diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-03 20:48:35 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-03 20:48:35 +0200 |
commit | 66e87507fcb7b6bf6b6f61168ac40f6bfabee0ff (patch) | |
tree | 75acac40e7493988433f710f6cc5c8a659505bbb /active | |
parent | c3f9b126ea57a93df577a2b35548846d732b3eb7 (diff) |
Some more CVEs assigned by the Linux kernel CNA
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2022-48686 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48687 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48688 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48689 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48690 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48691 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48692 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48693 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48694 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48695 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48696 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48697 | 16 | ||||
-rw-r--r-- | active/CVE-2022-48698 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48699 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48700 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48701 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48702 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48703 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48704 | 15 | ||||
-rw-r--r-- | active/CVE-2022-48705 | 16 |
20 files changed, 312 insertions, 0 deletions
diff --git a/active/CVE-2022-48686 b/active/CVE-2022-48686 new file mode 100644 index 00000000..7256613f --- /dev/null +++ b/active/CVE-2022-48686 @@ -0,0 +1,16 @@ +Description: nvme-tcp: fix UAF when detecting digest errors +References: +Notes: + carnil> Introduced in 3f2304f8c6d6 ("nvme-tcp: add NVMe over TCP host driver"). + carnil> Vulnerable versions: 5.0-rc1. +Bugs: +upstream: released (6.0-rc5) [160f3549a907a50e51a8518678ba2dcf2541abea] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [5914fa32ef1b7766fea933f9eed94ac5c00aa7ff] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48687 b/active/CVE-2022-48687 new file mode 100644 index 00000000..cdc840d9 --- /dev/null +++ b/active/CVE-2022-48687 @@ -0,0 +1,16 @@ +Description: ipv6: sr: fix out-of-bounds read when setting HMAC data. +References: +Notes: + carnil> Introduced in 4f4853dc1c9c1 ("ipv6: sr: implement API to control SR HMAC + carnil> structure"). Vulnerable versions: 4.10-rc1. +Bugs: +upstream: released (6.0-rc5) [84a53580c5d2138c7361c7c3eea5b31827e63b35] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [076f2479fc5a15c4a970ca3b5e57d42ba09a31fa] +4.19-upstream-stable: released (4.19.258) [f684c16971ed5e77dfa25a9ad25b5297e1f58eab] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48688 b/active/CVE-2022-48688 new file mode 100644 index 00000000..93a45b89 --- /dev/null +++ b/active/CVE-2022-48688 @@ -0,0 +1,16 @@ +Description: i40e: Fix kernel crash during module removal +References: +Notes: + carnil> Introduced in 0ef2d5afb12d ("i40e: KISS the client interface"). Vulnerable + carnil> versions: 4.12-rc1. +Bugs: +upstream: released (6.0-rc5) [fb8396aeda5872369a8ed6d2301e2c86e303c520] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [342d77769a6cceb3df7720a1e18baa4339eee3fc] +4.19-upstream-stable: released (4.19.258) [c49f320e2492738d478bc427dcd54ccfe0cba746] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48689 b/active/CVE-2022-48689 new file mode 100644 index 00000000..efd4ae26 --- /dev/null +++ b/active/CVE-2022-48689 @@ -0,0 +1,16 @@ +Description: tcp: TX zerocopy should not sense pfmemalloc status +References: +Notes: + carnil> Introduced in c07aea3ef4d4 ("mm: add a signature in struct page"). Vulnerable + carnil> versions: 5.14-rc1. +Bugs: +upstream: released (6.0-rc5) [3261400639463a853ba2b3be8bd009c2a8089775] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48690 b/active/CVE-2022-48690 new file mode 100644 index 00000000..3fb1b2e0 --- /dev/null +++ b/active/CVE-2022-48690 @@ -0,0 +1,16 @@ +Description: ice: Fix DMA mappings leak +References: +Notes: + carnil> Introduced in 617f3e1b588c ("ice: xsk: allocate separate memory for XDP SW + carnil> ring"). Vulnerable versions: 5.16-rc7. +Bugs: +upstream: released (6.0-rc5) [7e753eb675f0523207b184558638ee2eed6c9ac2] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48691 b/active/CVE-2022-48691 new file mode 100644 index 00000000..b6bf58d3 --- /dev/null +++ b/active/CVE-2022-48691 @@ -0,0 +1,16 @@ +Description: netfilter: nf_tables: clean up hook list when offload flags check fails +References: +Notes: + carnil> Introduced in d54725cd11a5 ("netfilter: nf_tables: support for multiple devices + carnil> per netdev hook"). Vulnerable versions: 5.5-rc1. +Bugs: +upstream: released (6.0-rc5) [77972a36ecc4db7fc7c68f0e80714263c5f03f65] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [910891a2a44cdc49efcc4fe7459c1085ba00d0f4] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48692 b/active/CVE-2022-48692 new file mode 100644 index 00000000..10b633f3 --- /dev/null +++ b/active/CVE-2022-48692 @@ -0,0 +1,16 @@ +Description: RDMA/srp: Set scmnd->result only when scmnd is not NULL +References: +Notes: + carnil> Introduced in ad215aaea4f9 ("RDMA/srp: Make struct scsi_cmnd and struct + carnil> srp_request adjacent"). Vulnerable versions: 5.10.199 5.14-rc1. +Bugs: +upstream: released (6.0-rc5) [12f35199a2c0551187edbf8eb01379f0598659fa] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.199) [f022576aa03c2385ea7f2b27ee5b331e43abf624] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48693 b/active/CVE-2022-48693 new file mode 100644 index 00000000..04bfedf3 --- /dev/null +++ b/active/CVE-2022-48693 @@ -0,0 +1,16 @@ +Description: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs +References: +Notes: + carnil> Introduced in 0b741b8234c8 ("soc: bcm: brcmstb: Add support for S2/S3/S5 + carnil> suspend states (ARM)"). Vulnerable versions: 4.15-rc1. +Bugs: +upstream: released (6.0-rc5) [1085f5080647f0c9f357c270a537869191f7f2a1] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [6dc0251638a4a1a998506dbd4627f8317e907558] +4.19-upstream-stable: released (4.19.258) [0284b4e6dec6088a41607aa3f42bf51edff01883] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48694 b/active/CVE-2022-48694 new file mode 100644 index 00000000..ae8a388e --- /dev/null +++ b/active/CVE-2022-48694 @@ -0,0 +1,16 @@ +Description: RDMA/irdma: Fix drain SQ hang with no completion +References: +Notes: + carnil> Introduced in 81091d7696ae ("RDMA/irdma: Add SW mechanism to generate + carnil> completions on error"). Vulnerable versions: 5.15.116 5.19-rc1. +Bugs: +upstream: released (6.0-rc5) [ead54ced6321099978d30d62dc49c282a6e70574] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48695 b/active/CVE-2022-48695 new file mode 100644 index 00000000..9cc8ec7e --- /dev/null +++ b/active/CVE-2022-48695 @@ -0,0 +1,15 @@ +Description: scsi: mpt3sas: Fix use-after-free warning +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [ea10a652ad2ae2cf3eced6f632a5c98f26727057] +4.19-upstream-stable: released (4.19.258) [82efb917eeb27454dc4c6fe26432fc8f6c75bc16] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48696 b/active/CVE-2022-48696 new file mode 100644 index 00000000..c905b752 --- /dev/null +++ b/active/CVE-2022-48696 @@ -0,0 +1,16 @@ +Description: regmap: spi: Reserve space for register address/padding +References: +Notes: + carnil> Introduced in f231ff38b7b2 ("regmap: spi: Set regmap max raw r/w from + carnil> max_transfer_size"). Vulnerable versions: 5.16-rc1. +Bugs: +upstream: released (6.0-rc5) [f5723cfc01932c7a8d5c78dbf7e067e537c91439] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2022-48697 b/active/CVE-2022-48697 new file mode 100644 index 00000000..adb97de2 --- /dev/null +++ b/active/CVE-2022-48697 @@ -0,0 +1,16 @@ +Description: nvmet: fix a use-after-free +References: +Notes: + carnil> Introduced in a07b4970f464 ("nvmet: add a generic NVMe target"). Vulnerable + carnil> versions: 4.8-rc1. +Bugs: +upstream: released (6.0-rc5) [6a02a61e81c231cc5c680c5dbf8665275147ac52] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [be01f1c988757b95f11f090a9f491365670a522b] +4.19-upstream-stable: released (4.19.260) [17f121ca3ec6be0fb32d77c7f65362934a38cc8e] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48698 b/active/CVE-2022-48698 new file mode 100644 index 00000000..a4ee6082 --- /dev/null +++ b/active/CVE-2022-48698 @@ -0,0 +1,15 @@ +Description: drm/amd/display: fix memory leak when using debugfs_lookup() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [cbfac7fa491651c57926c99edeb7495c6c1aeac2] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2022-48699 b/active/CVE-2022-48699 new file mode 100644 index 00000000..d610b97c --- /dev/null +++ b/active/CVE-2022-48699 @@ -0,0 +1,15 @@ +Description: sched/debug: fix dentry leak in update_sched_domain_debugfs +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [c2e406596571659451f4b95e37ddfd5a8ef1d0dc] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2022-48700 b/active/CVE-2022-48700 new file mode 100644 index 00000000..bc671304 --- /dev/null +++ b/active/CVE-2022-48700 @@ -0,0 +1,15 @@ +Description: vfio/type1: Unpin zero pages +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [873aefb376bbc0ed1dd2381ea1d6ec88106fdbd4] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.146) [578d644edc7d2c1ff53f7e4d0a25da473deb4a03] +4.19-upstream-stable: needed +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: needed diff --git a/active/CVE-2022-48701 b/active/CVE-2022-48701 new file mode 100644 index 00000000..ac74f8ce --- /dev/null +++ b/active/CVE-2022-48701 @@ -0,0 +1,15 @@ +Description: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [e53f47f6c1a56d2af728909f1cb894da6b43d9bf] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [6123bec8480d23369e2ee0b2208611619f269faf] +4.19-upstream-stable: released (4.19.258) [2a308e415d247a23d4d64c964c02e782eede2936] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48702 b/active/CVE-2022-48702 new file mode 100644 index 00000000..65b10bc9 --- /dev/null +++ b/active/CVE-2022-48702 @@ -0,0 +1,15 @@ +Description: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc5) [d29f59051d3a07b81281b2df2b8c9dfe4716067f] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [39a90720f3abe96625d1224e7a7463410875de4c] +4.19-upstream-stable: released (4.19.258) [88aac6684cf8bc885cca15463cb4407e91f28ff7] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48703 b/active/CVE-2022-48703 new file mode 100644 index 00000000..b6f0d373 --- /dev/null +++ b/active/CVE-2022-48703 @@ -0,0 +1,15 @@ +Description: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc3) [7931e28098a4c1a2a6802510b0cbe57546d2049d] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2022-48704 b/active/CVE-2022-48704 new file mode 100644 index 00000000..ad2064b5 --- /dev/null +++ b/active/CVE-2022-48704 @@ -0,0 +1,15 @@ +Description: drm/radeon: add a force flush to delay work when radeon +References: +Notes: + carnil> First introducing commit could not be determined. +Bugs: +upstream: released (6.0-rc3) [f461950fdc374a3ada5a63c669d997de4600dffe] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.143) [826b46fd5974113515abe9e4fc8178009a8ce18c] +4.19-upstream-stable: released (4.19.258) [c0a45f41fde4a0f2c900f719817493ee5c4a5aa3] +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: released (4.19.260-1) diff --git a/active/CVE-2022-48705 b/active/CVE-2022-48705 new file mode 100644 index 00000000..221dd8ff --- /dev/null +++ b/active/CVE-2022-48705 @@ -0,0 +1,16 @@ +Description: wifi: mt76: mt7921e: fix crash in chip reset fail +References: +Notes: + carnil> Introduced in 0efaf31dec57 ("mt76: mt7921: fix MT7921E reset failure"). + carnil> Vulnerable versions: 5.16.3 5.17-rc1. +Bugs: +upstream: released (6.0-rc5) [fa3fbe64037839f448dc569212bafc5a495d8219] +6.8-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.19.11-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |