[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 2 10:02:13 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17584700 by Salvatore Bonaccorso at 2024-04-02T11:01:35+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,63 +81,128 @@ CVE-2024-27324 (PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Informati
 CVE-2024-27323 (PDF-XChange Editor Updater Improper Certificate Validation Remote Code ...)
 	NOT-FOR-US: PDF-XChange Editor
 CVE-2024-26684 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/46eba193d04f8bd717e525eb4110f3c46c12aec3 (6.8-rc4)
 CVE-2024-26683 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/177fbbcb4ed6b306c1626a277fac3fb1c495a4c7 (6.8-rc4)
 CVE-2024-26682 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/35e2385dbe787936c793d70755a5177d267a40aa (6.8-rc4)
 CVE-2024-26681 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ba5e1272142d051dcc57ca1d3225ad8a089f9858 (6.8-rc4)
 CVE-2024-26680 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2e7d3b67630dfd8f178c41fa2217aa00e79a5887 (6.8-rc4)
 CVE-2024-26679 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/eef00a82c568944f113f2de738156ac591bbd5cd (6.8-rc4)
 CVE-2024-26678 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1ad55cecf22f05f1c884adf63cc09d3c3e609ebf (6.8-rc4)
 CVE-2024-26677 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/e7870cf13d20f56bfc19f9c3e89707c69cf104ef (6.8-rc4)
 CVE-2024-26676 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1279f9d9dec2d7462823a18c29ad61359e0a007d (6.8-rc4)
 CVE-2024-26675 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/cb88cb53badb8aeb3955ad6ce80b07b598e310b8 (6.8-rc4)
 CVE-2024-26674 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8eed4e00a370b37b4e5985ed983dccedd555ea9d (6.8-rc4)
 CVE-2024-26673 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4 (6.8-rc3)
 CVE-2024-26672 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/4f32504a2f85a7b40fe149436881381f48e9c0c0 (6.8-rc1)
 CVE-2024-26671 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/5266caaf5660529e3da53004b8b7174cab6374ed (6.8-rc1)
 CVE-2024-26670 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
-	TODO: check
+	- linux 6.6.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/832dd634bd1b4e3bbe9f10b9c9ba5db6f6f2b97f (6.8-rc1)
 CVE-2024-26669 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.6.15-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/32f2a0afa95fae0d1ceec2ff06e0e816939964b8 (6.8-rc2)
 CVE-2024-26668 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.6.15-1
+	[bookworm] - linux 6.1.76-1
+	NOTE: https://git.kernel.org/linus/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa (6.8-rc2)
 CVE-2024-26667 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7f3d03c48b1eb6bc45ab20ca98b8b11be25f9f52 (6.8-rc4)
 CVE-2024-26666 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9480adfe4e0f0319b9da04b44e4eebd5ad07e0cd (6.8-rc4)
 CVE-2024-26665 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d75abeec401f8c86b470e7028a13fcdc87e5dd06 (6.8-rc4)
 CVE-2024-26664 (In the Linux kernel, the following vulnerability has been resolved:  h ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/4e440abc894585a34c2904a32cd54af1742311b3 (6.8-rc4)
 CVE-2024-26663 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/3871aa01e1a779d866fa9dfdd5a836f342f4eb87 (6.8-rc4)
 CVE-2024-26662 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e96fddb32931d007db12b1fce9b5e8e4c080401b (6.8-rc4)
 CVE-2024-26661 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/66951d98d9bf45ba25acf37fe0747253fafdf298 (6.8-rc4)
 CVE-2024-26660 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/58fca355ad37dcb5f785d9095db5f748b79c5dc2 (6.8-rc4)
 CVE-2024-26659 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/7c4650ded49e5b88929ecbbb631efb8b0838e811 (6.8-rc3)
 CVE-2024-26658 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/2acc59dd88d27ad69b66ded80df16c042b04eeec (6.8-rc1)
 CVE-2024-26657 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f34e8bb7d6c6626933fe993e03ed59ae85e16abb (6.9-rc2)
 CVE-2024-26656 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/22207fd5c80177b860279653d017474b2812af5e (6.9-rc1)
 CVE-2024-25187 (Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allo ...)
 	NOT-FOR-US: 71cms
 CVE-2024-24581 (in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitr ...)
@@ -201,19 +266,32 @@ CVE-2024-1179 (TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Over
 CVE-2024-0637 (Centreon updateDirectory SQL Injection Remote Code Execution Vulnerabi ...)
 	TODO: check
 CVE-2023-52636 (In the Linux kernel, the following vulnerability has been resolved:  l ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8e46a2d068c92a905d01cbb018b00d66991585ab (6.8-rc4)
 CVE-2023-52635 (In the Linux kernel, the following vulnerability has been resolved:  P ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/aed5ed595960c6d301dcd4ed31aeaa7a8054c0c6 (6.8-rc1)
 CVE-2023-52634 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/2ce156482a6fef349d2eba98e5070c412d3af662 (6.8-rc1)
 CVE-2023-52633 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/abe4eaa8618bb36c2b33e9cdde0499296a23448c (6.8-rc1)
 CVE-2023-52632 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.7.7-1
+	NOTE: https://git.kernel.org/linus/2a9de42e8d3c82c6990d226198602be44f43f340 (6.8-rc1)
 CVE-2023-52631 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
-	TODO: check
+	- linux 6.7.7-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b2dd7b953c25ffd5912dda17e980e7168bebcf6c (6.8-rc4)
 CVE-2023-52630 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
+	- linux 6.7.7-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2a427b49d02995ea4a6ff93a1432c40fa4d36821 (6.8-rc4)
 CVE-2023-51573 (Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous  ...)
 	TODO: check
 CVE-2023-51572 (Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1758470005ec062fe83d37c3f60d0b13f0b01f97

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1758470005ec062fe83d37c3f60d0b13f0b01f97
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240402/99ad957f/attachment.htm>


More information about the debian-security-tracker-commits mailing list