From bcd9eccef0863578591f91cfde157a7c1fcf4d9e Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 18 Mar 2024 18:04:48 +0100 Subject: Add new batch of CVEs Fixup for fix in earlier versions as 6.6.15-1 and one N/A as vulnerable code was only introduced in 6.7 series. --- active/CVE-2023-52609 | 16 ++++++++++++++++ active/CVE-2023-52610 | 16 ++++++++++++++++ active/CVE-2023-52611 | 16 ++++++++++++++++ active/CVE-2023-52612 | 16 ++++++++++++++++ active/CVE-2023-52613 | 16 ++++++++++++++++ active/CVE-2023-52614 | 16 ++++++++++++++++ active/CVE-2023-52615 | 16 ++++++++++++++++ active/CVE-2023-52616 | 16 ++++++++++++++++ active/CVE-2023-52617 | 15 +++++++++++++++ active/CVE-2023-52618 | 15 +++++++++++++++ active/CVE-2023-52619 | 15 +++++++++++++++ active/CVE-2024-26631 | 16 ++++++++++++++++ active/CVE-2024-26632 | 16 ++++++++++++++++ active/CVE-2024-26633 | 17 +++++++++++++++++ active/CVE-2024-26634 | 16 ++++++++++++++++ active/CVE-2024-26635 | 16 ++++++++++++++++ active/CVE-2024-26636 | 16 ++++++++++++++++ active/CVE-2024-26637 | 16 ++++++++++++++++ active/CVE-2024-26638 | 16 ++++++++++++++++ active/CVE-2024-26639 | 17 +++++++++++++++++ active/CVE-2024-26640 | 16 ++++++++++++++++ active/CVE-2024-26641 | 16 ++++++++++++++++ 22 files changed, 351 insertions(+) create mode 100644 active/CVE-2023-52609 create mode 100644 active/CVE-2023-52610 create mode 100644 active/CVE-2023-52611 create mode 100644 active/CVE-2023-52612 create mode 100644 active/CVE-2023-52613 create mode 100644 active/CVE-2023-52614 create mode 100644 active/CVE-2023-52615 create mode 100644 active/CVE-2023-52616 create mode 100644 active/CVE-2023-52617 create mode 100644 active/CVE-2023-52618 create mode 100644 active/CVE-2023-52619 create mode 100644 active/CVE-2024-26631 create mode 100644 active/CVE-2024-26632 create mode 100644 active/CVE-2024-26633 create mode 100644 active/CVE-2024-26634 create mode 100644 active/CVE-2024-26635 create mode 100644 active/CVE-2024-26636 create mode 100644 active/CVE-2024-26637 create mode 100644 active/CVE-2024-26638 create mode 100644 active/CVE-2024-26639 create mode 100644 active/CVE-2024-26640 create mode 100644 active/CVE-2024-26641 diff --git a/active/CVE-2023-52609 b/active/CVE-2023-52609 new file mode 100644 index 00000000..c9d98235 --- /dev/null +++ b/active/CVE-2023-52609 @@ -0,0 +1,16 @@ +Description: binder: fix race between mmput() and do_exit() +References: +Notes: + carnil> Introduced in 457b9a6f09f0 ("Staging: android: add binder driver"). Vulnerable + carnil> versions: 2.6.29-rc1. +Bugs: +upstream: released (6.8-rc1) [9a9ab0d963621d9d12199df9817e66982582d5a5] +6.7-upstream-stable: released (6.7.2) [77d210e8db4d61d43b2d16df66b1ec46fad2ee01] +6.6-upstream-stable: released (6.6.14) [67f16bf2cc1698fd50e01ee8a2becc5a8e6d3a3e] +6.1-upstream-stable: released (6.1.75) [6696f76c32ff67fec26823fc2df46498e70d9bf3] +5.10-upstream-stable: released (5.10.209) [7e7a0d86542b0ea903006d3f42f33c4f7ead6918] +4.19-upstream-stable: released (4.19.306) [95b1d336b0642198b56836b89908d07b9a0c9608] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: needed diff --git a/active/CVE-2023-52610 b/active/CVE-2023-52610 new file mode 100644 index 00000000..9c806ea3 --- /dev/null +++ b/active/CVE-2023-52610 @@ -0,0 +1,16 @@ +Description: net/sched: act_ct: fix skb leak and crash on ooo frags +References: +Notes: + carnil> Introduced in b57dc7c13ea9 ("net/sched: Introduce action ct"). Vulnerable + carnil> versions: 5.3-rc1. +Bugs: +upstream: released (6.8-rc1) [3f14b377d01d8357eba032b4cabc8c1149b458b6] +6.7-upstream-stable: released (6.7.2) [f5346df0591d10bc948761ca854b1fae6d2ef441] +6.6-upstream-stable: released (6.6.14) [73f7da5fd124f2cda9161e2e46114915e6e82e97] +6.1-upstream-stable: released (6.1.75) [0b5b831122fc3789fff75be433ba3e4dd7b779d4] +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-52611 b/active/CVE-2023-52611 new file mode 100644 index 00000000..b51090d9 --- /dev/null +++ b/active/CVE-2023-52611 @@ -0,0 +1,16 @@ +Description: wifi: rtw88: sdio: Honor the host max_req_size in the RX path +References: +Notes: + carnil> Introduced in 65371a3f14e7 ("wifi: rtw88: sdio: Add HCI implementation for SDIO + carnil> based chipsets"). Vulnerable versions: 6.4-rc1. +Bugs: +upstream: released (6.8-rc1) [00384f565a91c08c4bedae167f749b093d10e3fe] +6.7-upstream-stable: released (6.7.2) [0e9ffff72a0674cd6656314dbd99cdd2123a3030] +6.6-upstream-stable: released (6.6.14) [5b5ddf21b978ec315cab9d9e7e6ac7374791a8c7] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-52612 b/active/CVE-2023-52612 new file mode 100644 index 00000000..e6d41177 --- /dev/null +++ b/active/CVE-2023-52612 @@ -0,0 +1,16 @@ +Description: crypto: scomp - fix req->dst buffer overflow +References: +Notes: + carnil> Introduced in 1ab53a77b772 ("crypto: acomp - add driver-side scomp interface"). + carnil> Vulnerable versions: 4.10-rc1. +Bugs: +upstream: released (6.8-rc1) [744e1885922a9943458954cfea917b31064b4131] +6.7-upstream-stable: released (6.7.2) [71c6670f9f032ec67d8f4e3f8db4646bf5a62883] +6.6-upstream-stable: released (6.6.14) [7d9e5bed036a7f9e2062a137e97e3c1e77fb8759] +6.1-upstream-stable: released (6.1.75) [4df0c942d04a67df174195ad8082f6e30e7f71a5] +5.10-upstream-stable: released (5.10.209) [4518dc468cdd796757190515a9be7408adc8911e] +4.19-upstream-stable: released (4.19.306) [1142d65c5b881590962ad763f94505b6dd67d2fe] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: needed diff --git a/active/CVE-2023-52613 b/active/CVE-2023-52613 new file mode 100644 index 00000000..7743cf66 --- /dev/null +++ b/active/CVE-2023-52613 @@ -0,0 +1,16 @@ +Description: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment +References: +Notes: + carnil> Introduced in e7e3a7c35791 ("thermal/drivers/loongson-2: Add thermal management + carnil> support"). Vulnerable versions: 6.6-rc1. +Bugs: +upstream: released (6.8-rc1) [15ef92e9c41124ee9d88b01208364f3fe1f45f84] +6.7-upstream-stable: released (6.7.2) [6010a9fc14eb1feab5cafd84422001134fe8ec58] +6.6-upstream-stable: released (6.6.14) [70481755ed77400e783200e2d022e5fea16060ce] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-52614 b/active/CVE-2023-52614 new file mode 100644 index 00000000..c74f8aed --- /dev/null +++ b/active/CVE-2023-52614 @@ -0,0 +1,16 @@ +Description: PM / devfreq: Fix buffer overflow in trans_stat_show +References: +Notes: + carnil> Introduced in e552bbaf5b98 ("PM / devfreq: Add sysfs node for representing + carnil> frequency transition information."). Vulnerable versions: 3.8-rc1. +Bugs: +upstream: released (6.8-rc1) [08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4] +6.7-upstream-stable: released (6.7.3) [eaef4650fa2050147ca25fd7ee43bc0082e03c87] +6.6-upstream-stable: released (6.6.15) [a979f56aa4b93579cf0e4265ae04d7e9300fd3e8] +6.1-upstream-stable: released (6.1.76) [8a7729cda2dd276d7a3994638038fb89035b6f2c] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52615 b/active/CVE-2023-52615 new file mode 100644 index 00000000..b25db1ea --- /dev/null +++ b/active/CVE-2023-52615 @@ -0,0 +1,16 @@ +Description: hwrng: core - Fix page fault dead lock on mmap-ed hwrng +References: +Notes: + carnil> Introduced in 9996508b3353 ("hwrng: core - Replace u32 in driver API with byte + carnil> array"). Vulnerable versions: 2.6.33-rc1. +Bugs: +upstream: released (6.8-rc1) [78aafb3884f6bc6636efcc1760c891c8500b9922] +6.7-upstream-stable: released (6.7.3) [6822a14271786150e178869f1495cc03e74c5029] +6.6-upstream-stable: released (6.6.15) [ecabe8cd456d3bf81e92c53b074732f3140f170d] +6.1-upstream-stable: released (6.1.76) [aa8aa16ed9adf1df05bb339d588cf485a011839e] +5.10-upstream-stable: released (5.10.210) [c6a8111aacbfe7a8a70f46cc0de8eed00561693c] +4.19-upstream-stable: released (4.19.307) [eafd83b92f6c044007a3591cbd476bcf90455990] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52616 b/active/CVE-2023-52616 new file mode 100644 index 00000000..2cf3a418 --- /dev/null +++ b/active/CVE-2023-52616 @@ -0,0 +1,16 @@ +Description: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init +References: +Notes: + carnil> Introduced in d58bb7e55a8a ("lib/mpi: Introduce ec implementation to MPI + carnil> library"). Vulnerable versions: 5.10-rc1. +Bugs: +upstream: released (6.8-rc1) [ba3c5574203034781ac4231acf117da917efcd2a] +6.7-upstream-stable: released (6.7.3) [7abdfd45a650c714d5ebab564bb1b988f14d9b49] +6.6-upstream-stable: released (6.6.15) [7ebf812b7019fd2d4d5a7ca45ef4bf3a6f4bda0a] +6.1-upstream-stable: released (6.1.79) [bb44477d4506e52785693a39f03cdc6a2c5e8598] +5.10-upstream-stable: released (5.10.210) [0c3687822259a7628c85cd21a3445cbe3c367165] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2023-52617 b/active/CVE-2023-52617 new file mode 100644 index 00000000..dfcb481d --- /dev/null +++ b/active/CVE-2023-52617 @@ -0,0 +1,15 @@ +Description: PCI: switchtec: Fix stdev_release() crash after surprise hot remove +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [df25461119d987b8c81d232cfe4411e91dcabe66] +6.7-upstream-stable: released (6.7.4) [e129c7fa7070fbce57feb0bfc5eaa65eef44b693] +6.6-upstream-stable: released (6.6.16) [0233b836312e39a3c763fb53512b3fa455b473b3] +6.1-upstream-stable: released (6.1.77) [1d83c85922647758c1f1e4806a4c5c3cf591a20a] +5.10-upstream-stable: released (5.10.210) [4a5d0528cf19dbf060313dffbe047bc11c90c24c] +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52618 b/active/CVE-2023-52618 new file mode 100644 index 00000000..8754cfc4 --- /dev/null +++ b/active/CVE-2023-52618 @@ -0,0 +1,15 @@ +Description: block/rnbd-srv: Check for unlikely string overflow +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [9e4bf6a08d1e127bcc4bd72557f2dfafc6bc7f41] +6.7-upstream-stable: released (6.7.4) [a2c6206f18104fba7f887bf4dbbfe4c41adc4339] +6.6-upstream-stable: released (6.6.16) [5b9ea86e662035a886ccb5c76d56793cba618827] +6.1-upstream-stable: released (6.1.77) [af7bbdac89739e2e7380387fda598848d3b7010f] +5.10-upstream-stable: released (5.10.210) [95bc866c11974d3e4a9d922275ea8127ff809cf7] +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2023-52619 b/active/CVE-2023-52619 new file mode 100644 index 00000000..2ddf43d3 --- /dev/null +++ b/active/CVE-2023-52619 @@ -0,0 +1,15 @@ +Description: pstore/ram: Fix crash when setting number of cpus to an odd number +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.8-rc1) [d49270a04623ce3c0afddbf3e984cb245aa48e9c] +6.7-upstream-stable: released (6.7.4) [cd40e43f870cf21726b22487a95ed223790b3542] +6.6-upstream-stable: released (6.6.16) [0593cfd321df9001142a9d2c58d4144917dff7ee] +6.1-upstream-stable: released (6.1.77) [75b0f71b26b3ad833c5c0670109c0af6e021e86a] +5.10-upstream-stable: released (5.10.210) [a63e48cd835c34c38ef671d344cc029b1ea5bf10] +4.19-upstream-stable: released (4.19.307) [8b69c30f4e8b69131d92096cb296dc1f217101e4] +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26631 b/active/CVE-2024-26631 new file mode 100644 index 00000000..c0c6aea8 --- /dev/null +++ b/active/CVE-2024-26631 @@ -0,0 +1,16 @@ +Description: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work +References: +Notes: + carnil> Introduced in 2d9a93b4902b ("mld: convert from timer to delayed work"). + carnil> Vulnerable versions: 5.13-rc1. +Bugs: +upstream: released (6.8-rc1) [2e7ef287f07c74985f1bf2858bedc62bd9ebf155] +6.7-upstream-stable: released (6.7.2) [3bb5849675ae1d592929798a2b37ea450879c855] +6.6-upstream-stable: released (6.6.14) [3cc283fd16fba72e2cefe3a6f48d7a36b0438900] +6.1-upstream-stable: released (6.1.75) [380540bb06bb1d1b12bdc947d1b8f56cda6b5663] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26632 b/active/CVE-2024-26632 new file mode 100644 index 00000000..7bbc26c5 --- /dev/null +++ b/active/CVE-2024-26632 @@ -0,0 +1,16 @@ +Description: block: Fix iterating over an empty bio with bio_for_each_folio_all +References: +Notes: + carnil> Introduced in 640d1930bef4 ("block: Add bio_for_each_folio_all()"). Vulnerable + carnil> versions: 5.17-rc1. +Bugs: +upstream: released (6.8-rc1) [7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7] +6.7-upstream-stable: released (6.7.2) [ca3ede3f5893e2d26d4dbdef1eec28a8487fafde] +6.6-upstream-stable: released (6.6.14) [a6bd8182137a12d22d3f2cee463271bdcb491659] +6.1-upstream-stable: released (6.1.75) [c6350b5cb78e9024c49eaee6fdb914ad2903a5fe] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26633 b/active/CVE-2024-26633 new file mode 100644 index 00000000..fe33d7a5 --- /dev/null +++ b/active/CVE-2024-26633 @@ -0,0 +1,17 @@ +Description: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() +References: +Notes: + carnil> Introduced in fbfa743a9d2a ("ipv6: fix ip6_tnl_parse_tlv_enc_lim()"). + carnil> Vulnerable versions: 3.2.87 3.10.106 3.12.71 3.16.42 3.18.49 4.4.50 4.9.11 + carnil> 4.10-rc6. +Bugs: +upstream: released (6.8-rc1) [d375b98e0248980681e5e56b712026174d617198] +6.7-upstream-stable: released (6.7.2) [ba8d904c274268b18ef3dc11d3ca7b24a96cb087] +6.6-upstream-stable: released (6.6.14) [687c5d52fe53e602e76826dbd4d7af412747e183] +6.1-upstream-stable: released (6.1.75) [62a1fedeb14c7ac0947ef33fadbabd35ed2400a2] +5.10-upstream-stable: released (5.10.209) [da23bd709b46168f7dfc36055801011222b076cd] +4.19-upstream-stable: released (4.19.306) [135414f300c5db995e2a2f3bf0f455de9d014aee] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: needed diff --git a/active/CVE-2024-26634 b/active/CVE-2024-26634 new file mode 100644 index 00000000..cfd29950 --- /dev/null +++ b/active/CVE-2024-26634 @@ -0,0 +1,16 @@ +Description: net: fix removing a namespace with conflicting altnames +References: +Notes: + carnil> Introduced in 7663d522099e ("net: check for altname conflicts when changing + carnil> netdev's netns"). Vulnerable versions: 6.1.60 6.5.9 6.6-rc7. +Bugs: +upstream: released (6.8-rc2) [d09486a04f5da0a812c26217213b89a3b1acf836] +6.7-upstream-stable: released (6.7.3) [8072699aa9e67d1727692cfb3c347263bb627fb9] +6.6-upstream-stable: released (6.6.15) [e855dded4b70d1975ee7b9fed0c700391e3c8ea6] +6.1-upstream-stable: released (6.1.76) [a2232f29bf52c24f827865b3c90829c44b6c695b] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26635 b/active/CVE-2024-26635 new file mode 100644 index 00000000..f96c9602 --- /dev/null +++ b/active/CVE-2024-26635 @@ -0,0 +1,16 @@ +Description: llc: Drop support for ETH_P_TR_802_2. +References: +Notes: + carnil> Introduced in 211ed865108e ("net: delete all instances of special processing + carnil> for token ring"). Vulnerable versions: 3.5-rc1. +Bugs: +upstream: released (6.8-rc2) [e3f9bed9bee261e3347131764e42aeedf1ffea61] +6.7-upstream-stable: released (6.7.3) [df57fc2f2abf548aa889a36ab0bdcc94a75399dc] +6.6-upstream-stable: released (6.6.15) [f1f34a515fb1e25e85dee94f781e7869ae351fb8] +6.1-upstream-stable: released (6.1.76) [660c3053d992b68fee893a0e9ec9159228cffdc6] +5.10-upstream-stable: released (5.10.210) [9ccdef19cf9497c2803b005369668feb91cacdfd] +4.19-upstream-stable: released (4.19.307) [165ad1e22779685c3ed3dd349c6c4c632309cc62] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26636 b/active/CVE-2024-26636 new file mode 100644 index 00000000..a7f69f71 --- /dev/null +++ b/active/CVE-2024-26636 @@ -0,0 +1,16 @@ +Description: llc: make llc_ui_sendmsg() more robust against bonding changes +References: +Notes: + carnil> Introduced in 1da177e4c3f4 ("Linux-2.6.12-rc2"). Vulnerable versions: + carnil> 2.6.12-rc2^0. +Bugs: +upstream: released (6.8-rc2) [dad555c816a50c6a6a8a86be1f9177673918c647] +6.7-upstream-stable: released (6.7.3) [c451c008f563d56d5e676c9dcafae565fcad84bb] +6.6-upstream-stable: released (6.6.15) [cafd3ad3fe03ef4d6632747be9ee15dc0029db4b] +6.1-upstream-stable: released (6.1.76) [6d53b813ff8b177f86f149c2f744442681f720e4] +5.10-upstream-stable: released (5.10.210) [04f2a74b562f3a7498be0399309669f342793d8c] +4.19-upstream-stable: released (4.19.307) [84e9d10419f6f4f3f3cd8f9aaf44a48719aa4b1b] +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26637 b/active/CVE-2024-26637 new file mode 100644 index 00000000..2549f401 --- /dev/null +++ b/active/CVE-2024-26637 @@ -0,0 +1,16 @@ +Description: wifi: ath11k: rely on mac80211 debugfs handling for vif +References: +Notes: + carnil> Introduced in 0a3d898ee9a8 ("wifi: mac80211: add/remove driver debugfs entries + carnil> as appropriate"). Vulnerable versions: 6.7. +Bugs: +upstream: released (6.8-rc2) [556857aa1d0855aba02b1c63bc52b91ec63fc2cc] +6.7-upstream-stable: released (6.7.3) [aa74ce30a8a40d19a4256de4ae5322e71344a274] +6.6-upstream-stable: N/A "Vulnerable code not present" +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26638 b/active/CVE-2024-26638 new file mode 100644 index 00000000..f4c823c6 --- /dev/null +++ b/active/CVE-2024-26638 @@ -0,0 +1,16 @@ +Description: nbd: always initialize struct msghdr completely +References: +Notes: + carnil> Introduced in f94fd25cb0aa ("tcp: pass back data left in socket after + carnil> receive"). Vulnerable versions: 5.19-rc1. +Bugs: +upstream: released (6.8-rc1) [78fbb92af27d0982634116c7a31065f24d092826] +6.7-upstream-stable: released (6.7.3) [b0028f333420a65a53a63978522db680b37379dd] +6.6-upstream-stable: released (6.6.15) [1960f2b534da1e6c65fb96f9e98bda773495f406] +6.1-upstream-stable: released (6.1.76) [d9c54763e5cdbbd3f81868597fe8aca3c96e6387] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26639 b/active/CVE-2024-26639 new file mode 100644 index 00000000..6641b3e0 --- /dev/null +++ b/active/CVE-2024-26639 @@ -0,0 +1,17 @@ +Description: mm, kmsan: fix infinite recursion due to RCU critical section +References: +Notes: + carnil> Introduced in 5ec8e8ea8b77 ("mm/sparsemem: fix race in accessing + carnil> memory_section->usage"). Vulnerable versions: 5.10.210 5.15.149 6.1.76 6.6.15 + carnil> 6.7.3 6.8-rc1. +Bugs: +upstream: released (6.8-rc3) [f6564fce256a3944aa1bc76cb3c40e792d97c1eb] +6.7-upstream-stable: released (6.7.4) [5a33420599fa0288792537e6872fd19cc8607ea6] +6.6-upstream-stable: released (6.6.16) [6335c0cdb2ea0ea02c999e04d34fd84f69fb27ff] +6.1-upstream-stable: released (6.1.77) [dc904345e3771aa01d0b8358b550802fdc6fe00b] +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26640 b/active/CVE-2024-26640 new file mode 100644 index 00000000..0d04635c --- /dev/null +++ b/active/CVE-2024-26640 @@ -0,0 +1,16 @@ +Description: tcp: add sanity checks to rx zerocopy +References: +Notes: + carnil> Introduced in 93ab6cc69162 ("tcp: implement mmap() for zero copy receive"). + carnil> Vulnerable versions: 4.18-rc1. +Bugs: +upstream: released (6.8-rc3) [577e4432f3ac810049cb7e6b71f4d96ec7c6e894] +6.7-upstream-stable: released (6.7.4) [1b8adcc0e2c584fec778add7777fe28e20781e60] +6.6-upstream-stable: released (6.6.16) [d15cc0f66884ef2bed28c7ccbb11c102aa3a0760] +6.1-upstream-stable: released (6.1.77) [b383d4ea272fe5795877506dcce5aad1f6330e5e] +5.10-upstream-stable: released (5.10.210) [f48bf9a83b1666d934247cb58a9887d7b3127b6f] +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26641 b/active/CVE-2024-26641 new file mode 100644 index 00000000..bfc28395 --- /dev/null +++ b/active/CVE-2024-26641 @@ -0,0 +1,16 @@ +Description: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() +References: +Notes: + carnil> Introduced in 0d3c703a9d17 ("ipv6: Cleanup IPv6 tunnel receive path"). + carnil> Vulnerable versions: 4.7-rc1. +Bugs: +upstream: released (6.8-rc3) [8d975c15c0cd744000ca386247432d57b21f9df0] +6.7-upstream-stable: released (6.7.4) [c835df3bcc14858ae9b27315dd7de76370b94f3a] +6.6-upstream-stable: released (6.6.16) [350a6640fac4b53564ec20aa3f4a0922cb0ba5e6] +6.1-upstream-stable: released (6.1.77) [d54e4da98bbfa8c257bdca94c49652d81d18a4d8] +5.10-upstream-stable: released (5.10.210) [a9bc32879a08f23cdb80a48c738017e39aea1080] +4.19-upstream-stable: needed +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed -- cgit v1.2.3