From 623c2faad48f2c726ae18f36db2f1a6b168cc5f0 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 6 Mar 2024 08:21:11 +0100 Subject: Add new batch of CVEs --- active/CVE-2023-52583 | 15 +++++++++++++++ active/CVE-2023-52584 | 15 +++++++++++++++ active/CVE-2023-52585 | 15 +++++++++++++++ active/CVE-2023-52586 | 15 +++++++++++++++ active/CVE-2023-52587 | 15 +++++++++++++++ active/CVE-2023-52588 | 15 +++++++++++++++ active/CVE-2023-52589 | 15 +++++++++++++++ active/CVE-2023-52590 | 15 +++++++++++++++ active/CVE-2023-52591 | 15 +++++++++++++++ active/CVE-2023-52592 | 15 +++++++++++++++ active/CVE-2023-52593 | 15 +++++++++++++++ active/CVE-2023-52594 | 15 +++++++++++++++ active/CVE-2023-52595 | 15 +++++++++++++++ active/CVE-2023-52596 | 15 +++++++++++++++ active/CVE-2023-52597 | 15 +++++++++++++++ active/CVE-2023-52598 | 15 +++++++++++++++ active/CVE-2023-52599 | 15 +++++++++++++++ active/CVE-2023-52600 | 15 +++++++++++++++ active/CVE-2023-52601 | 15 +++++++++++++++ active/CVE-2023-52602 | 15 +++++++++++++++ active/CVE-2023-52603 | 15 +++++++++++++++ active/CVE-2023-52604 | 15 +++++++++++++++ active/CVE-2023-52605 | 15 +++++++++++++++ active/CVE-2023-52606 | 15 +++++++++++++++ active/CVE-2023-52607 | 15 +++++++++++++++ active/CVE-2024-26623 | 16 ++++++++++++++++ active/CVE-2024-26624 | 16 ++++++++++++++++ active/CVE-2024-26625 | 16 ++++++++++++++++ active/CVE-2024-26626 | 16 ++++++++++++++++ active/CVE-2024-26627 | 16 ++++++++++++++++ active/CVE-2024-26628 | 15 +++++++++++++++ 31 files changed, 470 insertions(+) create mode 100644 active/CVE-2023-52583 create mode 100644 active/CVE-2023-52584 create mode 100644 active/CVE-2023-52585 create mode 100644 active/CVE-2023-52586 create mode 100644 active/CVE-2023-52587 create mode 100644 active/CVE-2023-52588 create mode 100644 active/CVE-2023-52589 create mode 100644 active/CVE-2023-52590 create mode 100644 active/CVE-2023-52591 create mode 100644 active/CVE-2023-52592 create mode 100644 active/CVE-2023-52593 create mode 100644 active/CVE-2023-52594 create mode 100644 active/CVE-2023-52595 create mode 100644 active/CVE-2023-52596 create mode 100644 active/CVE-2023-52597 create mode 100644 active/CVE-2023-52598 create mode 100644 active/CVE-2023-52599 create mode 100644 active/CVE-2023-52600 create mode 100644 active/CVE-2023-52601 create mode 100644 active/CVE-2023-52602 create mode 100644 active/CVE-2023-52603 create mode 100644 active/CVE-2023-52604 create mode 100644 active/CVE-2023-52605 create mode 100644 active/CVE-2023-52606 create mode 100644 active/CVE-2023-52607 create mode 100644 active/CVE-2024-26623 create mode 100644 active/CVE-2024-26624 create mode 100644 active/CVE-2024-26625 create mode 100644 active/CVE-2024-26626 create mode 100644 active/CVE-2024-26627 create mode 100644 active/CVE-2024-26628 diff --git a/active/CVE-2023-52583 b/active/CVE-2023-52583 new file mode 100644 index 00000000..3e5ee8fd --- /dev/null +++ b/active/CVE-2023-52583 @@ -0,0 +1,15 @@ +Description: ceph: fix deadlock or deadcode of misusing dget() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [b493ad718b1f0357394d2cdecbf00a44a36fa085] +6.7-upstream-stable: released (6.7.4) [76cb2aa3421fee4fde706dec41b1344bc0a9ad67] +6.6-upstream-stable: released (6.6.16) [196b87e5c00ce021e164a5de0f0d04f4116a9160] +6.1-upstream-stable: released (6.1.77) [7f2649c94264d00df6b6ac27161e9f4372a3450e] +5.10-upstream-stable: released (5.10.210) [e016e358461b89b231626fcf78c5c38e35c44fd3] +4.19-upstream-stable: released (4.19.307) [eb55ba8aa7fb7aad54f40fbf4d8dcdfdba0bebf6] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52584 b/active/CVE-2023-52584 new file mode 100644 index 00000000..c3303f33 --- /dev/null +++ b/active/CVE-2023-52584 @@ -0,0 +1,15 @@ +Description: spmi: mediatek: Fix UAF on device remove +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [e821d50ab5b956ed0effa49faaf29912fd4106d9] +6.7-upstream-stable: released (6.7.4) [9a3881b1f07db1bb55cb0108e6f05cfd027eaf2e] +6.6-upstream-stable: released (6.6.16) [f8dcafcb54632536684336161da8bdd52120f95e] +6.1-upstream-stable: released (6.1.77) [521f28eedd6b14228c46e3b81e3bf9b90c2818d8] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52585 b/active/CVE-2023-52585 new file mode 100644 index 00000000..18545382 --- /dev/null +++ b/active/CVE-2023-52585 @@ -0,0 +1,15 @@ +Description: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [b8d55a90fd55b767c25687747e2b24abd1ef8680] +6.7-upstream-stable: released (6.7.4) [195a6289282e039024ad30ba66e6f94a4d0fbe49] +6.6-upstream-stable: needed +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52586 b/active/CVE-2023-52586 new file mode 100644 index 00000000..bc9ee5c9 --- /dev/null +++ b/active/CVE-2023-52586 @@ -0,0 +1,15 @@ +Description: drm/msm/dpu: Add mutex lock in control vblank irq +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [45284ff733e4caf6c118aae5131eb7e7cf3eea5a] +6.7-upstream-stable: released (6.7.4) [14f109bf74dd67e1d0469fed859c8e506b0df53f] +6.6-upstream-stable: needed +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52587 b/active/CVE-2023-52587 new file mode 100644 index 00000000..145d8189 --- /dev/null +++ b/active/CVE-2023-52587 @@ -0,0 +1,15 @@ +Description: IB/ipoib: Fix mcast list locking +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [4f973e211b3b1c6d36f7c6a19239d258856749f9] +6.7-upstream-stable: released (6.7.4) [7c7bd4d561e9dc6f5b7df9e184974915f6701a89] +6.6-upstream-stable: released (6.6.16) [342258fb46d66c1b4c7e2c3717ac01e10c03cf18] +6.1-upstream-stable: released (6.1.77) [5108a2dc2db5630fb6cd58b8be80a0c134bc310a] +5.10-upstream-stable: released (5.10.210) [ac2630fd3c90ffec34a0bfc4d413668538b0e8f2] +4.19-upstream-stable: released (4.19.307) [4c8922ae8eb8dcc1e4b7d1059d97a8334288d825] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52588 b/active/CVE-2023-52588 new file mode 100644 index 00000000..6cd25994 --- /dev/null +++ b/active/CVE-2023-52588 @@ -0,0 +1,15 @@ +Description: f2fs: fix to tag gcing flag on page during block migration +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [4961acdd65c956e97c1a000c82d91a8c1cdbe44b] +6.7-upstream-stable: released (6.7.4) [b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3] +6.6-upstream-stable: released (6.6.16) [417b8a91f4e8831cadaf85c3f15c6991c1f54dde] +6.1-upstream-stable: released (6.1.77) [7c972c89457511007dfc933814c06786905e515c] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52589 b/active/CVE-2023-52589 new file mode 100644 index 00000000..2a0487bc --- /dev/null +++ b/active/CVE-2023-52589 @@ -0,0 +1,15 @@ +Description: media: rkisp1: Fix IRQ disable race issue +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [870565f063a58576e8a4529f122cac4325c6b395] +6.7-upstream-stable: released (6.7.4) [7bb1a2822aa2c2de4e09bf7c56dd93bd532f1fa7] +6.6-upstream-stable: released (6.6.16) [fab483438342984f2a315fe13c882a80f0f7e545] +6.1-upstream-stable: released (6.1.77) [bf808f58681cab64c81cd814551814fd34e540fe] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52590 b/active/CVE-2023-52590 new file mode 100644 index 00000000..70f42503 --- /dev/null +++ b/active/CVE-2023-52590 @@ -0,0 +1,15 @@ +Description: ocfs2: Avoid touching renamed directory if parent does not change +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [9d618d19b29c2943527e3a43da0a35aea91062fc] +6.7-upstream-stable: released (6.7.4) [de940cede3c41624e2de27f805b490999f419df9] +6.6-upstream-stable: needed +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52591 b/active/CVE-2023-52591 new file mode 100644 index 00000000..e64774f9 --- /dev/null +++ b/active/CVE-2023-52591 @@ -0,0 +1,15 @@ +Description: reiserfs: Avoid touching renamed directory if parent does not change +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [49db9b1b86a82448dfaf3fcfefcf678dee56c8ed] +6.7-upstream-stable: released (6.7.4) [c04c162f82ac403917780eb6d1654694455d4e7c] +6.6-upstream-stable: released (6.6.16) [17e1361cb91dc1325834da95d2ab532959d2debc] +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52592 b/active/CVE-2023-52592 new file mode 100644 index 00000000..844dc542 --- /dev/null +++ b/active/CVE-2023-52592 @@ -0,0 +1,15 @@ +Description: libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [fc3a5534e2a8855427403113cbeb54af5837bbe0] +6.7-upstream-stable: released (6.7.4) [ab26541270c722eedf8eefd62797c3ce3d18a91b] +6.6-upstream-stable: released (6.6.16) [5f3e436832e86b826a6450eb8d1aaa51205a758e] +6.1-upstream-stable: released (6.1.77) [12473265f50c1e27b0dfd9735738ac418c4bfcce] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52593 b/active/CVE-2023-52593 new file mode 100644 index 00000000..35996b7e --- /dev/null +++ b/active/CVE-2023-52593 @@ -0,0 +1,15 @@ +Description: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [fe0a7776d4d19e613bb8dd80fe2d78ae49e8b49d] +6.7-upstream-stable: released (6.7.4) [3739121443f5114c6bcf6d841a5124deb006b878] +6.6-upstream-stable: released (6.6.16) [9ab224744a47363f74ea29c6894c405e3bcf5132] +6.1-upstream-stable: released (6.1.77) [574dcd3126aa2eed75437137843f254b1190dd03] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52594 b/active/CVE-2023-52594 new file mode 100644 index 00000000..12a57fd0 --- /dev/null +++ b/active/CVE-2023-52594 @@ -0,0 +1,15 @@ +Description: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [2adc886244dff60f948497b59affb6c6ebb3c348] +6.7-upstream-stable: released (6.7.4) [be609c7002dd4504b15b069cb7582f4c778548d1] +6.6-upstream-stable: released (6.6.16) [e4f4bac7d3b64eb75f70cd3345712de6f68a215d] +6.1-upstream-stable: released (6.1.77) [25c6f49ef59b7a9b80a3f7ab9e95268a1b01a234] +5.10-upstream-stable: released (5.10.210) [84770a996ad8d7f121ff2fb5a8d149aad52d64c1] +4.19-upstream-stable: released (4.19.307) [f44f073c78112ff921a220d01b86d09f2ace59bc] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52595 b/active/CVE-2023-52595 new file mode 100644 index 00000000..d65b9e5a --- /dev/null +++ b/active/CVE-2023-52595 @@ -0,0 +1,15 @@ +Description: wifi: rt2x00: restart beacon queue when hardware reset +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [a11d965a218f0cd95b13fe44d0bcd8a20ce134a8] +6.7-upstream-stable: released (6.7.4) [fdb580ed05df8973aa5149cafa598c64bebcd0cb] +6.6-upstream-stable: released (6.6.16) [04cfe4a5da57ab9358cdfadea22bcb37324aaf83] +6.1-upstream-stable: released (6.1.77) [739b3ccd9486dff04af95f9a890846d088a84957] +5.10-upstream-stable: released (5.10.210) [69e905beca193125820c201ab3db4fb0e245124e] +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52596 b/active/CVE-2023-52596 new file mode 100644 index 00000000..9c8607fd --- /dev/null +++ b/active/CVE-2023-52596 @@ -0,0 +1,15 @@ +Description: sysctl: Fix out of bounds access for empty sysctl registers +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [315552310c7de92baea4e570967066569937a843] +6.7-upstream-stable: released (6.7.4) [2ae7081bc10123b187e36a4f3a8e53768de31489] +6.6-upstream-stable: released (6.6.16) [15893975e9e382f8294ea8d926f08dc2d8d39ede] +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52597 b/active/CVE-2023-52597 new file mode 100644 index 00000000..5d637ecf --- /dev/null +++ b/active/CVE-2023-52597 @@ -0,0 +1,15 @@ +Description: KVM: s390: fix setting of fpc register +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [b988b1bb0053c0dcd26187d29ef07566a565cf55] +6.7-upstream-stable: released (6.7.4) [2823db0010c400e4b2b12d02aa5d0d3ecb15d7c7] +6.6-upstream-stable: released (6.6.16) [c87d7d910775a025e230fd6359b60627e392460f] +6.1-upstream-stable: released (6.1.77) [0671f42a9c1084db10d68ac347d08dbf6689ecb3] +5.10-upstream-stable: released (5.10.210) [150a3a3871490e8c454ffbac2e60abeafcecff99] +4.19-upstream-stable: released (4.19.307) [3a04410b0bc7e056e0843ac598825dd359246d18] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52598 b/active/CVE-2023-52598 new file mode 100644 index 00000000..96ca92b4 --- /dev/null +++ b/active/CVE-2023-52598 @@ -0,0 +1,15 @@ +Description: s390/ptrace: handle setting of fpc register correctly +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [8b13601d19c541158a6e18b278c00ba69ae37829] +6.7-upstream-stable: released (6.7.4) [bdce67df7f12fb0409fbc604ce7c4254703f56d4] +6.6-upstream-stable: released (6.6.16) [02c6bbfb08bad78dd014e24c7b893723c15ec7a1] +6.1-upstream-stable: released (6.1.77) [7a4d6481fbdd661f9e40e95febb95e3dee82bad3] +5.10-upstream-stable: released (5.10.210) [856caf2730ea18cb39e95833719c02a02447dc0a] +4.19-upstream-stable: released (4.19.307) [6ccf904aac0292e1f6b1a1be6c407c414f7cf713] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52599 b/active/CVE-2023-52599 new file mode 100644 index 00000000..1914b52e --- /dev/null +++ b/active/CVE-2023-52599 @@ -0,0 +1,15 @@ +Description: jfs: fix array-index-out-of-bounds in diNewExt +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [49f9637aafa6e63ba686c13cb8549bf5e6920402] +6.7-upstream-stable: released (6.7.4) [5a6660139195f5e2fbbda459eeecb8788f3885fe] +6.6-upstream-stable: released (6.6.16) [6996d43b14486f4a6655b10edc541ada1b580b4b] +6.1-upstream-stable: released (6.1.77) [3537f92cd22c672db97fae6997481e678ad14641] +5.10-upstream-stable: released (5.10.210) [e2b77d107b33bb31c8b1f5c4cb8f277b23728f1e] +4.19-upstream-stable: released (4.19.307) [f423528488e4f9606cef858eceea210bf1163f41] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52600 b/active/CVE-2023-52600 new file mode 100644 index 00000000..4ce6358f --- /dev/null +++ b/active/CVE-2023-52600 @@ -0,0 +1,15 @@ +Description: jfs: fix uaf in jfs_evict_inode +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [e0e1958f4c365e380b17ccb35617345b31ef7bf3] +6.7-upstream-stable: released (6.7.4) [bacdaa04251382d7efd4f09f9a0686bfcc297e2e] +6.6-upstream-stable: released (6.6.16) [1696d6d7d4a1b373e96428d0fe1166bd7c3c795e] +6.1-upstream-stable: released (6.1.77) [32e8f2d95528d45828c613417cb2827d866cbdce] +5.10-upstream-stable: released (5.10.210) [bc6ef64dbe71136f327d63b2b9071b828af2c2a8] +4.19-upstream-stable: released (4.19.307) [81b4249ef37297fb17ba102a524039a05c6c5d35] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52601 b/active/CVE-2023-52601 new file mode 100644 index 00000000..60d141f6 --- /dev/null +++ b/active/CVE-2023-52601 @@ -0,0 +1,15 @@ +Description: jfs: fix array-index-out-of-bounds in dbAdjTree +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [74ecdda68242b174920fe7c6133a856fb7d8559b] +6.7-upstream-stable: released (6.7.4) [fc67a2e18f4c4e3f07e9f9ae463da24530470e73] +6.6-upstream-stable: released (6.6.16) [2e16a1389b5a7983b45cb2aa20b0e3f0ee364d6c] +6.1-upstream-stable: released (6.1.77) [70780914cb57e2ba711e0ac1b677aaaa75103603] +5.10-upstream-stable: released (5.10.210) [2037cb9d95f1741885f7daf50e8a028c4ade5317] +4.19-upstream-stable: released (4.19.307) [3d3898b4d72c677d47fe3cb554449f2df5c12555] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52602 b/active/CVE-2023-52602 new file mode 100644 index 00000000..cc00430f --- /dev/null +++ b/active/CVE-2023-52602 @@ -0,0 +1,15 @@ +Description: jfs: fix slab-out-of-bounds Read in dtSearch +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [fa5492ee89463a7590a1449358002ff7ef63529f] +6.7-upstream-stable: released (6.7.4) [bff9d4078a232c01e42e9377d005fb2f4d31a472] +6.6-upstream-stable: released (6.6.16) [7110650b85dd2f1cee819acd1345a9013a1a62f7] +6.1-upstream-stable: released (6.1.77) [cab0c265ba182fd266c2aa3c69d7e40640a7f612] +5.10-upstream-stable: released (5.10.210) [1c40ca3d39d769931b28295b3145c25f1decf5a6] +4.19-upstream-stable: released (4.19.307) [ce8bc22e948634a5c0a3fa58a179177d0e3f3950] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52603 b/active/CVE-2023-52603 new file mode 100644 index 00000000..7c17a251 --- /dev/null +++ b/active/CVE-2023-52603 @@ -0,0 +1,15 @@ +Description: UBSAN: array-index-out-of-bounds in dtSplitRoot +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [27e56f59bab5ddafbcfe69ad7a4a6ea1279c1b16] +6.7-upstream-stable: released (6.7.4) [6e2902ecc77e9760a9fc447f56d598383e2372d2] +6.6-upstream-stable: released (6.6.16) [edff092a59260bf0b0a2eba219cb3da6372c2f9f] +6.1-upstream-stable: released (6.1.77) [e4cbc857d75d4e22a1f75446e7480b1f305d8d60] +5.10-upstream-stable: released (5.10.210) [7aa33854477d9c346f5560a1a1fcb3fe7783e2a8] +4.19-upstream-stable: released (4.19.307) [e30b52a2ea3d1e0aaee68096957cf90a2f4ec5af] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52604 b/active/CVE-2023-52604 new file mode 100644 index 00000000..06564330 --- /dev/null +++ b/active/CVE-2023-52604 @@ -0,0 +1,15 @@ +Description: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [9862ec7ac1cbc6eb5ee4a045b5d5b8edbb2f7e68] +6.7-upstream-stable: released (6.7.4) [59342822276f753e49d27ef5eebffbba990572b9] +6.6-upstream-stable: released (6.6.16) [6a44065dd604972ec1fbcccbdc4a70d266a89cdd] +6.1-upstream-stable: released (6.1.77) [42f433785f108893de0dd5260bafb85d7d51db03] +5.10-upstream-stable: released (5.10.210) [de34de6e57bbbc868e4fcf9e98c76b3587cabb0b] +4.19-upstream-stable: released (4.19.307) [e3e95c6850661c77e6dab079d9b5374a618ebb15] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52605 b/active/CVE-2023-52605 new file mode 100644 index 00000000..293cc266 --- /dev/null +++ b/active/CVE-2023-52605 @@ -0,0 +1,15 @@ +Description: ACPI: extlog: fix NULL pointer dereference check +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [72d9b9747e78979510e9aafdd32eb99c7aa30dd1] +6.7-upstream-stable: released (6.7.4) [77846571b3ba6a6125a20ad109bb8514ba884cf9] +6.6-upstream-stable: released (6.6.16) [f066171de33d71ff0f7c46bd17636a5a26db3fb6] +6.1-upstream-stable: released (6.1.77) [33650372e3ead97c5ab3b84d9ad97737bc5e00c0] +5.10-upstream-stable: released (5.10.210) [b17a71435e7e153e949df018244a98b4ede04069] +4.19-upstream-stable: released (4.19.307) [b7b33627be0626b16ca321b982d6a2261ef7f703] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52606 b/active/CVE-2023-52606 new file mode 100644 index 00000000..1187c662 --- /dev/null +++ b/active/CVE-2023-52606 @@ -0,0 +1,15 @@ +Description: powerpc/lib: Validate size for vector operations +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [8f9abaa6d7de0a70fc68acaedce290c1f96e2e59] +6.7-upstream-stable: released (6.7.4) [848e1d7fd710900397e1d0e7584680c1c04e3afd] +6.6-upstream-stable: released (6.6.16) [28b8ba8eebf26f66d9f2df4ba550b6b3b136082c] +6.1-upstream-stable: released (6.1.77) [abd26515d4b767ba48241eea77b28ce0872aef3e] +5.10-upstream-stable: released (5.10.210) [beee482cc4c9a6b1dcffb2e190b4fd8782258678] +4.19-upstream-stable: released (4.19.307) [42084a428a139f1a429f597d44621e3a18f3e414] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52607 b/active/CVE-2023-52607 new file mode 100644 index 00000000..ecb59138 --- /dev/null +++ b/active/CVE-2023-52607 @@ -0,0 +1,15 @@ +Description: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [f46c8a75263f97bda13c739ba1c90aced0d3b071] +6.7-upstream-stable: released (6.7.4) [ffd29dc45bc0355393859049f6becddc3ed08f74] +6.6-upstream-stable: released (6.6.16) [145febd85c3bcc5c74d87ef9a598fc7d9122d532] +6.1-upstream-stable: released (6.1.77) [d482d61025e303a2bef3733a011b6b740215cfa1] +5.10-upstream-stable: released (5.10.210) [aa28eecb43cac6e20ef14dfc50b8892c1fbcda5b] +4.19-upstream-stable: released (4.19.307) [21e45a7b08d7cd98d6a53c5fc5111879f2d96611] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26623 b/active/CVE-2024-26623 new file mode 100644 index 00000000..976c4485 --- /dev/null +++ b/active/CVE-2024-26623 @@ -0,0 +1,16 @@ +Description: pds_core: Prevent race issues involving the adminq +References: +Notes: + carnil> Introduced in 01ba61b55b20 ("pds_core: Add adminq processing and commands"). + carnil> Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.8-rc3) [7e82a8745b951b1e794cc780d46f3fbee5e93447] +6.7-upstream-stable: released (6.7.4) [5939feb63ea1f011027576c64b68b681cbad31ca] +6.6-upstream-stable: released (6.6.16) [22cd6046eb2148b18990257505834dd45c672a1b] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26624 b/active/CVE-2024-26624 new file mode 100644 index 00000000..4bc6a37d --- /dev/null +++ b/active/CVE-2024-26624 @@ -0,0 +1,16 @@ +Description: af_unix: fix lockdep positive in sk_diag_dump_icons() +References: +Notes: + carnil> Introduced in 2aac7a2cb0d9 ("unix_diag: Pending connections IDs NLA"). + carnil> Vulnerable versions: 3.3-rc1. +Bugs: +upstream: released (6.8-rc3) [4d322dce82a1d44f8c83f0f54f95dd1b8dcf46c9] +6.7-upstream-stable: released (6.7.4) [c2d272a9a1e8f22ba584589219f6fe1886a3595f] +6.6-upstream-stable: released (6.6.16) [5e7f3e0381c002cb2abde42f09ad511991a8ebaf] +6.1-upstream-stable: released (6.1.77) [a2104f43876408b164be5fd58f9b6a3a73b77746] +5.10-upstream-stable: released (5.10.210) [f199018dc762dfa501f6d96a424468a0f3c10d9e] +4.19-upstream-stable: released (4.19.307) [875f31aaa67e306098befa5e798a049075910fa7] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26625 b/active/CVE-2024-26625 new file mode 100644 index 00000000..23714c04 --- /dev/null +++ b/active/CVE-2024-26625 @@ -0,0 +1,16 @@ +Description: llc: call sock_orphan() at release time +References: +Notes: + carnil> Introduced in 43815482370c ("net: sock_def_readable() and friends RCU + carnil> conversion"). Vulnerable versions: 2.6.35-rc1. +Bugs: +upstream: released (6.8-rc3) [aa2b2eb3934859904c287bf5434647ba72e14c1c] +6.7-upstream-stable: released (6.7.4) [8e51f084b5716653f19e291ed5f026791d4b3ed4] +6.6-upstream-stable: released (6.6.16) [3151051b787f7cd7e3329ea0016eb9113c248812] +6.1-upstream-stable: released (6.1.77) [9c333d9891f34cea8af1b229dc754552304c8eee] +5.10-upstream-stable: released (5.10.210) [d0b5b1f12429df3cd9751ab8b2f53729b77733b7] +4.19-upstream-stable: released (4.19.307) [6b950c712a9a05cdda4aea7fcb2848766576c11b] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26626 b/active/CVE-2024-26626 new file mode 100644 index 00000000..4d4c9d8a --- /dev/null +++ b/active/CVE-2024-26626 @@ -0,0 +1,16 @@ +Description: ipmr: fix kernel panic when forwarding mcast packets +References: +Notes: + carnil> Introduced in bb7403655b3c ("ipmr: support IP_PKTINFO on cache report IGMP + carnil> msg"). Vulnerable versions: 6.1.75 6.6.14 6.7.2 6.8-rc1. +Bugs: +upstream: released (6.8-rc3) [e622502c310f1069fd9f41cd38210553115f610a] +6.7-upstream-stable: released (6.7.4) [2e8c9ae40adda2be1ba41c05fd3cd1e61cce3207] +6.6-upstream-stable: released (6.6.16) [dcaafdba6c6162bb49f1192850bc3bbc3707738c] +6.1-upstream-stable: released (6.1.77) [d2f1b7fe74afd66298dbb3c7b39e7b62e4df1724] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26627 b/active/CVE-2024-26627 new file mode 100644 index 00000000..c7496c3d --- /dev/null +++ b/active/CVE-2024-26627 @@ -0,0 +1,16 @@ +Description: scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler +References: +Notes: + carnil> Introduced in 6eb045e092ef ("scsi: core: avoid host-wide host_busy counter for + carnil> scsi_mq"). Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (6.8-rc3) [4373534a9850627a2695317944898eb1283a2db0] +6.7-upstream-stable: released (6.7.4) [07e3ca0f17f579491b5f54e9ed05173d6c1d6fcb] +6.6-upstream-stable: released (6.6.16) [65ead8468c21c2676d4d06f50b46beffdea69df1] +6.1-upstream-stable: released (6.1.77) [db6338f45971b4285ea368432a84033690eaf53c] +5.10-upstream-stable: released (5.10.210) [f5944853f7a961fedc1227dc8f60393f8936d37c] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26628 b/active/CVE-2024-26628 new file mode 100644 index 00000000..6954ed76 --- /dev/null +++ b/active/CVE-2024-26628 @@ -0,0 +1,15 @@ +Description: drm/amdkfd: Fix lock dependency warning +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [47bf0f83fc86df1bf42b385a91aadb910137c5c9] +6.7-upstream-stable: released (6.7.4) [cb96e492d72d143d57db2d2bc143a1cee8741807] +6.6-upstream-stable: released (6.6.16) [28d2d623d2fbddcca5c24600474e92f16ebb3a05] +6.1-upstream-stable: released (6.1.77) [8b25d397162b0316ceda40afaa63ee0c4a97d28b] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed -- cgit v1.2.3