Add new batch of CVEs from Kernel vulns repository

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-29 19:21:43 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-29 19:21:43 +0100
commit: 4623b36743bf6c013300f7df620ed4f2494214a1 (patch)
tree: 52fd98d1cd4cee84525095dcdaa1fb89e9d6803e
parent: c289ed05ac639a3e8c9efc1122633dd94123af99 (diff)
28 files changed, 449 insertions, 0 deletions
diff --git a/active/CVE-2023-52485 b/active/CVE-2023-52485
new file mode 100644
index 00000000..64b29e2e
--- /dev/null
+++ b/active/CVE-2023-52485
@@ -0,0 +1,15 @@
+Description: drm/amd/display: Wake DMCUB before sending a command
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (6.8-rc1) [8892780834ae294bc3697c7d0e056d7743900b39]
+6.7-upstream-stable: released (6.7.3) [303197775a97416b62d4da69280d0c120a20e009]
+6.6-upstream-stable: needed
+6.1-upstream-stable: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: needed
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2023-52486 b/active/CVE-2023-52486
new file mode 100644
index 00000000..42f8183d
--- /dev/null
+++ b/active/CVE-2023-52486
@@ -0,0 +1,15 @@
+Description: drm: Don't unref the same fb many times by mistake due to deadlock handling
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (6.8-rc1) [cb4daf271302d71a6b9a7c01bd0b6d76febd8f0c]
+6.7-upstream-stable: released (6.7.3) [bfd0feb1b109cb63b87fdcd00122603787c75a1a]
+6.6-upstream-stable: released (6.6.15) [d7afdf360f4ac142832b098b4de974e867cc063c]
+6.1-upstream-stable: released (6.1.76) [62f2e79cf9f4f47cc9dea9cebdf58d9f7b5695e0]
+5.10-upstream-stable: released (5.10.210) [f55261469be87c55df13db76dc945f6bcd825105]
+4.19-upstream-stable: released (4.19.307) [376e21a9e4c2c63ee5d8d3aa74be5082c3882229]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2023-52487 b/active/CVE-2023-52487
new file mode 100644
index 00000000..ae915003
--- /dev/null
+++ b/active/CVE-2023-52487
@@ -0,0 +1,16 @@
+Description: net/mlx5e: Fix peer flow lists handling
+References:
+Notes:
+ carnil> Introduced in 9be6c21fdcf8 ("net/mlx5e: Handle offloads flows per peer").
+ carnil> Vulnerable versions: 6.5-rc1.
+Bugs:
+upstream: released (6.8-rc2) [d76fdd31f953ac5046555171620f2562715e9b71]
+6.7-upstream-stable: released (6.7.3) [e24d6f5a7f2d95a98a46257a5a5a5381d572894f]
+6.6-upstream-stable: released (6.6.15) [74cec142f89bf85c6c99c5db957da9f663f9f16f]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52488 b/active/CVE-2023-52488
new file mode 100644
index 00000000..29ae98e6
--- /dev/null
+++ b/active/CVE-2023-52488
@@ -0,0 +1,15 @@
+Description: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
+References:
+Notes:
+ carnil> Introduced in dfeae619d781 ("serial: sc16is7xx"). Vulnerable versions: 3.16-rc1.
+Bugs:
+upstream: released (6.8-rc1) [dbf4ab821804df071c8b566d9813083125e6d97b]
+6.7-upstream-stable: released (6.7.3) [aa7cb4787698add9367b19f7afc667662c9bdb23]
+6.6-upstream-stable: released (6.6.15) [084c24e788d9cf29c55564de368bf5284f2bb5db]
+6.1-upstream-stable: released (6.1.76) [416b10d2817c94db86829fb92ad43ce7d002c573]
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2023-52489 b/active/CVE-2023-52489
new file mode 100644
index 00000000..0a1b945d
--- /dev/null
+++ b/active/CVE-2023-52489
@@ -0,0 +1,16 @@
+Description: mm/sparsemem: fix race in accessing memory_section->usage
+References:
+Notes:
+ carnil> Introduced in f46edbd1b151 ("mm/sparsemem: add helpers track active portions of
+ carnil> a section at boot"). Vulnerable versions: 5.3-rc1.
+Bugs:
+upstream: released (6.8-rc1) [5ec8e8ea8b7783fab150cf86404fc38cb4db8800]
+6.7-upstream-stable: released (6.7.3) [3a01daace71b521563c38bbbf874e14c3e58adb7]
+6.6-upstream-stable: released (6.6.15) [70064241f2229f7ba7b9599a98f68d9142e81a97]
+6.1-upstream-stable: released (6.1.76) [68ed9e33324021e9d6b798e9db00ca3093d2012a]
+5.10-upstream-stable: released (5.10.210) [90ad17575d26874287271127d43ef3c2af876cea]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52490 b/active/CVE-2023-52490
new file mode 100644
index 00000000..d183cd64
--- /dev/null
+++ b/active/CVE-2023-52490
@@ -0,0 +1,16 @@
+Description: mm: migrate: fix getting incorrect page mapping during page migration
+References:
+Notes:
+ carnil> Introduced in 64c8902ed441 ("migrate_pages: split unmap_and_move() to _unmap()
+ carnil> and _move()"). Vulnerable versions: 6.3-rc1.
+Bugs:
+upstream: released (6.8-rc1) [d1adb25df7111de83b64655a80b5a135adbded61]
+6.7-upstream-stable: released (6.7.3) [3889a418b6eb9a1113fb989aaadecf2f64964767]
+6.6-upstream-stable: released (6.6.15) [9128bfbc5c80d8f4874dd0a0424d1f5fb010df1b]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52491 b/active/CVE-2023-52491
new file mode 100644
index 00000000..a0b5909b
--- /dev/null
+++ b/active/CVE-2023-52491
@@ -0,0 +1,16 @@
+Description: media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run
+References:
+Notes:
+ carnil> Introduced in b2f0d2724ba4 ("[media] vcodec: mediatek: Add Mediatek JPEG
+ carnil> Decoder Driver"). Vulnerable versions: 4.12-rc1.
+Bugs:
+upstream: released (6.8-rc1) [206c857dd17d4d026de85866f1b5f0969f2a109e]
+6.7-upstream-stable: released (6.7.3) [6e2f37022f0fc0893da4d85a0500c9d547fffd4c]
+6.6-upstream-stable: released (6.6.15) [8254d54d00eb6cdb8367399c7f912eb8d354ecd7]
+6.1-upstream-stable: released (6.1.76) [9fec4db7fff54d9b0306a332bab31eac47eeb5f6]
+5.10-upstream-stable: released (5.10.210) [43872f44eee6c6781fea1348b38885d8e78face9]
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2023-52492 b/active/CVE-2023-52492
new file mode 100644
index 00000000..4660c662
--- /dev/null
+++ b/active/CVE-2023-52492
@@ -0,0 +1,16 @@
+Description: dmaengine: fix NULL pointer in channel unregistration function
+References:
+Notes:
+ carnil> Introduced in d2fb0a043838 ("dmaengine: break out channel registration").
+ carnil> Vulnerable versions: 5.6-rc1.
+Bugs:
+upstream: released (6.8-rc1) [f5c24d94512f1b288262beda4d3dcb9629222fc7]
+6.7-upstream-stable: released (6.7.3) [9263fd2a63487c6d04cbb7b74a48fb12e1e352d0]
+6.6-upstream-stable: released (6.6.15) [7f0ccfad2031eddcc510caf4e57f2d4aa2d8a50b]
+6.1-upstream-stable: released (6.1.76) [2ab32986a0b9e329eb7f8f04dd57cc127f797c08]
+5.10-upstream-stable: released (5.10.210) [9de69732dde4e443c1c7f89acbbed2c45a6a8e17]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52493 b/active/CVE-2023-52493
new file mode 100644
index 00000000..d4e441ec
--- /dev/null
+++ b/active/CVE-2023-52493
@@ -0,0 +1,16 @@
+Description: bus: mhi: host: Drop chan lock before queuing buffers
+References:
+Notes:
+ carnil> Introduced in 1d3173a3bae7 ("bus: mhi: core: Add support for processing events
+ carnil> from client device"). Vulnerable versions: 5.7-rc1.
+Bugs:
+upstream: released (6.8-rc1) [01bd694ac2f682fb8017e16148b928482bc8fa4b]
+6.7-upstream-stable: released (6.7.3) [b8eff20d87092e14cac976d057cb0aea2f1d0830]
+6.6-upstream-stable: released (6.6.15) [eaefb9464031215d63c0a8a7e2bfaa00736aa17e]
+6.1-upstream-stable: released (6.1.76) [3c5ec66b4b3f6816f3a6161538672e389e537690]
+5.10-upstream-stable: released (5.10.210) [20a6dea2d1c68d4e03c6bb50bc12e72e226b5c0e]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52494 b/active/CVE-2023-52494
new file mode 100644
index 00000000..8b89aecd
--- /dev/null
+++ b/active/CVE-2023-52494
@@ -0,0 +1,16 @@
+Description: bus: mhi: host: Add alignment check for event ring read pointer
+References:
+Notes:
+ carnil> Introduced in ec32332df764 ("bus: mhi: core: Sanity check values from remote
+ carnil> device before use"). Vulnerable versions: 5.10.36 5.11.20 5.12.3 5.13-rc1.
+Bugs:
+upstream: released (6.8-rc1) [eff9704f5332a13b08fbdbe0f84059c9e7051d5f]
+6.7-upstream-stable: released (6.7.3) [ecf8320111822a1ae5d5fc512953eab46d543d0b]
+6.6-upstream-stable: released (6.6.15) [a9ebfc405fe1be145f414eafadcbf09506082010]
+6.1-upstream-stable: released (6.1.76) [2df39ac8f813860f79782807c3f7acff40b3c551]
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52495 b/active/CVE-2023-52495
new file mode 100644
index 00000000..b088a3a6
--- /dev/null
+++ b/active/CVE-2023-52495
@@ -0,0 +1,16 @@
+Description: soc: qcom: pmic_glink_altmode: fix port sanity check
+References:
+Notes:
+ carnil> Introduced in 080b4e24852b ("soc: qcom: pmic_glink: Introduce altmode
+ carnil> support"). Vulnerable versions: 6.3-rc1.
+Bugs:
+upstream: released (6.8-rc1) [c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0]
+6.7-upstream-stable: released (6.7.3) [d26edf4ee3672cc9828f2a3ffae34086a712574d]
+6.6-upstream-stable: released (6.6.15) [532a5557da6892a6b2d5793052e1bce1f4c9e177]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52496 b/active/CVE-2023-52496
new file mode 100644
index 00000000..3695ecc7
--- /dev/null
+++ b/active/CVE-2023-52496
@@ -0,0 +1,16 @@
+Description: mtd: maps: vmu-flash: Fix the (mtd core) switch to ref counters
+References:
+Notes:
+ carnil> Introduced in 19bfa9ebebb5 ("mtd: use refcount to prevent corruption").
+ carnil> Vulnerable versions: 6.6-rc1.
+Bugs:
+upstream: released (6.8-rc1) [a7d84a2e7663bbe12394cc771107e04668ea313a]
+6.7-upstream-stable: released (6.7.3) [1168d6b79d2fafb41299fbc1b528e20644c562a5]
+6.6-upstream-stable: released (6.6.15) [38c12f10990ad6e63ddef2f20c1b066e5e4d34fd]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52497 b/active/CVE-2023-52497
new file mode 100644
index 00000000..fcb3bb9a
--- /dev/null
+++ b/active/CVE-2023-52497
@@ -0,0 +1,18 @@
+Description: erofs: fix lz4 inplace decompression
+References:
+Notes:
+ carnil> Introduced in 0ffd71bcc3a0 ("staging: erofs: introduce LZ4 decompression
+ carnil> inplace")
+ carnil> 598162d05080 ("erofs: support decompress big pcluster for lz4 backend").
+ carnil> Vulnerable versions: 5.3-rc1 5.13-rc1.
+Bugs:
+upstream: released (6.8-rc1) [3c12466b6b7bf1e56f9b32c366a3d83d87afb4de]
+6.7-upstream-stable: released (6.7.3) [bffc4cc334c5bb31ded54bc3cfd651735a3cb79e]
+6.6-upstream-stable: released (6.6.15) [f36d200a80a3ca025532ed60dd1ac21b620e14ae]
+6.1-upstream-stable: released (6.1.76) [33bf23c9940dbd3a22aad7f0cda4c84ed5701847]
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2023-52498 b/active/CVE-2023-52498
new file mode 100644
index 00000000..b0c6d8a6
--- /dev/null
+++ b/active/CVE-2023-52498
@@ -0,0 +1,15 @@
+Description: PM: sleep: Fix possible deadlocks in core system-wide PM code
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (6.8-rc1) [7839d0078e0d5e6cc2fa0b0dfbee71de74f1e557]
+6.7-upstream-stable: released (6.7.3) [9bd3dce27b01c51295b60e1433e1dadfb16649f7]
+6.6-upstream-stable: released (6.6.15) [e681e29d1f59a04ef773296e4bebb17b1b79f8fe]
+6.1-upstream-stable: released (6.1.76) [e1c9d32c98309ae764893a481552d3f99d46cb34]
+5.10-upstream-stable: released (5.10.210) [f46eb832389f162ad13cb780d0b8cde93641990d]
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26607 b/active/CVE-2024-26607
new file mode 100644
index 00000000..524349e0
--- /dev/null
+++ b/active/CVE-2024-26607
@@ -0,0 +1,16 @@
+Description: drm/bridge: sii902x: Fix probing race issue
+References:
+Notes:
+ carnil> Introduced in 21d808405fe4 ("drm/bridge/sii902x: Fix EDID readback").
+ carnil> Vulnerable versions: 5.0-rc1.
+Bugs:
+upstream: released (6.8-rc2) [08ac6f132dd77e40f786d8af51140c96c6d739c9]
+6.7-upstream-stable: released (6.7.3) [2a4c6af7934a7b4c304542c38fee35e09cc1770c]
+6.6-upstream-stable: released (6.6.15) [56f96cf6eb11a1c2d594367c3becbfb06a855ec1]
+6.1-upstream-stable: released (6.1.76) [e0f83c234ea7a3dec1f84e5d02caa1c51664a076]
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26608 b/active/CVE-2024-26608
new file mode 100644
index 00000000..ba08fd3c
--- /dev/null
+++ b/active/CVE-2024-26608
@@ -0,0 +1,16 @@
+Description: ksmbd: fix global oob in ksmbd_nl_policy
+References:
+Notes:
+ carnil> Introduced in 0626e6641f6b ("cifsd: add server handler for central processing
+ carnil> and tranport layers"). Vulnerable versions: 5.15-rc1.
+Bugs:
+upstream: released (6.8-rc2) [ebeae8adf89d9a82359f6659b1663d09beec2faa]
+6.7-upstream-stable: released (6.7.3) [6993328a4cd62a24df254b587c0796a4a1eecc95]
+6.6-upstream-stable: released (6.6.15) [9863a53100f47652755545c2bd43e14a1855104d]
+6.1-upstream-stable: released (6.1.76) [2c939c74ef0b74e99b92e32edc2a59f9b9ca3d5a]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26609 b/active/CVE-2024-26609
new file mode 100644
index 00000000..ee1bdabd
--- /dev/null
+++ b/active/CVE-2024-26609
@@ -0,0 +1,16 @@
+Description: netfilter: nf_tables: reject QUEUE/DROP verdict parameters
+References:
+Notes:
+ carnil> Introduced in e0abdadcc6e1 ("netfilter: nf_tables: accept QUEUE/DROP verdict
+ carnil> parameters"). Vulnerable versions: 3.15-rc1.
+Bugs:
+upstream: released (6.8-rc2) [f342de4e2f33e0e39165d8639387aa6c19dff660]
+6.7-upstream-stable: released (6.7.3) [f05a497e7bc8851eeeb3a58da180ba469efebb05]
+6.6-upstream-stable: released (6.6.15) [6653118b176a00915125521c6572ae8e507621db]
+6.1-upstream-stable: released (6.1.76) [8e34430e33b8a80bc014f3efe29cac76bc30a4b4]
+5.10-upstream-stable: released (5.10.210) [55a60251fa50d4e68175e36666b536a602ce4f6c]
+4.19-upstream-stable: released (4.19.307) [8365e9d92b85fda975a5ece7a3a139cb964018c8]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26610 b/active/CVE-2024-26610
new file mode 100644
index 00000000..ea80152c
--- /dev/null
+++ b/active/CVE-2024-26610
@@ -0,0 +1,16 @@
+Description: wifi: iwlwifi: fix a memory corruption
+References:
+Notes:
+ carnil> Introduced in cf29c5b66b9f ("iwlwifi: dbg_ini: implement time point handling").
+ carnil> Vulnerable versions: 5.5-rc1.
+Bugs:
+upstream: released (6.8-rc2) [cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d]
+6.7-upstream-stable: released (6.7.3) [f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67]
+6.6-upstream-stable: released (6.6.15) [870171899d75d43e3d14360f3a4850e90a9c289b]
+6.1-upstream-stable: released (6.1.76) [aa2cc9363926991ba74411e3aa0a0ea82c1ffe32]
+5.10-upstream-stable: released (5.10.210) [05dd9facfb9a1e056752c0901c6e86416037d15a]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26611 b/active/CVE-2024-26611
new file mode 100644
index 00000000..57fc6cb3
--- /dev/null
+++ b/active/CVE-2024-26611
@@ -0,0 +1,16 @@
+Description: xsk: fix usage of multi-buffer BPF helpers for ZC XDP
+References:
+Notes:
+ carnil> Introduced in 24ea50127ecf ("xsk: support mbuf on ZC RX"). Vulnerable versions:
+ carnil> 6.6-rc1.
+Bugs:
+upstream: released (6.8-rc2) [c5114710c8ce86b8317e9b448f4fd15c711c2a82]
+6.7-upstream-stable: released (6.7.3) [5cd781f7216f980207af09c5e0e1bb1eda284540]
+6.6-upstream-stable: released (6.6.15) [82ee4781b8200e44669a354140d5c6bd966b8768]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26612 b/active/CVE-2024-26612
new file mode 100644
index 00000000..3c3e8ee8
--- /dev/null
+++ b/active/CVE-2024-26612
@@ -0,0 +1,16 @@
+Description: netfs, fscache: Prevent Oops in fscache_put_cache()
+References:
+Notes:
+ carnil> Introduced in 9549332df4ed ("fscache: Implement cache registration").
+ carnil> Vulnerable versions: 5.17-rc1.
+Bugs:
+upstream: released (6.8-rc2) [3be0b3ed1d76c6703b9ee482b55f7e01c369cc68]
+6.7-upstream-stable: released (6.7.3) [4200ad3e46ce50f410fdda302745489441bc70f0]
+6.6-upstream-stable: released (6.6.15) [1c45256e599061021e2c848952e50f406457e448]
+6.1-upstream-stable: released (6.1.76) [82a9bc343ba019665d3ddc1d9a180bf0e0390cf3]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26613 b/active/CVE-2024-26613
new file mode 100644
index 00000000..8b7c5208
--- /dev/null
+++ b/active/CVE-2024-26613
@@ -0,0 +1,16 @@
+Description: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
+References:
+Notes:
+ carnil> Introduced in 3289025aedc0 ("RDS: add receive message trace used by
+ carnil> application"). Vulnerable versions: 4.11-rc1.
+Bugs:
+upstream: released (6.8-rc2) [13e788deb7348cc88df34bed736c3b3b9927ea52]
+6.7-upstream-stable: released (6.7.3) [0b787c2dea15e7a2828fa3a74a5447df4ed57711]
+6.6-upstream-stable: released (6.6.15) [7a73190ea557e7f26914b0fe04c1f57a96cb771f]
+6.1-upstream-stable: released (6.1.76) [71024928b3f71ce4529426f8692943205c58d30b]
+5.10-upstream-stable: released (5.10.210) [5ae8d50044633306ff160fcf7faa24994175efe1]
+4.19-upstream-stable: released (4.19.307) [344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26614 b/active/CVE-2024-26614
new file mode 100644
index 00000000..c9abfd45
--- /dev/null
+++ b/active/CVE-2024-26614
@@ -0,0 +1,18 @@
+Description: tcp: make sure init the accept_queue's spinlocks once
+References:
+Notes:
+ carnil> Introduced in fff1f3001cc5 ("tcp: add a spinlock to protect struct
+ carnil> request_sock_queue")
+ carnil> 168a8f58059a ("tcp: TCP Fast Open Server - main code path"). Vulnerable
+ carnil> versions: 3.7-rc1 4.4-rc1 4.19.207 5.4.148 5.10.67 5.13.19 5.14.6.
+Bugs:
+upstream: released (6.8-rc2) [198bc90e0e734e5f98c3d2833e8390cac3df61b2]
+6.7-upstream-stable: released (6.7.3) [3982fe726a63fb3de6005e534e2ac8ca7e0aca2a]
+6.6-upstream-stable: released (6.6.15) [168e7e599860654876c2a1102a82610285c02f02]
+6.1-upstream-stable: released (6.1.76) [b1e0a68a0cd2a83259c444f638b417a8fffc6855]
+5.10-upstream-stable: released (5.10.210) [bc99dcedd2f422d602516762b96c8ef1ae6b2882]
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26615 b/active/CVE-2024-26615
new file mode 100644
index 00000000..9a8a5e44
--- /dev/null
+++ b/active/CVE-2024-26615
@@ -0,0 +1,16 @@
+Description: net/smc: fix illegal rmb_desc access in SMC-D connection dump
+References:
+Notes:
+ carnil> Introduced in 4b1b7d3b30a6 ("net/smc: add SMC-D diag support"). Vulnerable
+ carnil> versions: 4.19-rc1.
+Bugs:
+upstream: released (6.8-rc2) [dbc153fd3c142909e564bb256da087e13fbf239c]
+6.7-upstream-stable: released (6.7.3) [8f3f9186e5bb96a9c9654c41653210e3ea7e48a6]
+6.6-upstream-stable: released (6.6.15) [a164c2922675d7051805cdaf2b07daffe44f20d9]
+6.1-upstream-stable: released (6.1.76) [6994dba06321e3c48fdad0ba796a063d9d82183a]
+5.10-upstream-stable: released (5.10.210) [5fed92ca32eafbfae8b6bee8ca34cca71c6a8b6d]
+4.19-upstream-stable: released (4.19.307) [27aea64838914c6122db5b8bd4bed865c9736f22]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26616 b/active/CVE-2024-26616
new file mode 100644
index 00000000..b22a792d
--- /dev/null
+++ b/active/CVE-2024-26616
@@ -0,0 +1,17 @@
+Description: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned
+References:
+Notes:
+ carnil> Introduced in
+ carnil> e02ee89baa66 ("btrfs: scrub: switch scrub_simple_mirror() to scrub_stripe
+ carnil> infrastructure"). Vulnerable versions: 6.4-rc1.
+Bugs:
+upstream: released (6.8-rc2) [f546c4282673497a06ecb6190b50ae7f6c85b02f]
+6.7-upstream-stable: released (6.7.3) [34de0f04684ec00c093a0455648be055f0e8e24f]
+6.6-upstream-stable: released (6.6.15) [642b9c520ef2f104277ad1f902f8526edbe087fb]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26617 b/active/CVE-2024-26617
new file mode 100644
index 00000000..25330b57
--- /dev/null
+++ b/active/CVE-2024-26617
@@ -0,0 +1,16 @@
+Description: fs/proc/task_mmu: move mmu notification mechanism inside mm lock
+References:
+Notes:
+ carnil> Introduced in 52526ca7fdb9 ("fs/proc/task_mmu: implement IOCTL to get and
+ carnil> optionally clear info about PTEs"). Vulnerable versions: 6.7-rc1.
+Bugs:
+upstream: released (6.8-rc1) [4cccb6221cae6d020270606b9e52b1678fc8b71a]
+6.7-upstream-stable: released (6.7.3) [05509adf297924f51e1493aa86f9fcde1433ed80]
+6.6-upstream-stable: N/A "Vulnerable code not present"
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26618 b/active/CVE-2024-26618
new file mode 100644
index 00000000..d5bae55f
--- /dev/null
+++ b/active/CVE-2024-26618
@@ -0,0 +1,16 @@
+Description: arm64/sme: Always exit sme_alloc() early with existing storage
+References:
+Notes:
+ carnil> Introduced in 5d0a8d2fba50 ("arm64/ptrace: Ensure that SME is set up for target
+ carnil> when writing SSVE state"). Vulnerable versions: 6.1.47 6.4.12 6.5-rc7.
+Bugs:
+upstream: released (6.8-rc1) [dc7eb8755797ed41a0d1b5c0c39df3c8f401b3d9]
+6.7-upstream-stable: released (6.7.3) [814af6b4e6000e574e74d92197190edf07cc3680]
+6.6-upstream-stable: released (6.6.15) [569156e4fa347237f8fa2a7e935d860109c55ac4]
+6.1-upstream-stable: needed
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26619 b/active/CVE-2024-26619
new file mode 100644
index 00000000..7540b1fe
--- /dev/null
+++ b/active/CVE-2024-26619
@@ -0,0 +1,16 @@
+Description: riscv: Fix module loading free order
+References:
+Notes:
+ carnil> Introduced in d8792a5734b0 ("riscv: Safely remove entries from relocation
+ carnil> list"). Vulnerable versions: 6.7-rc5.
+Bugs:
+upstream: released (6.8-rc1) [78996eee79ebdfe8b6f0e54cb6dcc792d5129291]
+6.7-upstream-stable: released (6.7.3) [2fa79badf4bfeffda6b5032cf62b828486ec9a99]
+6.6-upstream-stable: N/A "Vulnerable code not present"
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/active/CVE-2024-26620 b/active/CVE-2024-26620
new file mode 100644
index 00000000..fb844bf4
--- /dev/null
+++ b/active/CVE-2024-26620
@@ -0,0 +1,16 @@
+Description: s390/vfio-ap: always filter entire AP matrix
+References:
+Notes:
+ carnil> Introduced in 48cae940c31d ("s390/vfio-ap: refresh guest's APCB by filtering AP
+ carnil> resources assigned to mdev"). Vulnerable versions: 6.0-rc1.
+Bugs:
+upstream: released (6.8-rc1) [850fb7fa8c684a4c6bf0e4b6978f4ddcc5d43d11]
+6.7-upstream-stable: released (6.7.3) [cdd134d56138302976685e6c7bc4755450b3880e]
+6.6-upstream-stable: released (6.6.15) [c69d821197611678533fb3eb784fc823b921349a]
+6.1-upstream-stable: released (6.1.76) [d6b8d034b576f406af920a7bee81606c027b24c6]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-29 19:21:43 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-29 19:21:43 +0100
commit	4623b36743bf6c013300f7df620ed4f2494214a1 (patch)
tree	52fd98d1cd4cee84525095dcdaa1fb89e9d6803e
parent	c289ed05ac639a3e8c9efc1122633dd94123af99 (diff)