diff options
| author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-17 12:49:10 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-17 12:49:10 +0100 |
| commit | deea50aedda3f320453b94a1126878b684423be5 (patch) | |
| tree | 83814144cbe5ff0838362665fcdb0f5157b3dc2d | |
| parent | 7833a7024b7c9bf0c2d3b3f9dc58efc1149e545b (diff) | |
| download | vulns-deea50aedda3f320453b94a1126878b684423be5.tar.gz | |
update cve entries with latest json and mbox file updates
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | cve/published/2021/CVE-2021-47181.mbox | 11 | ||||
| -rw-r--r-- | cve/published/2021/CVE-2021-47182.mbox | 11 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-1851.mbox | 9 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21657.mbox | 9 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21658.mbox | 9 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21659.mbox | 9 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21660.json | 45 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21660.mbox | 11 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21661.json | 63 | ||||
| -rw-r--r-- | cve/published/2023/CVE-2023-21661.mbox | 11 | ||||
| -rw-r--r-- | cve/published/2024/CVE-2024-0052.json | 39 | ||||
| -rw-r--r-- | cve/published/2024/CVE-2024-0052.mbox | 11 | ||||
| -rw-r--r-- | cve/published/2024/CVE-2024-20607.json | 33 | ||||
| -rw-r--r-- | cve/published/2024/CVE-2024-20607.mbox | 11 |
14 files changed, 232 insertions, 50 deletions
diff --git a/cve/published/2021/CVE-2021-47181.mbox b/cve/published/2021/CVE-2021-47181.mbox index 10bd2b66..53e23c14 100644 --- a/cve/published/2021/CVE-2021-47181.mbox +++ b/cve/published/2021/CVE-2021-47181.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -41,6 +41,15 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/usb/gadget/composite.c + drivers/usb/gadget/legacy/dbgp.c + drivers/usb/gadget/legacy/inode.c + + Mitigation ========== diff --git a/cve/published/2021/CVE-2021-47182.mbox b/cve/published/2021/CVE-2021-47182.mbox index c41dd250..66475ff5 100644 --- a/cve/published/2021/CVE-2021-47182.mbox +++ b/cve/published/2021/CVE-2021-47182.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -39,6 +39,15 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/usb/gadget/composite.c + drivers/usb/gadget/legacy/dbgp.c + drivers/usb/gadget/legacy/inode.c + + Mitigation ========== diff --git a/cve/published/2023/CVE-2023-1851.mbox b/cve/published/2023/CVE-2023-1851.mbox index 806557e6..598f1782 100644 --- a/cve/published/2023/CVE-2023-1851.mbox +++ b/cve/published/2023/CVE-2023-1851.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -62,6 +62,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + net/nfc/llcp_core.c + + Mitigation ========== diff --git a/cve/published/2023/CVE-2023-21657.mbox b/cve/published/2023/CVE-2023-21657.mbox index f8722382..655b401e 100644 --- a/cve/published/2023/CVE-2023-21657.mbox +++ b/cve/published/2023/CVE-2023-21657.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -42,6 +42,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + arch/x86/kvm/x86.c + + Mitigation ========== diff --git a/cve/published/2023/CVE-2023-21658.mbox b/cve/published/2023/CVE-2023-21658.mbox index cf6c7d7b..988f1359 100644 --- a/cve/published/2023/CVE-2023-21658.mbox +++ b/cve/published/2023/CVE-2023-21658.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -44,6 +44,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/memstick/core/memstick.c + + Mitigation ========== diff --git a/cve/published/2023/CVE-2023-21659.mbox b/cve/published/2023/CVE-2023-21659.mbox index a2dcb28c..905f467f 100644 --- a/cve/published/2023/CVE-2023-21659.mbox +++ b/cve/published/2023/CVE-2023-21659.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -58,6 +58,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + fs/sysfs/file.c + + Mitigation ========== diff --git a/cve/published/2023/CVE-2023-21660.json b/cve/published/2023/CVE-2023-21660.json index 9119ba21..896a77b0 100644 --- a/cve/published/2023/CVE-2023-21660.json +++ b/cve/published/2023/CVE-2023-21660.json @@ -37,6 +37,12 @@ "lessThan": "21ba4f2543bd", "status": "affected", "versionType": "git" + }, + { + "version": "60b59beafba8", + "lessThan": "33cd6ea9c067", + "status": "affected", + "versionType": "git" } ] }, @@ -46,26 +52,42 @@ "platforms": [ "Linux" ], - "defaultStatus": "unaffected", + "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "2.6.22", - "lessThan": "6.1.75", - "status": "affected", + "status": "affected" + }, + { + "version": "0", + "lessThan": "2.6.22", + "status": "unaffected", "versionType": "custom" }, { - "version": "2.6.22", - "lessThan": "6.6.14", - "status": "affected", + "version": "6.1.75", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", "versionType": "custom" }, { - "version": "2.6.22", - "lessThan": "6.7.2", - "status": "affected", + "version": "6.6.14", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.2", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", "versionType": "custom" + }, + { + "version": "6.8-rc1", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" } ] } @@ -79,11 +101,14 @@ }, { "url": "https://git.kernel.org/stable/c/21ba4f2543bd" + }, + { + "url": "https://git.kernel.org/stable/c/33cd6ea9c067" } ], "title": "fbdev: flush deferred IO before closing", "x_generator": { - "engine": "bippy-24247370f131" + "engine": "bippy-e63f5ae15632" } } }, diff --git a/cve/published/2023/CVE-2023-21660.mbox b/cve/published/2023/CVE-2023-21660.mbox index 2fac3db5..213aea44 100644 --- a/cve/published/2023/CVE-2023-21660.mbox +++ b/cve/published/2023/CVE-2023-21660.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -34,6 +34,7 @@ Affected and fixed versions Issue introduced in 2.6.22 with commit 60b59beafba8 and fixed in 6.1.75 with commit 81f444f22816 Issue introduced in 2.6.22 with commit 60b59beafba8 and fixed in 6.6.14 with commit 2db6388d8a7f Issue introduced in 2.6.22 with commit 60b59beafba8 and fixed in 6.7.2 with commit 21ba4f2543bd + Issue introduced in 2.6.22 with commit 60b59beafba8 and fixed in 6.8-rc1 with commit 33cd6ea9c067 Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. @@ -45,6 +46,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/video/fbdev/core/fb_defio.c + + Mitigation ========== @@ -58,3 +66,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/81f444f22816 https://git.kernel.org/stable/c/2db6388d8a7f https://git.kernel.org/stable/c/21ba4f2543bd + https://git.kernel.org/stable/c/33cd6ea9c067 diff --git a/cve/published/2023/CVE-2023-21661.json b/cve/published/2023/CVE-2023-21661.json index 4fbc567b..c4e19ba7 100644 --- a/cve/published/2023/CVE-2023-21661.json +++ b/cve/published/2023/CVE-2023-21661.json @@ -55,6 +55,12 @@ "lessThan": "e074686e993f", "status": "affected", "versionType": "git" + }, + { + "version": "dd2283f2605e", + "lessThan": "3f489c2067c5", + "status": "affected", + "versionType": "git" } ] }, @@ -64,44 +70,60 @@ "platforms": [ "Linux" ], - "defaultStatus": "unaffected", + "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "4.20", - "lessThan": "5.4.268", - "status": "affected", + "status": "affected" + }, + { + "version": "0", + "lessThan": "4.20", + "status": "unaffected", "versionType": "custom" }, { - "version": "4.20", - "lessThan": "5.10.209", - "status": "affected", + "version": "5.4.268", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", "versionType": "custom" }, { - "version": "4.20", - "lessThan": "5.15.148", - "status": "affected", + "version": "5.10.209", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", "versionType": "custom" }, { - "version": "4.20", - "lessThan": "6.1.74", - "status": "affected", + "version": "5.15.148", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", "versionType": "custom" }, { - "version": "4.20", - "lessThan": "6.6.13", - "status": "affected", + "version": "6.1.74", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", "versionType": "custom" }, { - "version": "4.20", - "lessThan": "6.7.1", - "status": "affected", + "version": "6.6.13", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", "versionType": "custom" + }, + { + "version": "6.7.1", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8-rc1", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" } ] } @@ -124,11 +146,14 @@ }, { "url": "https://git.kernel.org/stable/c/e074686e993f" + }, + { + "url": "https://git.kernel.org/stable/c/3f489c2067c5" } ], "title": "binder: fix use-after-free in shinker's callback", "x_generator": { - "engine": "bippy-24247370f131" + "engine": "bippy-e63f5ae15632" } } }, diff --git a/cve/published/2023/CVE-2023-21661.mbox b/cve/published/2023/CVE-2023-21661.mbox index 5cb4f0bb..2ef9a4f9 100644 --- a/cve/published/2023/CVE-2023-21661.mbox +++ b/cve/published/2023/CVE-2023-21661.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -80,6 +80,7 @@ Affected and fixed versions Issue introduced in 4.20 with commit dd2283f2605e and fixed in 6.1.74 with commit 9fa04c93f241 Issue introduced in 4.20 with commit dd2283f2605e and fixed in 6.6.13 with commit a49087ab9350 Issue introduced in 4.20 with commit dd2283f2605e and fixed in 6.7.1 with commit e074686e993f + Issue introduced in 4.20 with commit dd2283f2605e and fixed in 6.8-rc1 with commit 3f489c2067c5 Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. @@ -91,6 +92,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/android/binder_alloc.c + + Mitigation ========== @@ -107,3 +115,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/9fa04c93f241 https://git.kernel.org/stable/c/a49087ab9350 https://git.kernel.org/stable/c/e074686e993f + https://git.kernel.org/stable/c/3f489c2067c5 diff --git a/cve/published/2024/CVE-2024-0052.json b/cve/published/2024/CVE-2024-0052.json index 92d05dc8..50615866 100644 --- a/cve/published/2024/CVE-2024-0052.json +++ b/cve/published/2024/CVE-2024-0052.json @@ -31,6 +31,12 @@ "lessThan": "0f91df0c0fae", "status": "affected", "versionType": "git" + }, + { + "version": "2d1f649c7c08", + "lessThan": "11684134140b", + "status": "affected", + "versionType": "git" } ] }, @@ -40,20 +46,36 @@ "platforms": [ "Linux" ], - "defaultStatus": "unaffected", + "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "6.6", - "lessThan": "6.6.13", - "status": "affected", + "status": "affected" + }, + { + "version": "0", + "lessThan": "6.6", + "status": "unaffected", "versionType": "custom" }, { - "version": "6.6", - "lessThan": "6.7.1", - "status": "affected", + "version": "6.6.13", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.1", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", "versionType": "custom" + }, + { + "version": "6.8-rc1", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" } ] } @@ -64,11 +86,14 @@ }, { "url": "https://git.kernel.org/stable/c/0f91df0c0fae" + }, + { + "url": "https://git.kernel.org/stable/c/11684134140b" } ], "title": "mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval", "x_generator": { - "engine": "bippy-24247370f131" + "engine": "bippy-e63f5ae15632" } } }, diff --git a/cve/published/2024/CVE-2024-0052.mbox b/cve/published/2024/CVE-2024-0052.mbox index f8391c3e..8e88b29c 100644 --- a/cve/published/2024/CVE-2024-0052.mbox +++ b/cve/published/2024/CVE-2024-0052.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -28,6 +28,7 @@ Affected and fixed versions Issue introduced in 6.6 with commit 2d1f649c7c08 and fixed in 6.6.13 with commit 9584c8d658c0 Issue introduced in 6.6 with commit 2d1f649c7c08 and fixed in 6.7.1 with commit 0f91df0c0fae + Issue introduced in 6.6 with commit 2d1f649c7c08 and fixed in 6.8-rc1 with commit 11684134140b Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. @@ -39,6 +40,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + mm/memory_hotplug.c + + Mitigation ========== @@ -51,3 +59,4 @@ the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/9584c8d658c0 https://git.kernel.org/stable/c/0f91df0c0fae + https://git.kernel.org/stable/c/11684134140b diff --git a/cve/published/2024/CVE-2024-20607.json b/cve/published/2024/CVE-2024-20607.json index ed54cf59..347611cf 100644 --- a/cve/published/2024/CVE-2024-20607.json +++ b/cve/published/2024/CVE-2024-20607.json @@ -25,6 +25,12 @@ "lessThan": "46826a384406", "status": "affected", "versionType": "git" + }, + { + "version": "ffa55858330f", + "lessThan": "d9407ff11809", + "status": "affected", + "versionType": "git" } ] }, @@ -34,14 +40,30 @@ "platforms": [ "Linux" ], - "defaultStatus": "unaffected", + "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "6.7", - "lessThan": "6.7.4", - "status": "affected", + "status": "affected" + }, + { + "version": "0", + "lessThan": "6.7", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.4", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", "versionType": "custom" + }, + { + "version": "6.8-rc3", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" } ] } @@ -49,11 +71,14 @@ "references": [ { "url": "https://git.kernel.org/stable/c/46826a384406" + }, + { + "url": "https://git.kernel.org/stable/c/d9407ff11809" } ], "title": "pds_core: Prevent health thread from running during reset/remove", "x_generator": { - "engine": "bippy-24247370f131" + "engine": "bippy-e63f5ae15632" } } }, diff --git a/cve/published/2024/CVE-2024-20607.mbox b/cve/published/2024/CVE-2024-20607.mbox index 9eb06c73..0fed17d5 100644 --- a/cve/published/2024/CVE-2024-20607.mbox +++ b/cve/published/2024/CVE-2024-20607.mbox @@ -1,4 +1,4 @@ -From bippy-412f30a4c628 Mon Sep 17 00:00:00 2001 +From bippy-e63f5ae15632 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> @@ -24,6 +24,7 @@ Affected and fixed versions =========================== Issue introduced in 6.7 with commit ffa55858330f and fixed in 6.7.4 with commit 46826a384406 + Issue introduced in 6.7 with commit ffa55858330f and fixed in 6.8-rc3 with commit d9407ff11809 Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. @@ -35,6 +36,13 @@ will be updated if fixes are backported, please check that for the most up to date information about this issue. +Affected files +============== + +The file(s) affected by this issue are: + drivers/net/ethernet/amd/pds_core/main.c + + Mitigation ========== @@ -46,3 +54,4 @@ supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/46826a384406 + https://git.kernel.org/stable/c/d9407ff11809 |