" }, @@ -22123,9 +22120,13 @@ } }, "4.14.308": { - "CVE-2023-45862": { - "cmt_msg": "USB: ene_usb6250: Allocate enough memory for full object", - "cmt_id": "26f31c6e1389c23a1b822a61c59d5d1f357cb478" + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "8df5f3b50d9ce523251edf9cd0470963be20004b" + }, + "CVE-2023-1829": { + "cmt_msg": "net/sched: Retire tcindex classifier", + "cmt_id": "53af9c793f644d5841d84d8e0ad83bd7ab47f3e0" }, "CVE-2023-2985": { "cmt_msg": "fs: hfsplus: fix UAF issue in hfsplus_put_super", @@ -22135,9 +22136,9 @@ "cmt_msg": "HID: asus: use spinlock to safely schedule workers", "cmt_id": "df0fad94ca3787727b9cdd76797aaacf46fe93ed" }, - "CVE-2023-1829": { - "cmt_msg": "net/sched: Retire tcindex classifier", - "cmt_id": "53af9c793f644d5841d84d8e0ad83bd7ab47f3e0" + "CVE-2023-45862": { + "cmt_msg": "USB: ene_usb6250: Allocate enough memory for full object", + "cmt_id": "26f31c6e1389c23a1b822a61c59d5d1f357cb478" }, "CVE-2023-1118": { "cmt_msg": "media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()", @@ -22560,9 +22561,6 @@ "CVE-2019-19241": { "cmt_msg": "io_uring: async workers should inherit the user creds" }, - "CVE-2023-0386": { - "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" - }, "CVE-2023-7042": { "cmt_msg": "" }, @@ -22671,6 +22669,9 @@ "CVE-2020-26145": { "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2022-29901": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, @@ -22713,6 +22714,9 @@ "CVE-2022-2991": { "cmt_msg": "remove the lightnvm subsystem" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -22782,8 +22786,8 @@ "CVE-2005-3660": { "cmt_msg": "" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-0386": { + "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, "CVE-2023-31083": { "cmt_msg": "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" @@ -22821,6 +22825,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2008-4609": { "cmt_msg": "" }, @@ -22842,6 +22849,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -22866,8 +22876,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2020-12362": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" @@ -22884,15 +22894,9 @@ "CVE-2023-37454": { "cmt_msg": "" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -22920,6 +22924,9 @@ "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -23040,12 +23047,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2020-36310": { "cmt_msg": "KVM: SVM: avoid infinite loop on NPF from bad address" }, @@ -23088,9 +23089,6 @@ "CVE-2019-19039": { "cmt_msg": "btrfs: Don't submit any btree write bio if the fs has errors" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2021-3847": { "cmt_msg": "" }, @@ -23411,8 +23409,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -24131,9 +24129,6 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2018-20854": { "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" }, @@ -24320,9 +24315,6 @@ "CVE-2022-42703": { "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -24716,9 +24708,6 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -24830,9 +24819,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -24965,6 +24951,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -25217,6 +25206,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -25307,6 +25299,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -25355,6 +25350,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -25802,6 +25800,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -26036,9 +26037,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -26156,6 +26154,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -26186,9 +26187,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -26507,8 +26505,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -26984,9 +26982,6 @@ "CVE-2021-3892": { "cmt_msg": "" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -27446,9 +27441,6 @@ "CVE-2022-42703": { "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -27851,9 +27843,6 @@ "CVE-2018-12633": { "cmt_msg": "virt: vbox: Only copy_from_user the request-header once" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -27977,9 +27966,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -28112,6 +28098,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -28370,6 +28359,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -28460,6 +28452,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -28508,6 +28503,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -28973,6 +28971,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -29213,9 +29214,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -29330,6 +29328,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-51779": { "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" }, @@ -29363,9 +29364,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -32658,6 +32656,10 @@ } }, "4.19.276": { + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "43b9a9c78e37a5532c2a9260dff9d9989f2bbb23" + }, "CVE-2023-1829": { "cmt_msg": "net/sched: Retire tcindex classifier", "cmt_id": "01d0d2b8b4e3cf2110baba9371c0c3d04ad5c77b" @@ -33005,6 +33007,12 @@ "cmt_id": "580ff9f59ab6537d8ce1d0d9f012cf970553ef3d" } }, + "4.19.304": { + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "89b6ae907c6bcc175bc95a67d6936217530a29ff" + } + }, "outstanding": { "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" @@ -33093,9 +33101,6 @@ "CVE-2020-11725": { "cmt_msg": "" }, - "CVE-2023-31084": { - "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" - }, "CVE-2022-0382": { "cmt_msg": "net ticp:fix a kernel-infoleak in __tipc_sendmsg()" }, @@ -33153,9 +33158,6 @@ "CVE-2022-1789": { "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2016-8660": { "cmt_msg": "" }, @@ -33225,6 +33227,9 @@ "CVE-2020-26145": { "cmt_msg": "ath10k: drop fragments with multicast DA for PCIe" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2022-29901": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" }, @@ -33258,6 +33263,9 @@ "CVE-2022-2991": { "cmt_msg": "remove the lightnvm subsystem" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -33333,8 +33341,8 @@ "CVE-2005-3660": { "cmt_msg": "" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-31084": { + "cmt_msg": "media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()" }, "CVE-2023-31083": { "cmt_msg": "Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO" @@ -33366,6 +33374,9 @@ "CVE-2022-36402": { "cmt_msg": "" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2008-4609": { "cmt_msg": "" }, @@ -33378,12 +33389,12 @@ "CVE-2020-14304": { "cmt_msg": "" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -33405,8 +33416,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2020-12362": { "cmt_msg": "drm/i915/guc: Update to use firmware v49.0.1" @@ -33426,15 +33437,9 @@ "CVE-2023-37454": { "cmt_msg": "" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -33462,6 +33467,9 @@ "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -33573,9 +33581,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2019-0149": { "cmt_msg": "i40e: Add bounds check for ch[] array" }, @@ -33615,9 +33620,6 @@ "CVE-2023-20569": { "cmt_msg": "x86/bugs: Increase the x86 bugs vector size to two u32s" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2021-3847": { "cmt_msg": "" }, @@ -33904,8 +33906,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -34504,9 +34506,6 @@ "CVE-2019-11599": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2022-29581": { "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" }, @@ -34615,9 +34614,6 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2018-20854": { "cmt_msg": "phy: ocelot-serdes: fix out-of-bounds read" }, @@ -35191,9 +35187,6 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -35302,9 +35295,6 @@ "CVE-2019-9213": { "cmt_msg": "mm: enforce min addr even if capable() in expand_downwards()" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -35431,6 +35421,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -35671,6 +35664,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -35770,6 +35766,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -35824,6 +35823,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -36253,6 +36255,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -36478,9 +36483,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -36598,6 +36600,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -36628,9 +36633,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -38306,8 +38308,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -38420,6 +38422,9 @@ "CVE-2022-0002": { "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2015-4178": { "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." }, @@ -38720,8 +38725,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -38747,9 +38752,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -38927,6 +38929,9 @@ "CVE-2017-8797": { "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2018-10675": { "cmt_msg": "mm/mempolicy: fix use after free when calling get_mempolicy" }, @@ -39203,9 +39208,6 @@ "CVE-2020-10690": { "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -39494,9 +39496,6 @@ "CVE-2016-7917": { "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2019-16232": { "cmt_msg": "libertas: fix a potential NULL pointer dereference" }, @@ -39512,6 +39511,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-25020": { "cmt_msg": "bpf: fix truncated jump targets on heavy expansions" }, @@ -39668,9 +39670,6 @@ "CVE-2019-11191": { "cmt_msg": "x86: Deprecate a.out support" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10323": { "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" }, @@ -40040,9 +40039,6 @@ "CVE-2016-6136": { "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -40157,6 +40153,9 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -40256,6 +40255,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -40280,9 +40282,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2018-17977": { "cmt_msg": "" }, @@ -40646,6 +40645,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -40973,9 +40975,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2022-1280": { "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" }, @@ -42316,8 +42315,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -42454,6 +42453,9 @@ "CVE-2022-0002": { "cmt_msg": "x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2015-4178": { "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." }, @@ -42784,8 +42786,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -43012,6 +43014,9 @@ "CVE-2017-8797": { "cmt_msg": "nfsd: fix undefined behavior in nfsd4_layout_verify" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2015-5307": { "cmt_msg": "KVM: x86: work around infinite loop in microcode when #AC is delivered" }, @@ -43312,9 +43317,6 @@ "CVE-2020-10690": { "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -43324,6 +43326,9 @@ "CVE-2018-7757": { "cmt_msg": "scsi: libsas: fix memory leak in sas_smp_get_phy_events()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-0330": { "cmt_msg": "drm/i915: Flush TLBs before releasing backing store" }, @@ -43630,9 +43635,6 @@ "CVE-2016-7913": { "cmt_msg": "[media] xc2028: avoid use after free" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2019-16232": { "cmt_msg": "libertas: fix a potential NULL pointer dereference" }, @@ -43648,6 +43650,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -43822,9 +43827,6 @@ "CVE-2016-5195": { "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10323": { "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" }, @@ -44233,9 +44235,6 @@ "CVE-2016-6136": { "cmt_msg": "audit: fix a double fetch in audit_log_single_execve_arg()" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -44359,6 +44358,9 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -44473,6 +44475,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -44497,9 +44502,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2018-17977": { "cmt_msg": "" }, @@ -45190,9 +45192,6 @@ "CVE-2020-10742": { "cmt_msg": "new helper: iov_iter_get_pages_alloc()" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2017-12168": { "cmt_msg": "arm64: KVM: pmu: Fix AArch32 cycle counter access" }, @@ -45253,9 +45252,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2022-1280": { "cmt_msg": "drm: avoid circular locks in drm_mode_getconnector" }, @@ -48598,8 +48594,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -48712,9 +48708,6 @@ "CVE-2020-16120": { "cmt_msg": "ovl: switch to mounter creds in readdir" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2022-1204": { "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" }, @@ -49129,9 +49122,6 @@ "CVE-2021-4002": { "cmt_msg": "hugetlbfs: flush TLBs correctly after huge_pmd_unshare" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2019-16232": { "cmt_msg": "libertas: fix a potential NULL pointer dereference" }, @@ -49237,9 +49227,6 @@ "CVE-2019-11191": { "cmt_msg": "x86: Deprecate a.out support" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10322": { "cmt_msg": "xfs: enhance dinode verifier" }, @@ -49354,6 +49341,9 @@ "CVE-2020-0427": { "cmt_msg": "pinctrl: devicetree: Avoid taking direct reference to device name string" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2017-9984": { "cmt_msg": "ALSA: msnd: Optimize / harden DSP and MIDI loops" }, @@ -49444,9 +49434,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -49477,9 +49464,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29265": { "cmt_msg": "usbip: fix stub_dev usbip_sockfd_store() races leading to gpf" }, @@ -49510,6 +49494,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -49576,6 +49563,9 @@ "CVE-2019-15902": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -49609,6 +49599,9 @@ "CVE-2017-5967": { "cmt_msg": "time: Remove CONFIG_TIMER_STATS" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -49900,6 +49893,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -50071,9 +50067,6 @@ "CVE-2017-18193": { "cmt_msg": "f2fs: fix a bug caused by NULL extent tree" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" }, @@ -50164,6 +50157,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -50182,9 +50178,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -50244,6 +50237,292 @@ } } }, + "6.7": { + "6.7": { + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cmt_id": "7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a" + } + }, + "outstanding": { + "CVE-2020-26556": { + "cmt_msg": "" + }, + "CVE-2020-26557": { + "cmt_msg": "" + }, + "CVE-2019-20794": { + "cmt_msg": "" + }, + "CVE-2020-26559": { + "cmt_msg": "" + }, + "CVE-2020-35501": { + "cmt_msg": "" + }, + "CVE-2023-4010": { + "cmt_msg": "" + }, + "CVE-2018-1121": { + "cmt_msg": "" + }, + "CVE-2019-19378": { + "cmt_msg": "" + }, + "CVE-2020-24503": { + "cmt_msg": "" + }, + "CVE-2020-24502": { + "cmt_msg": "" + }, + "CVE-2020-11725": { + "cmt_msg": "" + }, + "CVE-2022-23825": { + "cmt_msg": "" + }, + "CVE-2023-3397": { + "cmt_msg": "" + }, + "CVE-2021-3864": { + "cmt_msg": "" + }, + "CVE-2022-3606": { + "cmt_msg": "" + }, + "CVE-2019-19814": { + "cmt_msg": "" + }, + "CVE-2022-2209": { + "cmt_msg": "" + }, + "CVE-2023-7042": { + "cmt_msg": "" + }, + "CVE-2021-26934": { + "cmt_msg": "" + }, + "CVE-2023-47233": { + "cmt_msg": "" + }, + "CVE-2016-8660": { + "cmt_msg": "" + }, + "CVE-2023-6270": { + "cmt_msg": "" + }, + "CVE-2020-15802": { + "cmt_msg": "" + }, + "CVE-2022-36402": { + "cmt_msg": "" + }, + "CVE-2008-2544": { + "cmt_msg": "" + }, + "CVE-2023-6356": { + "cmt_msg": "" + }, + "CVE-2019-15239": { + "cmt_msg": "unknown" + }, + "CVE-2007-3719": { + "cmt_msg": "" + }, + "CVE-2023-20941": { + "cmt_msg": "" + }, + "CVE-2023-21400": { + "cmt_msg": "" + }, + "CVE-2023-2640": { + "cmt_msg": "" + }, + "CVE-2010-4563": { + "cmt_msg": "" + }, + "CVE-2020-26140": { + "cmt_msg": "" + }, + "CVE-2020-26143": { + "cmt_msg": "" + }, + "CVE-2020-26142": { + "cmt_msg": "" + }, + "CVE-2022-3533": { + "cmt_msg": "" + }, + "CVE-2022-1247": { + "cmt_msg": "" + }, + "CVE-2020-10708": { + "cmt_msg": "" + }, + "CVE-2022-4543": { + "cmt_msg": "" + }, + "CVE-2017-13693": { + "cmt_msg": "" + }, + "CVE-2021-0399": { + "cmt_msg": "" + }, + "CVE-2017-13694": { + "cmt_msg": "" + }, + "CVE-2012-4542": { + "cmt_msg": "" + }, + "CVE-2013-7445": { + "cmt_msg": "" + }, + "CVE-2005-3660": { + "cmt_msg": "" + }, + "CVE-2023-6238": { + "cmt_msg": "" + }, + "CVE-2023-31082": { + "cmt_msg": "" + }, + "CVE-2023-31081": { + "cmt_msg": "" + }, + "CVE-2022-38096": { + "cmt_msg": "" + }, + "CVE-2022-3544": { + "cmt_msg": "" + }, + "CVE-2022-3238": { + "cmt_msg": "" + }, + "CVE-2008-4609": { + "cmt_msg": "" + }, + "CVE-2020-14304": { + "cmt_msg": "" + }, + "CVE-2020-0347": { + "cmt_msg": "" + }, + "CVE-2021-3714": { + "cmt_msg": "" + }, + "CVE-2019-12456": { + "cmt_msg": "" + }, + "CVE-2020-26560": { + "cmt_msg": "" + }, + "CVE-2021-3892": { + "cmt_msg": "" + }, + "CVE-2023-37454": { + "cmt_msg": "" + }, + "CVE-2023-50431": { + "cmt_msg": "" + }, + "CVE-2022-3642": { + "cmt_msg": "" + }, + "CVE-2011-4917": { + "cmt_msg": "" + }, + "CVE-2019-15902": { + "cmt_msg": "unknown" + }, + "CVE-2019-15290": { + "cmt_msg": "" + }, + "CVE-2023-6535": { + "cmt_msg": "" + }, + "CVE-2023-6536": { + "cmt_msg": "" + }, + "CVE-2018-17977": { + "cmt_msg": "" + }, + "CVE-2022-26878": { + "cmt_msg": "" + }, + "CVE-2022-41848": { + "cmt_msg": "" + }, + "CVE-2022-1116": { + "cmt_msg": "" + }, + "CVE-2010-5321": { + "cmt_msg": "" + }, + "CVE-2018-12930": { + "cmt_msg": "" + }, + "CVE-2018-12931": { + "cmt_msg": "" + }, + "CVE-2021-39801": { + "cmt_msg": "" + }, + "CVE-2021-39800": { + "cmt_msg": "" + }, + "CVE-2022-45885": { + "cmt_msg": "" + }, + "CVE-2022-45884": { + "cmt_msg": "" + }, + "CVE-2021-3542": { + "cmt_msg": "" + }, + "CVE-2018-12929": { + "cmt_msg": "" + }, + "CVE-2018-12928": { + "cmt_msg": "" + }, + "CVE-2020-25220": { + "cmt_msg": "" + }, + "CVE-2015-2877": { + "cmt_msg": "" + }, + "CVE-2023-26242": { + "cmt_msg": "" + }, + "CVE-2019-16089": { + "cmt_msg": "" + }, + "CVE-2023-32629": { + "cmt_msg": "" + }, + "CVE-2022-0400": { + "cmt_msg": "" + }, + "CVE-2021-3847": { + "cmt_msg": "" + }, + "CVE-2022-2961": { + "cmt_msg": "" + }, + "CVE-2022-25265": { + "cmt_msg": "" + }, + "CVE-2011-4916": { + "cmt_msg": "" + }, + "CVE-2023-23039": { + "cmt_msg": "" + }, + "CVE-2023-3640": { + "cmt_msg": "" + } + } + }, "6.6": { "6.6": { "CVE-2023-46862": { @@ -50274,6 +50553,10 @@ } }, "6.6.7": { + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets", + "cmt_id": "5a33d385eb36991a91e3dddb189d8679e2aac2be" + }, "CVE-2023-6622": { "cmt_msg": "netfilter: nf_tables: bail out on mismatching dynset and set expressions", "cmt_id": "5eeba00a89c5c6be4e45b69bef20d1d1b9edb968" @@ -50301,6 +50584,22 @@ "cmt_id": "e15ded324a3911358e8541a1b573665f99f216ef" } }, + "6.6.9": { + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "ac48fcef5ec2e9ac85c0b39045d874e60eac75d7" + }, + "CVE-2023-51779": { + "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg", + "cmt_id": "1d576c3a5af850bf11fbd103f9ba11aa6d6061fb" + } + }, + "6.6.10": { + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cmt_id": "b7f1c01b55ad2a5da12f08e5ec3c76dabb99882a" + } + }, "outstanding": { "CVE-2020-26556": { "cmt_msg": "" @@ -50320,9 +50619,6 @@ "CVE-2023-4010": { "cmt_msg": "" }, - "CVE-2023-51779": { - "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" - }, "CVE-2018-1121": { "cmt_msg": "" }, @@ -50371,6 +50667,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2020-15802": { "cmt_msg": "" }, @@ -50455,9 +50754,6 @@ "CVE-2022-3544": { "cmt_msg": "" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2022-3238": { "cmt_msg": "" }, @@ -50548,9 +50844,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -50704,10 +50997,6 @@ "CVE-2023-5090": { "cmt_msg": "x86: KVM: SVM: always update the x2avic msr interception", "cmt_id": "94805f9d3a3fb1f091bcc08b9c4846c4346706eb" - }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", - "cmt_id": "675f0e9bb716fa3252979145b9b1a950140e94e9" } }, "6.5.10": { @@ -50786,6 +51075,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2020-15802": { "cmt_msg": "" }, @@ -50906,6 +51198,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2021-3714": { "cmt_msg": "" }, @@ -50933,6 +51228,9 @@ "CVE-2019-15902": { "cmt_msg": "unknown" }, + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets" + }, "CVE-2019-15290": { "cmt_msg": "" }, @@ -50990,9 +51288,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -51364,6 +51659,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-5158": { "cmt_msg": "vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()" }, @@ -51508,6 +51806,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2021-3714": { "cmt_msg": "" }, @@ -51541,6 +51842,9 @@ "CVE-2019-15902": { "cmt_msg": "unknown" }, + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets" + }, "CVE-2019-15290": { "cmt_msg": "" }, @@ -51601,9 +51905,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -51646,9 +51947,6 @@ "CVE-2023-23039": { "cmt_msg": "" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-39189": { "cmt_msg": "netfilter: nfnetlink_osf: avoid OOB read" }, @@ -53868,8 +54166,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -53970,6 +54268,9 @@ "CVE-2022-3635": { "cmt_msg": "atm: idt77252: fix use-after-free bugs caused by tst_timer" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2015-4178": { "cmt_msg": "fs_pin: Allow for the possibility that m_list or s_list go unused." }, @@ -54246,9 +54547,6 @@ "CVE-2020-26560": { "cmt_msg": "" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" - }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" }, @@ -54261,9 +54559,6 @@ "CVE-2023-35824": { "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2018-10021": { "cmt_msg": "scsi: libsas: defer ata device eh commands to libata" }, @@ -54615,9 +54910,6 @@ "CVE-2021-3178": { "cmt_msg": "nfsd4: readdirplus shouldn't return parent of export" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -54819,9 +55111,6 @@ "CVE-2016-7917": { "cmt_msg": "netfilter: nfnetlink: correctly validate length of batch messages" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2019-16232": { "cmt_msg": "libertas: fix a potential NULL pointer dereference" }, @@ -54951,9 +55240,6 @@ "CVE-2016-5195": { "cmt_msg": "mm: remove gup_flags FOLL_WRITE games from __get_user_pages()" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10323": { "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" }, @@ -55134,6 +55420,9 @@ "CVE-2023-40283": { "cmt_msg": "Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2019-13272": { "cmt_msg": "ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME" }, @@ -55242,9 +55531,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -55347,6 +55633,9 @@ "CVE-2015-1805": { "cmt_msg": "new helper: copy_page_from_iter()" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -55425,6 +55714,9 @@ "CVE-2019-15902": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -55707,9 +55999,6 @@ "CVE-2017-9725": { "cmt_msg": "mm: cma: fix incorrect type conversion for size during dma allocation" }, - "CVE-2023-7042": { - "cmt_msg": "" - }, "CVE-2018-14609": { "cmt_msg": "btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized" }, @@ -55827,6 +56116,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2020-25656": { "cmt_msg": "vt: keyboard, extend func_buf_lock to readers" }, @@ -56016,9 +56308,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2020-12888": { "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" }, @@ -56154,9 +56443,6 @@ "CVE-2013-1772": { "cmt_msg": "printk: convert byte-buffer to variable-length record buffer" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2021-1048": { "cmt_msg": "fix regression in \"epoll: Keep a reference on files added to the check list\"" }, @@ -56333,6 +56619,10 @@ } }, "6.2.5": { + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "033ac6ea4b513f9a4a20882f431f68cea307ba87" + }, "CVE-2023-45862": { "cmt_msg": "USB: ene_usb6250: Allocate enough memory for full object", "cmt_id": "5ee39d2216dc98a894ffc38d15e1ef2d41e2266b" @@ -56594,6 +56884,9 @@ "CVE-2023-39198": { "cmt_msg": "drm/qxl: fix UAF on handle creation" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2020-24503": { "cmt_msg": "" }, @@ -56681,6 +56974,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -56699,6 +56995,9 @@ "CVE-2023-2898": { "cmt_msg": "f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2023-21255": { "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup" }, @@ -56900,6 +57199,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0443": { + "cmt_msg": "blk-cgroup: Flush stats before releasing blkcg_gq" + }, "CVE-2023-3610": { "cmt_msg": "netfilter: nf_tables: fix chain binding transaction logic" }, @@ -56966,6 +57268,9 @@ "CVE-2019-15902": { "cmt_msg": "unknown" }, + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets" + }, "CVE-2019-15290": { "cmt_msg": "" }, @@ -57062,9 +57367,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -57131,9 +57433,6 @@ "CVE-2023-23039": { "cmt_msg": "" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, @@ -57464,6 +57763,10 @@ } }, "6.1.18": { + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "4f25d1dff80535f088b8f8568dd731fb098e29b4" + }, "CVE-2023-45862": { "cmt_msg": "USB: ene_usb6250: Allocate enough memory for full object", "cmt_id": "ff542083b105c9c72d83899d3f74eeec354f808e" @@ -58041,10 +58344,6 @@ "CVE-2023-5717": { "cmt_msg": "perf: Disallow mis-matched inherited group reads", "cmt_id": "f6952655a61264900ed08e9d642adad8222f8e29" - }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", - "cmt_id": "f691ec5a548257edb3aacd952e2a574e4e57b2c4" } }, "6.1.61": { @@ -58072,6 +58371,10 @@ } }, "6.1.68": { + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets", + "cmt_id": "f2f57f51b53be153a522300454ddb3887722fb2c" + }, "CVE-2023-6622": { "cmt_msg": "netfilter: nf_tables: bail out on mismatching dynset and set expressions", "cmt_id": "96f8654b701f772af5f358b91807ce2836ff3444" @@ -58099,6 +58402,26 @@ "cmt_id": "1646b2929d5efc3861139ba58556b0f149c848f6" } }, + "6.1.70": { + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "c60e10d1549f8748a68ec13dcd177c62843985ff" + }, + "CVE-2023-51779": { + "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg", + "cmt_id": "37f71e2c9f515834841826f4eb68ec33cfb2a1ff" + } + }, + "6.1.71": { + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cmt_id": "0105571f80edb96f81bb4bbdd5233a9130dc345b" + }, + "CVE-2023-1193": { + "cmt_msg": "ksmbd: delete asynchronous work from list", + "cmt_id": "8d271ef5e5cac8a470076891b248a28a2c57fb1e" + } + }, "outstanding": { "CVE-2020-26556": { "cmt_msg": "" @@ -58118,9 +58441,6 @@ "CVE-2023-4010": { "cmt_msg": "" }, - "CVE-2023-51779": { - "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" - }, "CVE-2018-1121": { "cmt_msg": "" }, @@ -58226,6 +58546,9 @@ "CVE-2022-1247": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2020-10708": { "cmt_msg": "" }, @@ -58274,9 +58597,6 @@ "CVE-2023-6039": { "cmt_msg": "net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2022-3238": { "cmt_msg": "" }, @@ -58325,6 +58645,9 @@ "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -58379,9 +58702,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -58394,9 +58714,6 @@ "CVE-2023-26242": { "cmt_msg": "" }, - "CVE-2023-1193": { - "cmt_msg": "ksmbd: delete asynchronous work from list" - }, "CVE-2019-16089": { "cmt_msg": "" }, @@ -58837,6 +59154,9 @@ "CVE-2019-19378": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-1281": { "cmt_msg": "net/sched: tcindex: update imperfect hash filters respecting rcu" }, @@ -58846,6 +59166,9 @@ "CVE-2023-2430": { "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2020-24503": { "cmt_msg": "" }, @@ -59002,6 +59325,9 @@ "CVE-2023-2483": { "cmt_msg": "net: qcom/emac: Fix use after free bug in emac_remove due to race condition" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2023-21255": { "cmt_msg": "binder: fix UAF caused by faulty buffer cleanup" }, @@ -59014,6 +59340,9 @@ "CVE-2019-15239": { "cmt_msg": "unknown" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2023-3867": { "cmt_msg": "ksmbd: add missing compound request handing in some commands" }, @@ -59551,9 +59880,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -59644,9 +59970,6 @@ "CVE-2023-23039": { "cmt_msg": "" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-38409": { "cmt_msg": "fbcon: set_con2fb_map needs to set con2fb_map!" }, @@ -59910,6 +60233,9 @@ "CVE-2017-6074": { "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -59952,8 +60278,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -60441,8 +60767,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -60474,9 +60800,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -61023,9 +61346,6 @@ "CVE-2022-42703": { "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -61383,6 +61703,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -61512,6 +61835,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -61674,9 +62000,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -62022,9 +62345,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -62169,6 +62489,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -62289,6 +62612,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -62313,9 +62639,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -62772,6 +63095,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -63057,9 +63383,6 @@ "CVE-2021-4155": { "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2019-14901": { "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" }, @@ -63165,9 +63488,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -67264,8 +67584,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -67342,9 +67662,6 @@ "CVE-2020-16120": { "cmt_msg": "ovl: switch to mounter creds in readdir" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2022-1204": { "cmt_msg": "ax25: Fix refcount leaks caused by ax25_cb_del()" }, @@ -67660,9 +67977,6 @@ "CVE-2011-4916": { "cmt_msg": "" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-3117": { "cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE" }, @@ -67741,9 +68055,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10322": { "cmt_msg": "xfs: enhance dinode verifier" }, @@ -67819,6 +68130,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -67882,9 +68196,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -67903,9 +68214,6 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-39648": { "cmt_msg": "usb: gadget: configfs: Fix use-after-free issue with udc_name" }, @@ -67930,6 +68238,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -67984,6 +68295,9 @@ "CVE-2021-4218": { "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -68146,6 +68460,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -68230,6 +68547,9 @@ "CVE-2023-4623": { "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -68350,9 +68670,6 @@ "CVE-2022-33744": { "cmt_msg": "xen/arm: Fix race in RB-tree based P2M accounting" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2020-12888": { "cmt_msg": "vfio-pci: Invalidate mmaps and block MMIO access on disabled memory" }, @@ -68413,6 +68730,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -68428,9 +68748,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -68626,6 +68943,9 @@ "CVE-2017-6074": { "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -68671,8 +68991,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -69142,8 +69462,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -69175,9 +69495,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -70063,6 +70380,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -70183,6 +70503,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -70336,9 +70659,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -70684,9 +71004,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -70819,6 +71136,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -70912,9 +71232,6 @@ "CVE-2019-19527": { "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2017-7542": { "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" }, @@ -70945,6 +71262,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -70969,9 +71289,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -71428,6 +71745,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -71713,9 +72033,6 @@ "CVE-2021-4155": { "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2019-14901": { "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" }, @@ -71818,9 +72135,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -72303,6 +72617,9 @@ "CVE-2017-6074": { "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -72345,8 +72662,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -72825,8 +73142,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -72858,9 +73175,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -73740,6 +74054,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -73863,6 +74180,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -74025,9 +74345,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -74370,9 +74687,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -74508,6 +74822,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -74595,9 +74912,6 @@ "CVE-2019-19527": { "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2017-7542": { "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" }, @@ -74631,6 +74945,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -74655,9 +74972,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -75114,6 +75428,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -75402,9 +75719,6 @@ "CVE-2021-4155": { "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2019-14901": { "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" }, @@ -75507,9 +75821,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -77185,8 +77496,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -77614,8 +77925,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -77638,9 +77949,6 @@ "CVE-2023-35824": { "cmt_msg": "media: dm1105: Fix use after free bug in dm1105_remove due to race condition" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -78088,9 +78396,6 @@ "CVE-2022-42703": { "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -78487,9 +78792,6 @@ "CVE-2019-11191": { "cmt_msg": "x86: Deprecate a.out support" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10323": { "cmt_msg": "xfs: set format back to extents if xfs_bmap_extents_to_btree" }, @@ -78565,9 +78867,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -78694,6 +78993,9 @@ "CVE-2022-1419": { "cmt_msg": "drm/vgem: Close use-after-free race in vgem_gem_create" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -78829,9 +79131,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -78940,6 +79239,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -79030,6 +79332,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -79054,9 +79359,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -79420,6 +79722,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -79504,6 +79809,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -79741,9 +80049,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -79870,6 +80175,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -81271,9 +81579,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -81394,6 +81699,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -81586,6 +81894,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -81667,6 +81978,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -81709,6 +82023,9 @@ "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -82042,6 +82359,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -82330,9 +82650,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -82623,6 +82940,9 @@ "CVE-2017-6074": { "cmt_msg": "dccp: fix freeing skb too early for IPV6_RECVPKTINFO" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2016-3955": { "cmt_msg": "USB: usbip: fix potential out-of-bounds write" }, @@ -82662,8 +82982,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -82833,9 +83153,6 @@ "CVE-2022-23039": { "cmt_msg": "xen/gntalloc: don't use gnttab_query_foreign_access()" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2018-3646": { "cmt_msg": "x86/microcode: Allow late microcode loading with SMT disabled" }, @@ -83166,8 +83483,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -83763,9 +84080,6 @@ "CVE-2022-42703": { "cmt_msg": "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -84147,6 +84461,9 @@ "CVE-2019-19530": { "cmt_msg": "usb: cdc-acm: make sure a refcount is taken early enough" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -84276,6 +84593,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -84447,9 +84767,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -84801,9 +85118,6 @@ "CVE-2023-0386": { "cmt_msg": "ovl: fail on invalid uid/gid mapping at copy up" }, - "CVE-2023-6121": { - "cmt_msg": "nvmet: nul-terminate the NQNs passed in the connect command" - }, "CVE-2017-13693": { "cmt_msg": "" }, @@ -84948,6 +85262,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -85074,6 +85391,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -85098,9 +85418,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -85566,6 +85883,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -85857,9 +86177,6 @@ "CVE-2021-4155": { "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2019-14901": { "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" }, @@ -85962,9 +86279,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -87489,9 +87803,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -87606,6 +87917,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -87807,6 +88121,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -87885,6 +88202,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -87924,6 +88244,9 @@ "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -88242,6 +88565,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -88530,9 +88856,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25221": { "cmt_msg": "mm: fix pin vs. gup mismatch with gate pages" }, @@ -89715,6 +90038,9 @@ "CVE-2021-3411": { "cmt_msg": "x86/kprobes: Fix optprobe to detect INT3 padding correctly" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-31440": { "cmt_msg": "bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds" }, @@ -89820,9 +90146,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -89931,6 +90254,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -90120,6 +90446,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2020-12912": { "cmt_msg": "hwmon: (amd_energy) modify the visibility of the counters" }, @@ -90186,6 +90515,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -90225,6 +90557,9 @@ "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -90828,9 +91163,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -91956,6 +92288,9 @@ "CVE-2023-3111": { "cmt_msg": "btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-31440": { "cmt_msg": "bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds" }, @@ -92061,9 +92396,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -92169,6 +92501,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -92358,6 +92693,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -92424,6 +92762,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -92466,6 +92807,9 @@ "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -93042,9 +93386,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -97179,8 +97520,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -97236,9 +97577,6 @@ "CVE-2020-16120": { "cmt_msg": "ovl: switch to mounter creds in readdir" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2023-30772": { "cmt_msg": "power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition" }, @@ -97473,9 +97811,6 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2019-20811": { "cmt_msg": "net-sysfs: call dev_hold if kobject_init_and_add success" }, @@ -97542,14 +97877,11 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2018-10322": { "cmt_msg": "xfs: enhance dinode verifier" }, - "CVE-2019-10220": { - "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" @@ -97605,6 +97937,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -97674,9 +98009,6 @@ "CVE-2023-4732": { "cmt_msg": "mm/userfaultfd: fix uffd-wp special cases for fork()" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2022-3545": { "cmt_msg": "nfp: fix use-after-free in area_cache_get()" }, @@ -97695,6 +98027,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -97728,6 +98063,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -97851,6 +98189,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -97929,6 +98270,9 @@ "CVE-2023-4623": { "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -98004,9 +98348,6 @@ "CVE-2018-20509": { "cmt_msg": "binder: refactor binder ref inc/dec for thread safety" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2023-2194": { "cmt_msg": "i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()" }, @@ -98046,6 +98387,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2019-10220": { + "cmt_msg": "Convert filldir[64]() from __put_user() to unsafe_put_user()" + }, "CVE-2023-3022": { "cmt_msg": "ipv6: Use result arg in fib_lookup_arg consistently" }, @@ -98061,9 +98405,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -98287,6 +98628,9 @@ "CVE-2017-1000410": { "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3642": { "cmt_msg": "" }, @@ -98332,8 +98676,8 @@ "CVE-2018-6555": { "cmt_msg": "staging: irda: remove the irda network stack and drivers" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -98806,8 +99150,8 @@ "CVE-2017-2584": { "cmt_msg": "KVM: x86: Introduce segmented_write_std" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2017-13080": { "cmt_msg": "mac80211: accept key reinstall without changing anything" @@ -98842,9 +99186,6 @@ "CVE-2017-9074": { "cmt_msg": "ipv6: Prevent overrun when parsing v6 header options" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -99721,6 +100062,9 @@ "CVE-2018-1118": { "cmt_msg": "vhost: fix info leak due to uninitialized memory" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -99838,6 +100182,9 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." }, @@ -99988,9 +100335,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -100468,6 +100812,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -100561,9 +100908,6 @@ "CVE-2019-19527": { "cmt_msg": "HID: hiddev: do cleanup in failure of opening a device" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2017-7542": { "cmt_msg": "ipv6: avoid overflow of offset in ip6_find_1stfragopt" }, @@ -100591,6 +100935,9 @@ "CVE-2017-15274": { "cmt_msg": "KEYS: fix dereferencing NULL payload with nonzero length" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -100615,9 +100962,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -101071,6 +101415,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -101353,9 +101700,6 @@ "CVE-2021-4155": { "cmt_msg": "xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2019-14901": { "cmt_msg": "mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()" }, @@ -101458,9 +101802,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -101977,6 +102318,9 @@ "CVE-2017-1000410": { "cmt_msg": "Bluetooth: Prevent stack info leak from the EFS element." }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2021-0129": { "cmt_msg": "Bluetooth: SMP: Fail if remote and local public keys are identical" }, @@ -102013,8 +102357,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -102493,9 +102837,6 @@ "CVE-2021-3892": { "cmt_msg": "" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2022-20572": { "cmt_msg": "dm verity: set DM_TARGET_IMMUTABLE feature flag" }, @@ -103024,9 +103365,6 @@ "CVE-2020-10690": { "cmt_msg": "ptp: fix the race between the release of ptp_clock and cdev" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2018-7755": { "cmt_msg": "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" }, @@ -103354,6 +103692,9 @@ "CVE-2018-1118": { "cmt_msg": "vhost: fix info leak due to uninitialized memory" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2018-5391": { "cmt_msg": "ip: discard IPv4 datagrams with overlapping segments." }, @@ -103453,8 +103794,8 @@ "CVE-2020-13143": { "cmt_msg": "USB: gadget: fix illegal array access in binding with UDC" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" }, "CVE-2020-10768": { "cmt_msg": "x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches." @@ -103597,9 +103938,6 @@ "CVE-2023-2007": { "cmt_msg": "scsi: dpt_i2o: Remove obsolete driver" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -104083,6 +104421,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -104188,6 +104529,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -104212,9 +104556,6 @@ "CVE-2020-0431": { "cmt_msg": "HID: hid-input: clear unmapped usages" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2022-39842": { "cmt_msg": "video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write" }, @@ -104638,6 +104979,9 @@ "CVE-2020-28915": { "cmt_msg": "fbcon: Fix global-out-of-bounds read in fbcon_get_font()" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2019-20908": { "cmt_msg": "efi: Restrict efivar_ssdt_load when the kernel is locked down" }, @@ -105010,9 +105354,6 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" - }, "CVE-2019-9454": { "cmt_msg": "i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA" }, @@ -106041,8 +106382,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2022-23816": { "cmt_msg": "x86/kvm/vmx: Make noinstr clean" @@ -106182,9 +106523,6 @@ "CVE-2020-16120": { "cmt_msg": "ovl: switch to mounter creds in readdir" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2022-29581": { "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" }, @@ -106716,9 +107054,6 @@ "CVE-2023-26545": { "cmt_msg": "net: mpls: fix stale pointer if allocation fails during device rename" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2022-34918": { "cmt_msg": "netfilter: nf_tables: stricter validation of element data" }, @@ -106860,9 +107195,6 @@ "CVE-2019-11191": { "cmt_msg": "x86: Deprecate a.out support" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -107052,6 +107384,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -107229,9 +107564,6 @@ "CVE-2020-28097": { "cmt_msg": "vgacon: remove software scrollback support" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" - }, "CVE-2021-29264": { "cmt_msg": "gianfar: fix jumbo packets+napi+rx overrun crash" }, @@ -107280,6 +107612,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -107370,15 +107705,15 @@ "CVE-2021-4218": { "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" }, - "CVE-2022-3707": { - "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" - }, "CVE-2020-0543": { "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" }, "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -107424,6 +107759,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -107838,6 +108176,9 @@ "CVE-2021-20177": { "cmt_msg": "netfilter: add and use nf_hook_slow_list()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -108057,8 +108398,8 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" + "CVE-2022-3707": { + "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" @@ -108150,9 +108491,6 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -108183,9 +108521,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -109987,6 +110322,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -110200,6 +110538,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -110305,6 +110646,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -110353,6 +110697,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -110761,6 +111108,9 @@ "CVE-2021-20177": { "cmt_msg": "netfilter: add and use nf_hook_slow_list()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -111070,9 +111420,6 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -111103,9 +111450,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -112833,6 +113177,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -112866,6 +113213,9 @@ "CVE-2020-25705": { "cmt_msg": "icmp: randomize the global rate limiter" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-0435": { "cmt_msg": "tipc: improve size validations for received domain records" }, @@ -113163,6 +113513,9 @@ "CVE-2020-8992": { "cmt_msg": "ext4: add cond_resched() to ext4_protect_reserved_inode" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -113208,6 +113561,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -113592,6 +113948,9 @@ "CVE-2021-20177": { "cmt_msg": "netfilter: add and use nf_hook_slow_list()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -113877,9 +114236,6 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -113907,9 +114263,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -115092,9 +115445,6 @@ "CVE-2023-4207": { "cmt_msg": "net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -115197,6 +115547,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -115350,6 +115703,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -115407,6 +115763,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -115617,6 +115976,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -115710,6 +116072,9 @@ "CVE-2022-29156": { "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -115959,9 +116324,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -117037,9 +117399,6 @@ "CVE-2023-39198": { "cmt_msg": "drm/qxl: fix UAF on handle creation" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -117139,6 +117498,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -117289,6 +117651,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -117352,6 +117717,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -117556,6 +117924,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -117649,6 +118020,9 @@ "CVE-2022-29156": { "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -117889,9 +118263,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -119930,6 +120301,10 @@ } }, "5.10.173": { + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "1ff0b87df98b93e10ced45773aa7d35377355421" + }, "CVE-2023-1829": { "cmt_msg": "net/sched: Retire tcindex classifier", "cmt_id": "18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6" @@ -120377,10 +120752,6 @@ "CVE-2023-35827": { "cmt_msg": "ravb: Fix use-after-free issue in ravb_tx_timeout_work()", "cmt_id": "db9aafa19547833240f58c2998aed7baf414dc82" - }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", - "cmt_id": "e985d78bdcf37f7ef73666a43b0d2407715f00d3" } }, "5.10.200": { @@ -120433,6 +120804,20 @@ "cmt_id": "a232eb81c7cb5d4dbd325d4611ed029b7fa07596" } }, + "5.10.206": { + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cmt_id": "73117ea03363d4493bd4e9f82f29b34b92d88a91" + }, + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "0c54b79d1d9b25f5a406bcf1969f956e14c4704d" + }, + "CVE-2023-51779": { + "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg", + "cmt_id": "db1b14eec8c61a20374de9f9c2ddc6c9406a8c42" + } + }, "outstanding": { "CVE-2020-26556": { "cmt_msg": "" @@ -120458,9 +120843,6 @@ "CVE-2022-20424": { "cmt_msg": "io_uring: remove io_identity" }, - "CVE-2023-51779": { - "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" - }, "CVE-2018-1121": { "cmt_msg": "" }, @@ -120629,6 +121011,9 @@ "CVE-2022-2991": { "cmt_msg": "remove the lightnvm subsystem" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -120770,12 +121155,18 @@ "CVE-2022-23222": { "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2019-15902": { "cmt_msg": "unknown" }, "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, @@ -120842,9 +121233,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -120875,9 +121263,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2021-3847": { "cmt_msg": "" }, @@ -122132,9 +122517,6 @@ "CVE-2020-26139": { "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -122246,6 +122628,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -122414,6 +122799,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -122477,6 +122865,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -122693,6 +123084,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -122777,6 +123171,9 @@ "CVE-2023-4623": { "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -123038,9 +123435,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -124173,9 +124567,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-48502": { "cmt_msg": "fs/ntfs3: Check fields while reading" }, @@ -124272,6 +124663,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -124395,6 +124789,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -124440,6 +124837,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -124611,6 +125011,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, @@ -124698,6 +125101,9 @@ "CVE-2022-3577": { "cmt_msg": "HID: bigben: fix slab-out-of-bounds Write in bigben_probe" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-1193": { "cmt_msg": "ksmbd: delete asynchronous work from list" }, @@ -124893,9 +125299,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -125901,9 +126304,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-48502": { "cmt_msg": "fs/ntfs3: Check fields while reading" }, @@ -125988,6 +126388,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -126111,6 +126514,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -126150,6 +126556,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -126312,6 +126721,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, @@ -126387,6 +126799,9 @@ "CVE-2023-4623": { "cmt_msg": "net/sched: sch_hfsc: Ensure inner classes have fsc curve" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-1193": { "cmt_msg": "ksmbd: delete asynchronous work from list" }, @@ -126555,9 +126970,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -127610,9 +128022,6 @@ "CVE-2023-39198": { "cmt_msg": "drm/qxl: fix UAF on handle creation" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-0847": { "cmt_msg": "lib/iov_iter: initialize \"flags\" in new pipe_buffer" }, @@ -127709,6 +128118,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -127838,6 +128250,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-27223": { "cmt_msg": "USB: gadget: validate endpoint index for xilinx udc" }, @@ -127901,6 +128316,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -128084,6 +128502,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-1263": { "cmt_msg": "KVM: avoid NULL pointer dereference in kvm_dirty_ring_push" }, @@ -128171,6 +128592,9 @@ "CVE-2022-29156": { "cmt_msg": "RDMA/rtrs-clt: Fix possible double free in error case" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2022-24448": { "cmt_msg": "NFSv4: Handle case where the lookup of a directory fails" }, @@ -128399,9 +128823,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -129976,6 +130397,10 @@ "cmt_msg": "malidp: Fix NULL vs IS_ERR() checking", "cmt_id": "1c7988d5c79f72287177bb774cde15fde69f3c97" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "af41b3cd9a9245f482b8855bd3c62c6f04ae68ab" + }, "CVE-2023-45862": { "cmt_msg": "USB: ene_usb6250: Allocate enough memory for full object", "cmt_id": "7e902b949600c51c94d06b137f874126a27e6557" @@ -130455,10 +130880,6 @@ "CVE-2023-5717": { "cmt_msg": "perf: Disallow mis-matched inherited group reads", "cmt_id": "71d224acc4d1df1b61a294abee0f1032a9b03b40" - }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", - "cmt_id": "34f62612be2a7f90ab68a14154db6664a32f8db0" } }, "5.15.140": { @@ -130565,6 +130986,20 @@ "cmt_id": "97f5c1e3086c8ba1473c265d9a5523cc9ef5579e" } }, + "5.15.146": { + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets", + "cmt_id": "d10f7540c5541ad9f4fe2a02a73153d25d4a540d" + }, + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "ded3cfdefec8b2accc767f176419316b61c157c3" + }, + "CVE-2023-51779": { + "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg", + "cmt_id": "2b16d960c79abc397f102c3d23d30005b68cb036" + } + }, "outstanding": { "CVE-2020-26556": { "cmt_msg": "" @@ -130587,9 +131022,6 @@ "CVE-2022-38457": { "cmt_msg": "drm/vmwgfx: Remove rcu locks from user resources" }, - "CVE-2023-51779": { - "cmt_msg": "Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg" - }, "CVE-2018-1121": { "cmt_msg": "" }, @@ -130662,9 +131094,6 @@ "CVE-2023-47233": { "cmt_msg": "" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2016-8660": { "cmt_msg": "" }, @@ -130728,6 +131157,12 @@ "CVE-2022-1247": { "cmt_msg": "" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -130836,6 +131271,9 @@ "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -130902,9 +131340,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -131200,8 +131635,8 @@ "CVE-2020-36158": { "cmt_msg": "mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start" }, - "CVE-2022-1508": { - "cmt_msg": "io_uring: reexpand under-reexpanded iters" + "CVE-2023-3159": { + "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" }, "CVE-2022-0480": { "cmt_msg": "memcg: enable accounting for file lock caches" @@ -131623,8 +132058,8 @@ "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, - "CVE-2023-2430": { - "cmt_msg": "io_uring/msg_ring: fix missing lock on overflow for IOPOLL" + "CVE-2023-39198": { + "cmt_msg": "drm/qxl: fix UAF on handle creation" }, "CVE-2018-12127": { "cmt_msg": "s390/speculation: Support 'mitigations=' cmdline option" @@ -131791,9 +132226,6 @@ "CVE-2019-11599": { "cmt_msg": "coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, - "CVE-2023-6560": { - "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" - }, "CVE-2022-29581": { "cmt_msg": "net/sched: cls_u32: fix netns refcount changes in u32_change()" }, @@ -131896,9 +132328,6 @@ "CVE-2022-26365": { "cmt_msg": "xen/blkfront: fix leaking data in shared pages" }, - "CVE-2023-3159": { - "cmt_msg": "firewire: fix potential uaf in outbound_phy_packet_callback()" - }, "CVE-2018-1121": { "cmt_msg": "" }, @@ -132490,9 +132919,6 @@ "CVE-2019-11191": { "cmt_msg": "x86: Deprecate a.out support" }, - "CVE-2023-39198": { - "cmt_msg": "drm/qxl: fix UAF on handle creation" - }, "CVE-2020-10781": { "cmt_msg": "Revert \"zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()\"" }, @@ -132550,9 +132976,6 @@ "CVE-2020-28374": { "cmt_msg": "scsi: target: Fix XCOPY NAA identifier lookup" }, - "CVE-2023-50431": { - "cmt_msg": "" - }, "CVE-2023-0615": { "cmt_msg": "media: vivid: dev->bitmap_cap wasn't freed in all cases" }, @@ -132688,6 +133111,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -132922,6 +133348,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -133012,9 +133441,6 @@ "CVE-2021-4218": { "cmt_msg": "sysctl: pass kernel pointers to ->proc_handler" }, - "CVE-2022-3707": { - "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" - }, "CVE-2020-0543": { "cmt_msg": "x86/cpu: Add 'table' argument to cpu_matches()" }, @@ -133024,6 +133450,9 @@ "CVE-2019-20054": { "cmt_msg": "fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2021-3753": { "cmt_msg": "vt_kdsetmode: extend console locking" }, @@ -133075,6 +133504,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -133507,6 +133939,9 @@ "CVE-2021-20177": { "cmt_msg": "netfilter: add and use nf_hook_slow_list()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2023-20588": { "cmt_msg": "x86/CPU/AMD: Do not leak quotient data after a division by 0" }, @@ -133735,8 +134170,8 @@ "CVE-2022-40768": { "cmt_msg": "scsi: stex: Properly zero out the passthrough command structure" }, - "CVE-2022-2327": { - "cmt_msg": "io_uring: remove any grabbing of context" + "CVE-2022-3707": { + "cmt_msg": "drm/i915/gvt: fix double free bug in split_2MB_gtt_entry" }, "CVE-2021-45486": { "cmt_msg": "inet: use bigger hash table for IP ID generation" @@ -133837,6 +134272,9 @@ "CVE-2022-45886": { "cmt_msg": "media: dvb-core: Fix use-after-free due on race condition at dvb_net" }, + "CVE-2023-5178": { + "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" + }, "CVE-2023-2124": { "cmt_msg": "xfs: verify buffer contents when we skip log replay" }, @@ -133867,9 +134305,6 @@ "CVE-2022-2964": { "cmt_msg": "net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -136458,6 +136893,10 @@ } }, "5.4.235": { + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()", + "cmt_id": "5d0d38805d3234ca2cd6fbeb74d706348f4bbc43" + }, "CVE-2023-1829": { "cmt_msg": "net/sched: Retire tcindex classifier", "cmt_id": "7a6fb69bbcb21e9ce13bdf18c008c268874f0480" @@ -136832,10 +137271,6 @@ } }, "5.4.260": { - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup", - "cmt_id": "4e53bab11f01a401a5acd3bc94335b27ec79106b" - }, "CVE-2021-44879": { "cmt_msg": "f2fs: fix to do sanity check on inode type during garbage collection", "cmt_id": "e9a988cd4c8baac7550aa0c2f1efc9533ed9da36" @@ -136875,6 +137310,12 @@ "cmt_id": "9112bd107208cd6a4f0175ca36289ed170622cce" } }, + "5.4.266": { + "CVE-2023-6606": { + "cmt_msg": "smb: client: fix OOB in smbCalcSize()", + "cmt_id": "508e2fdd978e4c26798eac2059f9520255904f82" + } + }, "outstanding": { "CVE-2021-0929": { "cmt_msg": "staging/android/ion: delete dma_buf->kmap/unmap implemenation" @@ -137008,9 +137449,6 @@ "CVE-2022-1789": { "cmt_msg": "KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID" }, - "CVE-2023-6606": { - "cmt_msg": "smb: client: fix OOB in smbCalcSize()" - }, "CVE-2016-8660": { "cmt_msg": "" }, @@ -137101,6 +137539,9 @@ "CVE-2022-2991": { "cmt_msg": "remove the lightnvm subsystem" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2022-3624": { "cmt_msg": "bonding: fix reference count leak in balance-alb mode" }, @@ -137194,6 +137635,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2021-29155": { "cmt_msg": "bpf: Use correct permission flag for mixed signed bounds arithmetic" }, @@ -137257,6 +137701,9 @@ "CVE-2022-23222": { "cmt_msg": "bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2019-15902": { "cmt_msg": "unknown" }, @@ -137266,6 +137713,9 @@ "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-4134": { "cmt_msg": "Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()" }, @@ -137350,9 +137800,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -138263,9 +138710,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-48502": { "cmt_msg": "fs/ntfs3: Check fields while reading" }, @@ -138344,6 +138788,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -138470,6 +138917,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -138512,6 +138962,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -138671,6 +139124,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, @@ -138878,9 +139334,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -139643,9 +140096,6 @@ "CVE-2022-44032": { "cmt_msg": "char: pcmcia: remove all the drivers" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2022-48502": { "cmt_msg": "fs/ntfs3: Check fields while reading" }, @@ -139718,6 +140168,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-2156": { "cmt_msg": "net: rpl: fix rpl header size calculation" }, @@ -139835,6 +140288,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2019-12456": { "cmt_msg": "" }, @@ -139877,6 +140333,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -140021,6 +140480,9 @@ "CVE-2020-11725": { "cmt_msg": "" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2023-30456": { "cmt_msg": "KVM: nVMX: add missing consistency checks for CR0 and CR4" }, @@ -140231,9 +140693,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2020-25220": { "cmt_msg": "" }, @@ -141801,9 +142260,6 @@ "CVE-2020-26139": { "cmt_msg": "mac80211: do not accept/forward invalid EAPOL frames" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -141948,6 +142404,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -142164,6 +142623,9 @@ "CVE-2019-18808": { "cmt_msg": "crypto: ccp - Release all allocated memory if sha type is invalid" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -142251,6 +142713,9 @@ "CVE-2020-8992": { "cmt_msg": "ext4: add cond_resched() to ext4_protect_reserved_inode" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -142296,6 +142761,9 @@ "CVE-2023-3812": { "cmt_msg": "net: tun: fix bugs for oversize packet when napi frags enabled" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -142662,6 +143130,9 @@ "CVE-2021-20177": { "cmt_msg": "netfilter: add and use nf_hook_slow_list()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -142953,9 +143424,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -144232,9 +144700,6 @@ "CVE-2023-42754": { "cmt_msg": "ipv4: fix null-deref in ipv4_link_failure" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2021-3609": { "cmt_msg": "can: bcm: delay release of struct bcm_op after synchronize_rcu()" }, @@ -144352,6 +144817,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-3090": { "cmt_msg": "ipvlan:Fix out-of-bounds caused by unclear skb->cb" }, @@ -144544,6 +145012,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2022-41222": { "cmt_msg": "mm/mremap: hold the rmap lock in write mode when moving page table entries." }, @@ -144625,6 +145096,9 @@ "CVE-2023-3358": { "cmt_msg": "HID: intel_ish-hid: Add check for ishtp_dma_tx_map" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -144667,6 +145141,9 @@ "CVE-2022-42896": { "cmt_msg": "Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM" }, + "CVE-2023-7192": { + "cmt_msg": "netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()" + }, "CVE-2022-3169": { "cmt_msg": "nvme: ensure subsystem reset is single threaded" }, @@ -144988,6 +145465,9 @@ "CVE-2021-3483": { "cmt_msg": "firewire: nosy: Fix a use-after-free bug in nosy_ioctl()" }, + "CVE-2023-6040": { + "cmt_msg": "netfilter: nf_tables: Reject tables of unsupported family" + }, "CVE-2021-38300": { "cmt_msg": "bpf, mips: Validate conditional branch offsets" }, @@ -145282,9 +145762,6 @@ "CVE-2022-27672": { "cmt_msg": "x86/speculation: Identify processors vulnerable to SMT RSB predictions" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2015-2877": { "cmt_msg": "" }, @@ -145564,6 +146041,10 @@ "CVE-2023-3390": { "cmt_msg": "netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE", "cmt_id": "bdace3b1a51887211d3e49417a18fdbd315a313b" + }, + "CVE-2024-0443": { + "cmt_msg": "blk-cgroup: Flush stats before releasing blkcg_gq", + "cmt_id": "0f6090d90f627d8c58f939067d6c6821ce1b3c68" } }, "6.3.10": { @@ -145732,6 +146213,9 @@ "CVE-2016-8660": { "cmt_msg": "" }, + "CVE-2023-6270": { + "cmt_msg": "" + }, "CVE-2023-5158": { "cmt_msg": "vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()" }, @@ -145918,6 +146402,9 @@ "CVE-2020-0347": { "cmt_msg": "" }, + "CVE-2024-0193": { + "cmt_msg": "netfilter: nf_tables: skip set commit for deleted/destroyed sets" + }, "CVE-2023-3611": { "cmt_msg": "net/sched: sch_qfq: account for stab overhead in qfq_enqueue" }, @@ -145969,9 +146456,15 @@ "CVE-2019-15902": { "cmt_msg": "unknown" }, + "CVE-2023-6531": { + "cmt_msg": "io_uring/af_unix: disable sending io_uring over sockets" + }, "CVE-2019-15290": { "cmt_msg": "" }, + "CVE-2024-0340": { + "cmt_msg": "vhost: use kzalloc() instead of kmalloc() followed by memset()" + }, "CVE-2023-6535": { "cmt_msg": "" }, @@ -146047,9 +146540,6 @@ "CVE-2018-12928": { "cmt_msg": "" }, - "CVE-2023-6679": { - "cmt_msg": "dpll: sanitize possible null pointer dereference in dpll_pin_parent_pin_set()" - }, "CVE-2023-6560": { "cmt_msg": "io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP" }, @@ -146110,9 +146600,6 @@ "CVE-2023-23039": { "cmt_msg": "" }, - "CVE-2023-5178": { - "cmt_msg": "nvmet-tcp: Fix a possible UAF in queue intialization setup" - }, "CVE-2023-4208": { "cmt_msg": "net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free" }, diff --git a/data/stream_fixes.json b/data/stream_fixes.json index a60500df5..0c7b48e6b 100644 --- a/data/stream_fixes.json +++ b/data/stream_fixes.json @@ -37033,6 +37033,10 @@ "5.15": { "cmt_id": "9494242c8e76e6a98c8ab5f6aed0fa4bd56ac6d5", "fixed_version": "5.15.145" + }, + "6.1": { + "cmt_id": "8d271ef5e5cac8a470076891b248a28a2c57fb1e", + "fixed_version": "6.1.71" } }, "CVE-2023-1194": { @@ -41223,6 +41227,24 @@ "fixed_version": "6.5.7" } }, + "CVE-2023-51779": { + "5.10": { + "cmt_id": "db1b14eec8c61a20374de9f9c2ddc6c9406a8c42", + "fixed_version": "5.10.206" + }, + "5.15": { + "cmt_id": "2b16d960c79abc397f102c3d23d30005b68cb036", + "fixed_version": "5.15.146" + }, + "6.1": { + "cmt_id": "37f71e2c9f515834841826f4eb68ec33cfb2a1ff", + "fixed_version": "6.1.70" + }, + "6.6": { + "cmt_id": "1d576c3a5af850bf11fbd103f9ba11aa6d6061fb", + "fixed_version": "6.6.9" + } + }, "CVE-2023-5178": { "5.10": { "cmt_id": "e985d78bdcf37f7ef73666a43b0d2407715f00d3", @@ -41457,6 +41479,16 @@ "fixed_version": "6.5.4" } }, + "CVE-2023-6531": { + "6.1": { + "cmt_id": "f2f57f51b53be153a522300454ddb3887722fb2c", + "fixed_version": "6.1.68" + }, + "6.6": { + "cmt_id": "5a33d385eb36991a91e3dddb189d8679e2aac2be", + "fixed_version": "6.6.7" + } + }, "CVE-2023-6546": { "5.10": { "cmt_id": "869ce5e5984595bd2c62b598d977debc218b6f4d", @@ -41481,6 +41513,32 @@ "fixed_version": "6.6.5" } }, + "CVE-2023-6606": { + "4.19": { + "cmt_id": "89b6ae907c6bcc175bc95a67d6936217530a29ff", + "fixed_version": "4.19.304" + }, + "5.10": { + "cmt_id": "0c54b79d1d9b25f5a406bcf1969f956e14c4704d", + "fixed_version": "5.10.206" + }, + "5.15": { + "cmt_id": "ded3cfdefec8b2accc767f176419316b61c157c3", + "fixed_version": "5.15.146" + }, + "5.4": { + "cmt_id": "508e2fdd978e4c26798eac2059f9520255904f82", + "fixed_version": "5.4.266" + }, + "6.1": { + "cmt_id": "c60e10d1549f8748a68ec13dcd177c62843985ff", + "fixed_version": "6.1.70" + }, + "6.6": { + "cmt_id": "ac48fcef5ec2e9ac85c0b39045d874e60eac75d7", + "fixed_version": "6.6.9" + } + }, "CVE-2023-6622": { "5.15": { "cmt_id": "cf5f113c41eb2c7dbe19d849a0883f7a429fa54b", @@ -41568,5 +41626,63 @@ "cmt_id": "bf8601dabed0c134a7d58085824e3e466840c5d1", "fixed_version": "6.6.5" } + }, + "CVE-2023-7192": { + "4.14": { + "cmt_id": "8df5f3b50d9ce523251edf9cd0470963be20004b", + "fixed_version": "4.14.308" + }, + "4.19": { + "cmt_id": "43b9a9c78e37a5532c2a9260dff9d9989f2bbb23", + "fixed_version": "4.19.276" + }, + "5.10": { + "cmt_id": "1ff0b87df98b93e10ced45773aa7d35377355421", + "fixed_version": "5.10.173" + }, + "5.15": { + "cmt_id": "af41b3cd9a9245f482b8855bd3c62c6f04ae68ab", + "fixed_version": "5.15.100" + }, + "5.4": { + "cmt_id": "5d0d38805d3234ca2cd6fbeb74d706348f4bbc43", + "fixed_version": "5.4.235" + }, + "6.1": { + "cmt_id": "4f25d1dff80535f088b8f8568dd731fb098e29b4", + "fixed_version": "6.1.18" + }, + "6.2": { + "cmt_id": "033ac6ea4b513f9a4a20882f431f68cea307ba87", + "fixed_version": "6.2.5" + } + }, + "CVE-2024-0193": { + "5.10": { + "cmt_id": "73117ea03363d4493bd4e9f82f29b34b92d88a91", + "fixed_version": "5.10.206" + }, + "5.15": { + "cmt_id": "d10f7540c5541ad9f4fe2a02a73153d25d4a540d", + "fixed_version": "5.15.146" + }, + "6.1": { + "cmt_id": "0105571f80edb96f81bb4bbdd5233a9130dc345b", + "fixed_version": "6.1.71" + }, + "6.6": { + "cmt_id": "b7f1c01b55ad2a5da12f08e5ec3c76dabb99882a", + "fixed_version": "6.6.10" + }, + "6.7": { + "cmt_id": "7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a", + "fixed_version": "6.7" + } + }, + "CVE-2024-0443": { + "6.3": { + "cmt_id": "0f6090d90f627d8c58f939067d6c6821ce1b3c68", + "fixed_version": "6.3.9" + } } } \ No newline at end of file diff --git a/kern.json b/kern.json index 314bdcf41..da309db83 100644 --- a/kern.json +++ b/kern.json @@ -3,6 +3,7 @@ "4.11", "4.13", "4.15", "4.16", "4.8", "4.17", "4.5", "4.6", "4.7", "4.3", "4.20", "5.0", "4.18", "5.1", "5.2", "5.3", "5.6", "5.5", "5.7", "5.9", "5.8", "5.9", "5.11", "5.12", "5.13", "5.14", - "5.15", "5.16", "5.17", "5.18", "5.19", "4.4", "4.9", "6.0", "6.2", "6.3"], - "supp_streams": ["4.14", "4.19", "5.4", "5.10", "5.15", "6.1", "6.4", "6.5", "6.6"] + "5.15", "5.16", "5.17", "5.18", "5.19", "4.4", "4.9", "6.0", "6.2", "6.3", + "6.4", "6.5"], + "supp_streams": ["4.14", "4.19", "5.4", "5.10", "5.15", "6.1", "6.6", "6.7"] }