From 509a8073b54876c19b79eb622cc24fde0309bb38 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 4 Apr 2024 21:03:24 +0200 Subject: Add new batch of CVEs assigned --- active/CVE-2024-26745 | 16 ++++++++++++++++ active/CVE-2024-26746 | 16 ++++++++++++++++ active/CVE-2024-26750 | 16 ++++++++++++++++ active/CVE-2024-26780 | 17 +++++++++++++++++ active/CVE-2024-26781 | 16 ++++++++++++++++ active/CVE-2024-26782 | 16 ++++++++++++++++ active/CVE-2024-26783 | 16 ++++++++++++++++ active/CVE-2024-26784 | 16 ++++++++++++++++ active/CVE-2024-26785 | 16 ++++++++++++++++ active/CVE-2024-26786 | 16 ++++++++++++++++ active/CVE-2024-26787 | 16 ++++++++++++++++ active/CVE-2024-26788 | 16 ++++++++++++++++ active/CVE-2024-26789 | 16 ++++++++++++++++ active/CVE-2024-26790 | 16 ++++++++++++++++ active/CVE-2024-26791 | 15 +++++++++++++++ active/CVE-2024-26792 | 17 +++++++++++++++++ active/CVE-2024-26793 | 16 ++++++++++++++++ active/CVE-2024-26794 | 16 ++++++++++++++++ active/CVE-2024-26795 | 16 ++++++++++++++++ active/CVE-2024-26796 | 16 ++++++++++++++++ active/CVE-2024-26797 | 16 ++++++++++++++++ active/CVE-2024-26798 | 16 ++++++++++++++++ active/CVE-2024-26799 | 16 ++++++++++++++++ active/CVE-2024-26800 | 16 ++++++++++++++++ active/CVE-2024-26801 | 16 ++++++++++++++++ active/CVE-2024-26802 | 16 ++++++++++++++++ active/CVE-2024-26803 | 16 ++++++++++++++++ active/CVE-2024-26804 | 16 ++++++++++++++++ active/CVE-2024-26805 | 17 +++++++++++++++++ active/CVE-2024-26806 | 16 ++++++++++++++++ active/CVE-2024-26807 | 17 +++++++++++++++++ active/CVE-2024-26808 | 16 ++++++++++++++++ active/CVE-2024-26809 | 16 ++++++++++++++++ 33 files changed, 531 insertions(+) create mode 100644 active/CVE-2024-26745 create mode 100644 active/CVE-2024-26746 create mode 100644 active/CVE-2024-26750 create mode 100644 active/CVE-2024-26780 create mode 100644 active/CVE-2024-26781 create mode 100644 active/CVE-2024-26782 create mode 100644 active/CVE-2024-26783 create mode 100644 active/CVE-2024-26784 create mode 100644 active/CVE-2024-26785 create mode 100644 active/CVE-2024-26786 create mode 100644 active/CVE-2024-26787 create mode 100644 active/CVE-2024-26788 create mode 100644 active/CVE-2024-26789 create mode 100644 active/CVE-2024-26790 create mode 100644 active/CVE-2024-26791 create mode 100644 active/CVE-2024-26792 create mode 100644 active/CVE-2024-26793 create mode 100644 active/CVE-2024-26794 create mode 100644 active/CVE-2024-26795 create mode 100644 active/CVE-2024-26796 create mode 100644 active/CVE-2024-26797 create mode 100644 active/CVE-2024-26798 create mode 100644 active/CVE-2024-26799 create mode 100644 active/CVE-2024-26800 create mode 100644 active/CVE-2024-26801 create mode 100644 active/CVE-2024-26802 create mode 100644 active/CVE-2024-26803 create mode 100644 active/CVE-2024-26804 create mode 100644 active/CVE-2024-26805 create mode 100644 active/CVE-2024-26806 create mode 100644 active/CVE-2024-26807 create mode 100644 active/CVE-2024-26808 create mode 100644 active/CVE-2024-26809 diff --git a/active/CVE-2024-26745 b/active/CVE-2024-26745 new file mode 100644 index 00000000..9c04ab73 --- /dev/null +++ b/active/CVE-2024-26745 @@ -0,0 +1,16 @@ +Description: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV +References: +Notes: + carnil> Introduced in b1fc44eaa9ba ("pseries/iommu/ddw: Fix kdump to work in absence of + carnil> ibm,dma-window"). Vulnerable versions: 5.18.18 5.19.2 6.0-rc1. +Bugs: +upstream: released (6.8-rc7) [09a3c1e46142199adcee372a420b024b4fc61051] +6.7-upstream-stable: released (6.7.9) [5da6d306f315344af1ca2eff4bd9b10b130f0c28] +6.6-upstream-stable: released (6.6.21) [d4d1e4b1513d975961de7bb4f75e450a92d65ebf] +6.1-upstream-stable: released (6.1.81) [7eb95e0af5c9c2e6fad50356eaf32d216d0e7bc3] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26746 b/active/CVE-2024-26746 new file mode 100644 index 00000000..4c264661 --- /dev/null +++ b/active/CVE-2024-26746 @@ -0,0 +1,16 @@ +Description: dmaengine: idxd: Ensure safe user copy of completion record +References: +Notes: + carnil> Introduced in c2f156bf168f ("dmaengine: idxd: create kmem cache for event log + carnil> fault items"). Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.8-rc7) [d3ea125df37dc37972d581b74a5d3785c3f283ab] +6.7-upstream-stable: released (6.7.9) [bb71e040323175e18c233a9afef32ba14fa64eb7] +6.6-upstream-stable: released (6.6.21) [5e3022ea42e490a36ec6f2cfa6fc603deb0bace4] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26750 b/active/CVE-2024-26750 new file mode 100644 index 00000000..7f5e15b5 --- /dev/null +++ b/active/CVE-2024-26750 @@ -0,0 +1,16 @@ +Description: af_unix: Drop oob_skb ref before purging queue in GC. +References: +Notes: + carnil> Introduced in 25236c91b5ab ("af_unix: Fix task hung while purging oob_skb in + carnil> GC."). Vulnerable versions: 5.15.149 6.1.81 6.6.21 6.7.9 6.8-rc5. +Bugs: +upstream: released (6.8-rc6) [aa82ac51d63328714645c827775d64dbfd9941f3] +6.7-upstream-stable: released (6.7.9) [43ba9e331559a30000c862eea313248707afa787] +6.6-upstream-stable: released (6.6.21) [e9eac260369d0cf57ea53df95427125725507a0d] +6.1-upstream-stable: released (6.1.81) [c4c795b21dd23d9514ae1c6646c3fb2c78b5be60] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26780 b/active/CVE-2024-26780 new file mode 100644 index 00000000..9b3ee56d --- /dev/null +++ b/active/CVE-2024-26780 @@ -0,0 +1,17 @@ +Description: af_unix: Fix task hung while purging oob_skb in GC. +References: +Notes: + carnil> Introduced in 1279f9d9dec2 ("af_unix: Call kfree_skb() for dead + carnil> unix_(sk)->oob_skb in GC."). Vulnerable versions: 5.15.149 6.1.78 6.6.17 6.7.5 + carnil> 6.8-rc4. +Bugs: +upstream: released (6.8-rc5) [25236c91b5ab4a26a56ba2e79b8060cf4e047839] +6.7-upstream-stable: released (6.7.9) [cb8890318dde26fc89c6ea67d6e9070ab50b6e91] +6.6-upstream-stable: released (6.6.21) [69e0f04460f4037e01e29f0d9675544f62aafca3] +6.1-upstream-stable: released (6.1.81) [2a3d40b4025fcfe51b04924979f1653993b17669] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26781 b/active/CVE-2024-26781 new file mode 100644 index 00000000..ce63e278 --- /dev/null +++ b/active/CVE-2024-26781 @@ -0,0 +1,16 @@ +Description: mptcp: fix possible deadlock in subflow diag +References: +Notes: + carnil> Introduced in b8adb69a7d29 ("mptcp: fix lockless access in subflow ULP diag"). + carnil> Vulnerable versions: 5.10.211 5.15.150 6.1.80 6.6.19 6.7.7 6.8-rc6. +Bugs: +upstream: released (6.8-rc7) [d6a9608af9a75d13243d217f6ce1e30e57d56ffe] +6.7-upstream-stable: released (6.7.9) [d487e7ba1bc7444d5f062c4930ef8436c47c7e63] +6.6-upstream-stable: released (6.6.21) [fa8c776f4c323a9fbc8ddf25edcb962083391430] +6.1-upstream-stable: released (6.1.81) [f27d319df055629480b84b9288a502337b6f2a2e] +5.10-upstream-stable: released (5.10.212) [70e5b013538d5e4cb421afed431a5fcd2a5d49ee] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26782 b/active/CVE-2024-26782 new file mode 100644 index 00000000..d473e3c6 --- /dev/null +++ b/active/CVE-2024-26782 @@ -0,0 +1,16 @@ +Description: mptcp: fix double-free on socket dismantle +References: +Notes: + carnil> Introduced in cf7da0d66cc1 ("mptcp: Create SUBFLOW socket for incoming + carnil> connections"). Vulnerable versions: 5.6-rc1. +Bugs: +upstream: released (6.8-rc7) [10048689def7e40a4405acda16fdc6477d4ecc5c] +6.7-upstream-stable: released (6.7.9) [85933e80d077c9ae2227226beb86c22f464059cc] +6.6-upstream-stable: released (6.6.21) [ce0809ada38dca8d6d41bb57ab40494855c30582] +6.1-upstream-stable: released (6.1.81) [d93fd40c62397326046902a2c5cb75af50882a85] +5.10-upstream-stable: released (5.10.212) [f74362a004225df935863dea6eb7d82daaa5b16e] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26783 b/active/CVE-2024-26783 new file mode 100644 index 00000000..167f1ad7 --- /dev/null +++ b/active/CVE-2024-26783 @@ -0,0 +1,16 @@ +Description: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index +References: +Notes: + carnil> Introduced in c574bbe917036 ("NUMA balancing: optimize page placement for + carnil> memory tiering system"). Vulnerable versions: 5.18-rc1. +Bugs: +upstream: released (6.8-rc7) [2774f256e7c0219e2b0a0894af1c76bdabc4f974] +6.7-upstream-stable: released (6.7.9) [bdd21eed8b72f9e28d6c279f6db258e090c79080] +6.6-upstream-stable: released (6.6.22) [d6159bd4c00594249e305bfe02304c67c506264e] +6.1-upstream-stable: needed +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26784 b/active/CVE-2024-26784 new file mode 100644 index 00000000..c7d9909c --- /dev/null +++ b/active/CVE-2024-26784 @@ -0,0 +1,16 @@ +Description: pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal +References: +Notes: + carnil> Introduced in 2af23ceb8624 ("pmdomain: arm: Add the SCMI performance domain"). + carnil> Vulnerable versions: 6.7-rc1. +Bugs: +upstream: released (6.8-rc7) [eb5555d422d0fc325e1574a7353d3c616f82d8b5] +6.7-upstream-stable: released (6.7.9) [f6aaf131e4d4a9a26040ecc018eb70ab8b3d355d] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26785 b/active/CVE-2024-26785 new file mode 100644 index 00000000..557de918 --- /dev/null +++ b/active/CVE-2024-26785 @@ -0,0 +1,16 @@ +Description: iommufd: Fix protection fault in iommufd_test_syz_conv_iova +References: +Notes: + carnil> Introduced in 9227da7816dd ("iommufd: Add iommufd_access_change_ioas(_id) + carnil> helpers"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8-rc7) [cf7c2789822db8b5efa34f5ebcf1621bc0008d48] +6.7-upstream-stable: released (6.7.9) [fc719ecbca45c9c046640d72baddba3d83e0bc0b] +6.6-upstream-stable: needed +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26786 b/active/CVE-2024-26786 new file mode 100644 index 00000000..150270ce --- /dev/null +++ b/active/CVE-2024-26786 @@ -0,0 +1,16 @@ +Description: iommufd: Fix iopt_access_list_id overwrite bug +References: +Notes: + carnil> Introduced in 9227da7816dd ("iommufd: Add iommufd_access_change_ioas(_id) + carnil> helpers"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8-rc7) [aeb004c0cd6958e910123a1607634401009c9539] +6.7-upstream-stable: released (6.7.9) [9526a46cc0c378d381560279bea9aa34c84298a0] +6.6-upstream-stable: released (6.6.21) [f1fb745ee0a6fe43f1d84ec369c7e6af2310fda9] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26787 b/active/CVE-2024-26787 new file mode 100644 index 00000000..a5079b74 --- /dev/null +++ b/active/CVE-2024-26787 @@ -0,0 +1,16 @@ +Description: mmc: mmci: stm32: fix DMA API overlapping mappings warning +References: +Notes: + carnil> Introduced in 46b723dd867d ("mmc: mmci: add stm32 sdmmc variant"). Vulnerable + carnil> versions: 4.20-rc1. +Bugs: +upstream: released (6.8-rc7) [6b1ba3f9040be5efc4396d86c9752cdc564730be] +6.7-upstream-stable: released (6.7.9) [d610a307225951929b9dff807788439454476f85] +6.6-upstream-stable: released (6.6.21) [176e66269f0de327375fc0ea51c12c2f5a97e4c4] +6.1-upstream-stable: released (6.1.81) [70af82bb9c897faa25a44e4181f36c60312b71ef] +5.10-upstream-stable: released (5.10.213) [0224cbc53ba82b84affa7619b6d1b1a254bc2c53] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26788 b/active/CVE-2024-26788 new file mode 100644 index 00000000..737a0fe0 --- /dev/null +++ b/active/CVE-2024-26788 @@ -0,0 +1,16 @@ +Description: dmaengine: fsl-qdma: init irq after reg initialization +References: +Notes: + carnil> Introduced in b092529e0aa0 ("dmaengine: fsl-qdma: Add qDMA controller driver + carnil> for Layerscape SoCs"). Vulnerable versions: 5.1-rc1. +Bugs: +upstream: released (6.8-rc7) [87a39071e0b639f45e05d296cc0538eef44ec0bd] +6.7-upstream-stable: released (6.7.9) [677102a930643c31f1b4c512b041407058bdfef8] +6.6-upstream-stable: released (6.6.21) [a69c8bbb946936ac4eb6a6ae1e849435aa8d947d] +6.1-upstream-stable: released (6.1.81) [474d521da890b3e3585335fb80a6044cb2553d99] +5.10-upstream-stable: released (5.10.212) [9579a21e99fe8dab22a253050ddff28d340d74e1] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26789 b/active/CVE-2024-26789 new file mode 100644 index 00000000..d531f191 --- /dev/null +++ b/active/CVE-2024-26789 @@ -0,0 +1,16 @@ +Description: crypto: arm64/neonbs - fix out-of-bounds access on short input +References: +Notes: + carnil> Introduced in fc074e130051 ("crypto: arm64/aes-neonbs-ctr - fallback to plain + carnil> NEON for final chunk"). Vulnerable versions: 5.18-rc1. +Bugs: +upstream: released (6.8-rc7) [1c0cf6d19690141002889d72622b90fc01562ce4] +6.7-upstream-stable: released (6.7.9) [9e8ecd4908b53941ab6f0f51584ab80c6c6606c4] +6.6-upstream-stable: released (6.6.21) [1291d278b5574819a7266568ce4c28bce9438705] +6.1-upstream-stable: released (6.1.81) [034e2d70b5c7f578200ad09955aeb2aa65d1164a] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26790 b/active/CVE-2024-26790 new file mode 100644 index 00000000..9a644bdf --- /dev/null +++ b/active/CVE-2024-26790 @@ -0,0 +1,16 @@ +Description: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read +References: +Notes: + carnil> Introduced in b092529e0aa0 ("dmaengine: fsl-qdma: Add qDMA controller driver + carnil> for Layerscape SoCs"). Vulnerable versions: 5.1-rc1. +Bugs: +upstream: released (6.8-rc7) [9d739bccf261dd93ec1babf82f5c5d71dd4caa3e] +6.7-upstream-stable: released (6.7.9) [ad2f8920c314e0a2d9e984fc94b729eca3cda471] +6.6-upstream-stable: released (6.6.21) [5b696e9c388251f1c7373be92293769a489fd367] +6.1-upstream-stable: released (6.1.81) [237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa] +5.10-upstream-stable: released (5.10.212) [bb3a06e9b9a30e33d96aadc0e077be095a4f8580] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26791 b/active/CVE-2024-26791 new file mode 100644 index 00000000..703966b7 --- /dev/null +++ b/active/CVE-2024-26791 @@ -0,0 +1,15 @@ +Description: btrfs: dev-replace: properly validate device names +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc7) [9845664b9ee47ce7ee7ea93caf47d39a9d4552c4] +6.7-upstream-stable: released (6.7.9) [343eecb4ff49a7b1cc1dfe86958a805cf2341cfb] +6.6-upstream-stable: released (6.6.21) [b1690ced4d2d8b28868811fb81cd33eee5aefee1] +6.1-upstream-stable: released (6.1.81) [f590040ce2b712177306b03c2a63b16f7d48d3c8] +5.10-upstream-stable: released (5.10.212) [2886fe308a83968dde252302884a1e63351cf16d] +4.19-upstream-stable: released (4.19.309) [11d7a2e429c02d51e2dc90713823ea8b8d3d3a84] +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26792 b/active/CVE-2024-26792 new file mode 100644 index 00000000..e2207df2 --- /dev/null +++ b/active/CVE-2024-26792 @@ -0,0 +1,17 @@ +Description: btrfs: fix double free of anonymous device after snapshot creation failure +References: +Notes: + carnil> Introduced in e03ee2fe873e ("btrfs: do not ASSERT() if the newly created + carnil> subvolume already got read"). Vulnerable versions: 5.10.210 5.15.149 6.1.79 + carnil> 6.6.18 6.7.6 6.8-rc4. +Bugs: +upstream: released (6.8-rc7) [e2b54eaf28df0c978626c9736b94f003b523b451] +6.7-upstream-stable: released (6.7.9) [c8ab7521665bd0f8bc4a900244d1d5a7095cc3b9] +6.6-upstream-stable: released (6.6.21) [eb3441093aad251418921246fc3b224fd1575701] +6.1-upstream-stable: released (6.1.81) [c34adc20b91a8e55e048b18d63f4f4ae003ecf8f] +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26793 b/active/CVE-2024-26793 new file mode 100644 index 00000000..8b63ba8f --- /dev/null +++ b/active/CVE-2024-26793 @@ -0,0 +1,16 @@ +Description: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() +References: +Notes: + carnil> Introduced in 459aa660eb1d ("gtp: add initial driver for datapath of GPRS + carnil> Tunneling Protocol (GTP-U)"). Vulnerable versions: 4.7-rc1. +Bugs: +upstream: released (6.8-rc7) [616d82c3cfa2a2146dd7e3ae47bda7e877ee549e] +6.7-upstream-stable: released (6.7.9) [5366969a19a8a0d2ffb3d27ef6e8905e5e4216f8] +6.6-upstream-stable: released (6.6.21) [93dd420bc41531c9a31498b9538ca83ba6ec191e] +6.1-upstream-stable: released (6.1.81) [abd32d7f5c0294c1b2454c5a3b13b18446bac627] +5.10-upstream-stable: released (5.10.212) [e668b92a3a01429923fd5ca13e99642aab47de69] +4.19-upstream-stable: released (4.19.309) [01129059d5141d62fae692f7a336ae3bc712d3eb] +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26794 b/active/CVE-2024-26794 new file mode 100644 index 00000000..102aa26f --- /dev/null +++ b/active/CVE-2024-26794 @@ -0,0 +1,16 @@ +Description: btrfs: fix race between ordered extent completion and fiemap +References: +Notes: + carnil> Introduced in b0ad381fa769 ("btrfs: fix deadlock with fiemap and extent + carnil> locking"). Vulnerable versions: 6.6.24 6.7.12 6.8-rc6. +Bugs: +upstream: released (6.8-rc7) [a1a4a9ca77f143c00fce69c1239887ff8b813bec] +6.7-upstream-stable: released (6.7.9) [31d07a757c6d3430e03cc22799921569999b9a12] +6.6-upstream-stable: released (6.6.21) [d43f8e58f10a44df8c08e7f7076f3288352cd168] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26795 b/active/CVE-2024-26795 new file mode 100644 index 00000000..fb2efecf --- /dev/null +++ b/active/CVE-2024-26795 @@ -0,0 +1,16 @@ +Description: riscv: Sparse-Memory/vmemmap out-of-bounds fix +References: +Notes: + carnil> Introduced in d95f1a542c3d ("RISC-V: Implement sparsemem"). Vulnerable + carnil> versions: 5.4-rc1. +Bugs: +upstream: released (6.8-rc7) [a11dd49dcb9376776193e15641f84fcc1e5980c9] +6.7-upstream-stable: released (6.7.9) [2a1728c15ec4f45ed9248ae22f626541c179bfbe] +6.6-upstream-stable: released (6.6.21) [a278d5c60f21aa15d540abb2f2da6e6d795c3e6e] +6.1-upstream-stable: released (6.1.81) [8310080799b40fd9f2a8b808c657269678c149af] +5.10-upstream-stable: released (5.10.212) [8af1c121b0102041809bc137ec600d1865eaeedd] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26796 b/active/CVE-2024-26796 new file mode 100644 index 00000000..ed7b29aa --- /dev/null +++ b/active/CVE-2024-26796 @@ -0,0 +1,16 @@ +Description: drivers: perf: ctr_get_width function for legacy is not defined +References: +Notes: + carnil> Introduced in cc4c07c89aad ("drivers: perf: Implement perf event mmap support + carnil> in the SBI backend"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8-rc7) [682dc133f83e0194796e6ea72eb642df1c03dfbe] +6.7-upstream-stable: released (6.7.9) [e4f50e85de5a6b21dfdc0d7ca435eba4f62935c3] +6.6-upstream-stable: released (6.6.21) [e0d17ee872cf8d0f51cc561329b8e1a0aa792bbb] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26797 b/active/CVE-2024-26797 new file mode 100644 index 00000000..fedc128c --- /dev/null +++ b/active/CVE-2024-26797 @@ -0,0 +1,16 @@ +Description: drm/amd/display: Prevent potential buffer overflow in map_hw_resources +References: +Notes: + carnil> Introduced in 7966f319c66d ("drm/amd/display: Introduce DML2"). Vulnerable + carnil> versions: 6.7-rc1. +Bugs: +upstream: released (6.8-rc7) [0f8ca019544a252d1afb468ce840c6dcbac73af4] +6.7-upstream-stable: released (6.7.9) [50a6302cf881f67f1410461a68fe9eabd00ff31d] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26798 b/active/CVE-2024-26798 new file mode 100644 index 00000000..4adf0f35 --- /dev/null +++ b/active/CVE-2024-26798 @@ -0,0 +1,16 @@ +Description: fbcon: always restore the old font data in fbcon_do_set_font() +References: +Notes: + carnil> Introduced in a5a923038d70 ("fbdev: fbcon: Properly revert changes when + carnil> vc_resize() failed"). Vulnerable versions: 5.15.64 5.19.6 6.0-rc3. +Bugs: +upstream: released (6.8-rc7) [00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f] +6.7-upstream-stable: released (6.7.9) [a2c881413dcc5d801bdc9535e51270cc88cb9cd8] +6.6-upstream-stable: released (6.6.21) [73a6bd68a1342f3a44cac9dffad81ad6a003e520] +6.1-upstream-stable: released (6.1.81) [2f91a96b892fab2f2543b4a55740c5bee36b1a6b] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26799 b/active/CVE-2024-26799 new file mode 100644 index 00000000..68b236fb --- /dev/null +++ b/active/CVE-2024-26799 @@ -0,0 +1,16 @@ +Description: ASoC: qcom: Fix uninitialized pointer dmactl +References: +Notes: + carnil> Introduced in b81af585ea54 ("ASoC: qcom: Add lpass CPU driver for codec dma + carnil> control"). Vulnerable versions: 5.18-rc1. +Bugs: +upstream: released (6.8-rc7) [1382d8b55129875b2e07c4d2a7ebc790183769ee] +6.7-upstream-stable: released (6.7.9) [d5a7726e6ea62d447b79ab5baeb537ea6bdb225b] +6.6-upstream-stable: released (6.6.21) [99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf] +6.1-upstream-stable: needed +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26800 b/active/CVE-2024-26800 new file mode 100644 index 00000000..369381bc --- /dev/null +++ b/active/CVE-2024-26800 @@ -0,0 +1,16 @@ +Description: tls: fix use-after-free on failed backlog decryption +References: +Notes: + carnil> Introduced in 859054147318 ("net: tls: handle backlogging of crypto requests"). + carnil> Vulnerable versions: 6.1.84 6.6.18 6.7.6 6.8-rc5. +Bugs: +upstream: released (6.8-rc7) [13114dc5543069f7b97991e3b79937b6da05f5b0] +6.7-upstream-stable: released (6.7.9) [1ac9fb84bc7ecd4bc6428118301d9d864d2a58d1] +6.6-upstream-stable: released (6.6.21) [81be85353b0f5a7b660635634b655329b429eefe] +6.1-upstream-stable: released (6.1.84) [f2b85a4cc763841843de693bbd7308fe9a2c4c89] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26801 b/active/CVE-2024-26801 new file mode 100644 index 00000000..e16f9310 --- /dev/null +++ b/active/CVE-2024-26801 @@ -0,0 +1,16 @@ +Description: Bluetooth: Avoid potential use-after-free in hci_error_reset +References: +Notes: + carnil> Introduced in c7741d16a57c ("Bluetooth: Perform a power cycle when receiving + carnil> hardware error event"). Vulnerable versions: 4.0-rc1. +Bugs: +upstream: released (6.8-rc7) [2449007d3f73b2842c9734f45f0aadb522daf592] +6.7-upstream-stable: released (6.7.9) [dd594cdc24f2e48dab441732e6dfcafd6b0711d1] +6.6-upstream-stable: released (6.6.21) [2ab9a19d896f5a0dd386e1f001c5309bc35f433b] +6.1-upstream-stable: released (6.1.81) [45085686b9559bfbe3a4f41d3d695a520668f5e1] +5.10-upstream-stable: released (5.10.212) [6dd0a9dfa99f8990a08eb8fdd8e79bee31c7d8e2] +4.19-upstream-stable: released (4.19.309) [e0b278650f07acf2e0932149183458468a731c03] +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26802 b/active/CVE-2024-26802 new file mode 100644 index 00000000..e7a65538 --- /dev/null +++ b/active/CVE-2024-26802 @@ -0,0 +1,16 @@ +Description: stmmac: Clear variable when destroying workqueue +References: +Notes: + carnil> Introduced in 5a5586112b929 ("net: stmmac: support FPE link partner + carnil> hand-shaking procedure"). Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (6.8-rc7) [8af411bbba1f457c33734795f024d0ef26d0963f] +6.7-upstream-stable: released (6.7.9) [f72cf22dccc94038cbbaa1029cb575bf52e5cbc8] +6.6-upstream-stable: released (6.6.21) [699b103e48ce32d03fc86c35b37ee8ae4288c7e3] +6.1-upstream-stable: released (6.1.81) [17ccd9798fe0beda3db212cfa3ebe373f605cbd6] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26803 b/active/CVE-2024-26803 new file mode 100644 index 00000000..4812479a --- /dev/null +++ b/active/CVE-2024-26803 @@ -0,0 +1,16 @@ +Description: net: veth: clear GRO when clearing XDP even when down +References: +Notes: + carnil> Introduced in d3256efd8e8b ("veth: allow enabling NAPI even without XDP"). + carnil> Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (6.8-rc7) [fe9f801355f0b47668419f30f1fac1cf4539e736] +6.7-upstream-stable: released (6.7.9) [8f7a3894e58e6f5d5815533cfde60e3838947941] +6.6-upstream-stable: released (6.6.21) [16edf51f33f52dff70ed455bc40a6cc443c04664] +6.1-upstream-stable: released (6.1.81) [7985d73961bbb4e726c1be7b9cd26becc7be8325] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26804 b/active/CVE-2024-26804 new file mode 100644 index 00000000..dde28e40 --- /dev/null +++ b/active/CVE-2024-26804 @@ -0,0 +1,16 @@ +Description: net: ip_tunnel: prevent perpetual headroom growth +References: +Notes: + carnil> Introduced in 243aad830e8a ("ip_gre: include route header_len in max_headroom + carnil> calculation"). Vulnerable versions: 2.6.33.2 2.6.34-rc3. +Bugs: +upstream: released (6.8-rc7) [5ae1e9922bbdbaeb9cfbe91085ab75927488ac0f] +6.7-upstream-stable: released (6.7.9) [049d7989c67e8dd50f07a2096dbafdb41331fb9b] +6.6-upstream-stable: released (6.6.21) [a0a1db40b23e8ff86dea2786c5ea1470bb23ecb9] +6.1-upstream-stable: released (6.1.81) [ab63de24ebea36fe73ac7121738595d704b66d96] +5.10-upstream-stable: released (5.10.212) [2e95350fe9db9d53c701075060ac8ac883b68aee] +4.19-upstream-stable: needed +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26805 b/active/CVE-2024-26805 new file mode 100644 index 00000000..27dbb9d0 --- /dev/null +++ b/active/CVE-2024-26805 @@ -0,0 +1,17 @@ +Description: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter +References: +Notes: + carnil> Introduced in 1853c9496460 ("netlink, mmap: transform mmap skb into full skb on + carnil> taps"). Vulnerable versions: 3.12.49 3.14.54 3.16.35 3.18.23 4.1.10 4.2.3 + carnil> 4.3-rc3. +Bugs: +upstream: released (6.8-rc7) [661779e1fcafe1b74b3f3fe8e980c1e207fea1fd] +6.7-upstream-stable: released (6.7.9) [59fc3e3d049e39e7d0d271f20dd5fb47c57faf1d] +6.6-upstream-stable: released (6.6.21) [d3ada42e534a83b618bbc1e490d23bf0fdae4736] +6.1-upstream-stable: released (6.1.81) [0b27bf4c494d61e5663baa34c3edd7ccebf0ea44] +5.10-upstream-stable: released (5.10.212) [f19d1f98e60e68b11fc60839105dd02a30ec0d77] +4.19-upstream-stable: released (4.19.309) [ec343a55b687a452f5e87f3b52bf9f155864df65] +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26806 b/active/CVE-2024-26806 new file mode 100644 index 00000000..dcc826f3 --- /dev/null +++ b/active/CVE-2024-26806 @@ -0,0 +1,16 @@ +Description: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks +References: +Notes: + carnil> Introduced in 0578a6dbfe75 ("spi: spi-cadence-quadspi: add runtime pm + carnil> support"). Vulnerable versions: 6.7-rc1. +Bugs: +upstream: released (6.8-rc7) [959043afe53ae80633e810416cee6076da6e91c6] +6.7-upstream-stable: released (6.7.9) [041562ebc4759c9932b59a06527f8753b86da365] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.9-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26807 b/active/CVE-2024-26807 new file mode 100644 index 00000000..40217ce8 --- /dev/null +++ b/active/CVE-2024-26807 @@ -0,0 +1,17 @@ +Description: spi: cadence-qspi: fix pointer reference in runtime PM hooks +References: +Notes: + carnil> Introduced in 2087e85bb66e ("spi: cadence-quadspi: fix suspend-resume + carnil> implementations"). Vulnerable versions: 4.19.283 5.4.243 5.10.180 5.15.111 + carnil> 6.1.28 6.2.15 6.3.2 6.4-rc1. +Bugs: +upstream: released (6.8-rc7) [32ce3bb57b6b402de2aec1012511e7ac4e7449dc] +6.7-upstream-stable: released (6.7.9) [34e1d5c4407c78de0e3473e1fbf8fb74dbe66d03] +6.6-upstream-stable: released (6.6.21) [03f1573c9587029730ca68503f5062105b122f61] +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.9-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26808 b/active/CVE-2024-26808 new file mode 100644 index 00000000..ea6b521a --- /dev/null +++ b/active/CVE-2024-26808 @@ -0,0 +1,16 @@ +Description: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain +References: +Notes: + carnil> Introduced in 60a3815da702 ("netfilter: add inet ingress support"). Vulnerable + carnil> versions: 5.10-rc1. +Bugs: +upstream: released (6.8-rc2) [01acb2e8666a6529697141a6017edbf206921913] +6.7-upstream-stable: released (6.7.3) [36a0a80f32209238469deb481967d777a3d539ee] +6.6-upstream-stable: released (6.6.15) [e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4] +6.1-upstream-stable: released (6.1.76) [af149a46890e8285d1618bd68b8d159bdb87fdb3] +5.10-upstream-stable: released (5.10.210) [9489e214ea8f2a90345516016aa51f2db3a8cc2f] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26809 b/active/CVE-2024-26809 new file mode 100644 index 00000000..dabd9e55 --- /dev/null +++ b/active/CVE-2024-26809 @@ -0,0 +1,16 @@ +Description: netfilter: nft_set_pipapo: release elements in clone only from destroy path +References: +Notes: + carnil> Introduced in 9827a0e6e23b ("netfilter: nft_set_pipapo: release elements in + carnil> clone from abort path"). Vulnerable versions: 5.10.130 5.15.54 5.18.11 5.19-rc6. +Bugs: +upstream: released (6.9-rc1) [b0e256f3dd2ba6532f37c5c22e07cb07a36031ee] +6.7-upstream-stable: released (6.7.11) [821e28d5b506e6a73ccc367ff792bd894050d48b] +6.6-upstream-stable: released (6.6.23) [ff90050771412b91e928093ccd8736ae680063c2] +6.1-upstream-stable: released (6.1.83) [5ad233dc731ab64cdc47b84a5c1f78fff6c024af] +5.10-upstream-stable: released (5.10.214) [b36b83297ff4910dfc8705402c8abffd4bbf8144] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" -- cgit v1.2.3