From caeae6c9d0283fee36d4bc451607baeca82e310d Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 5 Apr 2024 20:46:32 +0200 Subject: Add new batch of CVEs --- active/CVE-2024-26810 | 17 +++++++++++++++++ active/CVE-2024-26812 | 17 +++++++++++++++++ active/CVE-2024-26813 | 17 +++++++++++++++++ active/CVE-2024-26814 | 17 +++++++++++++++++ active/CVE-2024-27437 | 17 +++++++++++++++++ 5 files changed, 85 insertions(+) create mode 100644 active/CVE-2024-26810 create mode 100644 active/CVE-2024-26812 create mode 100644 active/CVE-2024-26813 create mode 100644 active/CVE-2024-26814 create mode 100644 active/CVE-2024-27437 (limited to 'active') diff --git a/active/CVE-2024-26810 b/active/CVE-2024-26810 new file mode 100644 index 00000000..65568b67 --- /dev/null +++ b/active/CVE-2024-26810 @@ -0,0 +1,17 @@ +Description: vfio/pci: Lock external INTx masking ops +References: +Notes: + carnil> Introduced in 89e1f7d4c66d ("vfio: Add PCI device driver"). Vulnerable + carnil> versions: 3.6-rc1. +Bugs: +upstream: released (6.9-rc1) [810cd4bb53456d0503cc4e7934e063835152c1b7] +6.8-upstream-stable: released (6.8.3) [03505e3344b0576fd619416793a31eae9c5b73bf] +6.7-upstream-stable: released (6.7.12) [6fe478d855b20ac1eb5da724afe16af5a2aaaa40] +6.6-upstream-stable: released (6.6.24) [04a4a017b9ffd7b0f427b8c376688d14cb614651] +6.1-upstream-stable: released (6.1.84) [3fe0ac10bd117df847c93408a9d428a453cd60e5] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26812 b/active/CVE-2024-26812 new file mode 100644 index 00000000..407377b6 --- /dev/null +++ b/active/CVE-2024-26812 @@ -0,0 +1,17 @@ +Description: vfio/pci: Create persistent INTx handler +References: +Notes: + carnil> Introduced in 89e1f7d4c66d ("vfio: Add PCI device driver"). Vulnerable + carnil> versions: 3.6-rc1. +Bugs: +upstream: released (6.9-rc1) [18c198c96a815c962adc2b9b77909eec0be7df4d] +6.8-upstream-stable: released (6.8.3) [0e09cf81959d9f12b75ad5c6dd53d237432ed034] +6.7-upstream-stable: released (6.7.12) [4c089cefe30924fbe20dd1ee92774ea1f5eca834] +6.6-upstream-stable: released (6.6.24) [69276a555c740acfbff13fb5769ee9c92e1c828e] +6.1-upstream-stable: released (6.1.84) [7d29d4c72c1e196cce6969c98072a272d1a703b3] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26813 b/active/CVE-2024-26813 new file mode 100644 index 00000000..7f39f2c1 --- /dev/null +++ b/active/CVE-2024-26813 @@ -0,0 +1,17 @@ +Description: vfio/platform: Create persistent IRQ handlers +References: +Notes: + carnil> Introduced in 57f972e2b341 ("vfio/platform: trigger an interrupt via eventfd"). + carnil> Vulnerable versions: 4.1-rc1. +Bugs: +upstream: released (6.9-rc1) [675daf435e9f8e5a5eab140a9864dfad6668b375] +6.8-upstream-stable: released (6.8.3) [0f8d8f9c2173a541812dd750529f4a415117eb29] +6.7-upstream-stable: released (6.7.12) [d6bedd6acc0bcb1e7e010bc046032e47f08d379f] +6.6-upstream-stable: released (6.6.24) [62d4e43a569b67929eb3319780be5359694c8086] +6.1-upstream-stable: released (6.1.84) [7932db06c82c5b2f42a4d1a849d97dba9ce4a362] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26814 b/active/CVE-2024-26814 new file mode 100644 index 00000000..d32540c2 --- /dev/null +++ b/active/CVE-2024-26814 @@ -0,0 +1,17 @@ +Description: vfio/fsl-mc: Block calling interrupt handler without trigger +References: +Notes: + carnil> Introduced in cc0ee20bd969 ("vfio/fsl-mc: trigger an interrupt via eventfd"). + carnil> Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (6.9-rc1) [7447d911af699a15f8d050dfcb7c680a86f87012] +6.8-upstream-stable: released (6.8.3) [6ec0d88166dac43f29e96801c0927d514f17add9] +6.7-upstream-stable: released (6.7.12) [de87511fb0404d23b6da5f4660383b6ed095e28d] +6.6-upstream-stable: released (6.6.24) [ee0bd4ad780dfbb60355b99f25063357ab488267] +6.1-upstream-stable: released (6.1.84) [083e750c9f5f4c3bf61161330fb84d7c8e8bb417] +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-27437 b/active/CVE-2024-27437 new file mode 100644 index 00000000..40c4c552 --- /dev/null +++ b/active/CVE-2024-27437 @@ -0,0 +1,17 @@ +Description: vfio/pci: Disable auto-enable of exclusive INTx IRQ +References: +Notes: + carnil> Introduced in 89e1f7d4c66d ("vfio: Add PCI device driver"). Vulnerable + carnil> versions: 3.6-rc1. +Bugs: +upstream: released (6.9-rc1) [fe9a7082684eb059b925c535682e68c34d487d43] +6.8-upstream-stable: released (6.8.3) [bf0bc84a20e6109ab07d5dc072067bd01eb931ec] +6.7-upstream-stable: released (6.7.12) [3b3491ad0f80d913e7d255941d4470f4a4d9bfda] +6.6-upstream-stable: released (6.6.24) [2a4a666c45107206605b7b5bc20545f8aabc4fa2] +6.1-upstream-stable: released (6.1.84) [139dfcc4d723ab13469881200c7d80f49d776060] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed -- cgit v1.2.3