[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 17 18:46:53 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a0cad4cb by Salvatore Bonaccorso at 2024-04-17T19:46:10+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,518 @@
+CVE-2024-26920 [tracing/trigger: Fix to return error if failed to alloc snapshot]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/0958b33ef5a04ed91f61cef4760ac412080c4e08 (6.8-rc3)
+CVE-2024-26919 [usb: ulpi: Fix debugfs directory leak]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3caf2b2ad7334ef35f55b95f3e1b138c6f77b368 (6.8-rc3)
+CVE-2024-26918 [PCI: Fix active state requirement in PME polling]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/41044d5360685e78a869d40a168491a70cdb7e73 (6.8-rc5)
+CVE-2024-26917 [scsi: Revert "scsi: fcoe: Fix potential deadlock on Description:fip->ctlr_lock"]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/977fe773dcc7098d8eaf4ee6382cb51e13e784cb (6.8-rc5)
+CVE-2024-26916 [Revert "drm/amd: flush any delayed gfxoff on suspend entry"]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/916361685319098f696b798ef1560f69ed96e934 (6.8-rc5)
+CVE-2024-26915 [drm/amdgpu: Reset IH OVERFLOW_CLEAR bit]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/7330256268664ea0a7dd5b07a3fed363093477dd (6.8-rc3)
+CVE-2024-26914 [drm/amd/display: fix incorrect mpc_combine array size]
+ - linux 6.7.7-1
+ NOTE: https://git.kernel.org/linus/39079fe8e660851abbafa90cd55cbf029210661f (6.8-rc3)
+CVE-2024-26913 [drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue]
+ - linux 6.7.7-1
+ NOTE: https://git.kernel.org/linus/faf51b201bc42adf500945732abb6220c707d6f3 (6.8-rc3)
+CVE-2024-26912 [drm/nouveau: fix several DMA buffer leaks]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/042b5f83841fbf7ce39474412db3b5e4765a7ea7 (6.8-rc4)
+CVE-2024-26911 [drm/buddy: Fix alloc_range() error handling code]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8746c6c9dfa31d269c65dd52ab42fde0720b7d91 (6.8-rc5)
+CVE-2024-26910 [netfilter: ipset: fix performance regression in swap operation]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/97f7cf1cd80eeed3b7c808b7c12463295c751001 (6.8-rc3)
+CVE-2024-26909 [soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b979f2d50a099f3402418d7ff5f26c3952fb08bb (6.8-rc7)
+CVE-2024-26908 [x86/xen: Add some null pointer checking to smp.c]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/3693bb4465e6e32a204a5b86d3ec7e6b9f7e67c2 (6.8-rc5)
+CVE-2024-26907 [RDMA/mlx5: Fix fortify source warning while accessing Eth segment]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/4d5e86a56615cc387d21c629f9af8fb0e958d350 (6.8-rc6)
+CVE-2024-26906 [x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/32019c659ecfe1d92e3bf9fcdfbb11a7c70acd58 (6.8-rc6)
+CVE-2024-26905 [btrfs: fix data races when accessing the reserved amount of block reserves]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/e06cc89475eddc1f3a7a4d471524256152c68166 (6.8-rc7)
+CVE-2024-26904 [btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/c7bb26b847e5b97814f522686068c5628e2b3646 (6.8-rc7)
+CVE-2024-26903 [Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/2535b848fa0f42ddff3e5255cf5e742c9b77bb26 (6.8-rc7)
+CVE-2024-26902 [perf: RISCV: Fix panic on pmu overflow handler]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/34b567868777e9fd39ec5333969728a7f0cf179c (6.8-rc7)
+CVE-2024-26901 [do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/3948abaa4e2be938ccdfc289385a27342fb13d43 (6.9-rc1)
+CVE-2024-26900 [md: fix kmemleak of rdev->serial]
+ - linux <unfixed>
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6cf350658736681b9d6b0b6e58c5c76b235bb4c4 (6.9-rc1)
+CVE-2024-26899 [block: fix deadlock between bd_link_disk_holder and partition scan]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/03f12122b20b6e6028e9ed69030a49f9cffcbb75 (6.9-rc1)
+CVE-2024-26898 [aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/f98364e926626c678fb4b9004b75cacf92ff0662 (6.9-rc1)
+CVE-2024-26897 [wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/24355fcb0d4cbcb6ddda262596558e8cfba70f11 (6.9-rc1)
+CVE-2024-26896 [wifi: wfx: fix memory leak when starting AP]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b8cfb7c819dd39965136a66fe3a7fde688d976fc (6.9-rc1)
+CVE-2024-26895 [wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cb5942b77c05d54310a0420cac12935e9b6aa21c (6.9-rc1)
+CVE-2024-26894 [ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/e18afcb7b2a12b635ac10081f943fcf84ddacc51 (6.9-rc1)
+CVE-2024-26893 [firmware: arm_scmi: Fix double free in SMC transport cleanup path]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f1d71576d2c9ec8fdb822173fa7f3de79475e9bd (6.9-rc1)
+CVE-2024-26892 [wifi: mt76: mt7921e: fix use-after-free in free_irq()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c957280ef6ab6bdf559a91ae693a6b34310697e3 (6.9-rc1)
+CVE-2024-26891 [iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4fc82cd907ac075648789cc3a00877778aa1838b (6.9-rc1)
+CVE-2024-26890 [Bluetooth: btrtl: fix out of bounds memory access]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/de4e88ec58c4202efd1f02eebb4939bbf6945358 (6.9-rc1)
+CVE-2024-26889 [Bluetooth: hci_core: Fix possible buffer overflow]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/81137162bfaa7278785b24c1fd2e9e74f082e8e4 (6.9-rc1)
+CVE-2024-26888 [Bluetooth: msft: Fix memory leak]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b (6.9-rc1)
+CVE-2024-26887 [Bluetooth: btusb: Fix memory leak]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/79f4127a502c5905f04da1f20a7bbe07103fb77c (6.9-rc1)
+CVE-2024-26886 [Bluetooth: af_bluetooth: Fix deadlock]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f7b94bdc1ec107c92262716b073b3e816d4784fb (6.9-rc1)
+CVE-2024-26885 [bpf: Fix DEVMAP_HASH overflow check on 32-bit arches]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/281d464a34f540de166cee74b723e97ac2515ec3 (6.9-rc1)
+CVE-2024-26884 [bpf: Fix hashtab overflow check on 32-bit arches]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/6787d916c2cf9850c97a0a3f73e08c43e7d973b1 (6.9-rc1)
+CVE-2024-26883 [bpf: Fix stackmap overflow check on 32-bit arches]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/7a4b21250bf79eef26543d35bd390448646c536b (6.9-rc1)
+CVE-2024-26882 [net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/b0ec2abf98267f14d032102551581c833b0659d3 (6.9-rc1)
+CVE-2024-26881 [net: hns3: fix kernel crash when 1588 is received on HIP08 devices]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0fbcf2366ba9888cf02eda23e35fde7f7fcc07c3 (6.9-rc1)
+CVE-2024-26880 [dm: call the resume method on internal suspend]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/65e8fbde64520001abf1c8d0e573561b4746ef38 (6.9-rc1)
+CVE-2024-26879 [clk: meson: Add missing clocks to axg_clk_regmaps]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ba535bce57e71463a86f8b33a0ea88c26e3a6418 (6.9-rc1)
+CVE-2024-26878 [quota: Fix potential NULL pointer dereference]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/d0aa72604fbd80c8aabb46eda00535ed35570f1f (6.9-rc1)
+CVE-2024-26877 [crypto: xilinx - call finalize with bh disabled]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a853450bf4c752e664abab0b2fad395b7ad7701c (6.9-rc1)
+CVE-2024-26876 [drm/bridge: adv7511: fix crash on irq during probe]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/aeedaee5ef5468caf59e2bb1265c2116e0c9a924 (6.9-rc1)
+CVE-2024-26875 [media: pvrusb2: fix uaf in pvr2_context_set_notify]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/0a0b79ea55de8514e1750884e5fec77f9fdd01ee (6.9-rc1)
+CVE-2024-26874 [drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/c958e86e9cc1b48cac004a6e245154dfba8e163b (6.9-rc1)
+CVE-2024-26873 [scsi: hisi_sas: Fix a deadlock issue related to automatic dump]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3c4f53b2c341ec6428b98cb51a89a09b025d0953 (6.9-rc1)
+CVE-2024-26872 [RDMA/srpt: Do not register event handler until srpt device is fully setup]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/c21a8870c98611e8f892511825c9607f1e2cd456 (6.9-rc1)
+CVE-2024-26871 [f2fs: fix NULL pointer dereference in f2fs_submit_page_write()]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c2034ef6192a65a986a45c2aa2ed05824fdc0e9f (6.9-rc1)
+CVE-2024-26870 [NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/251a658bbfceafb4d58c76b77682c8bf7bcfad65 (6.9-rc1)
+CVE-2024-26869 [f2fs: fix to truncate meta inode pages forcely]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/9f0c4a46be1fe9b97dbe66d49204c1371e3ece65 (6.9-rc1)
+CVE-2024-26868 [nfs: fix panic when nfs4_ff_layout_prepare_ds() fails]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/719fcafe07c12646691bd62d7f8d94d657fa0766 (6.9-rc1)
+CVE-2024-26867 [comedi: comedi_8255: Correct error in subdevice initialization]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cfa9ba1ae0bef0681833a22d326174fe633caab5 (6.8)
+CVE-2024-26866 [spi: lpspi: Avoid potential use-after-free in probe()]
+ - linux <unfixed>
+ NOTE: https://git.kernel.org/linus/2ae0ab0143fcc06190713ed81a6486ed0ad3c861 (6.9-rc1)
+CVE-2024-26865 [rds: tcp: Fix use-after-free of net in reqsk_timer_handler().]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/2a750d6a5b365265dbda33330a6188547ddb5c24 (6.9-rc1)
+CVE-2024-26864 [tcp: Fix refcnt handling in __inet_hash_connect().]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/04d9d1fc428ac9f581d55118d67e0cb546701feb (6.9-rc1)
+CVE-2024-26863 [hsr: Fix uninit-value access in hsr_get_node()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/ddbec99f58571301679addbc022256970ca3eac6 (6.9-rc1)
+CVE-2024-26862 [packet: annotate data-races around ignore_outgoing]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (6.9-rc1)
+CVE-2024-26861 [wireguard: receive: annotate data-race around receiving_counter.counter]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bba045dc4d996d03dce6fe45726e78a1a1f6d4c3 (6.9-rc1)
+CVE-2024-26860 [dm-integrity: fix a memory leak when rechecking the data]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/55e565c42dce81a4e49c13262d5bc4eb4c2e588a (6.9-rc1)
+CVE-2024-26859 [net/bnx2x: Prevent access to a freed page in page_pool]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/d27e2da94a42655861ca4baea30c8cd65546f25d (6.9-rc1)
+CVE-2024-26858 [net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b7cf07586c40f926063d4d09f7de28ff82f62b2a (6.8)
+CVE-2024-26857 [geneve: make sure to pull inner header in geneve_rx()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/1ca1ba465e55b9460e4e75dec9fff31e708fec74 (6.8)
+CVE-2024-26856 [net: sparx5: Fix use after free inside sparx5_del_mact_entry]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/89d72d4125e94aa3c2140fedd97ce07ba9e37674 (6.8)
+CVE-2024-26855 [net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/06e456a05d669ca30b224b8ed962421770c1496c (6.8)
+CVE-2024-26854 [ice: fix uninitialized dplls mutex usage]
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9224fc86f1776193650a33a275cac628952f80a9 (6.8)
+CVE-2024-26853 [igc: avoid returning frame twice in XDP_REDIRECT]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ef27f655b438bed4c83680e4f01e1cde2739854b (6.8)
+CVE-2024-26852 [net/ipv6: avoid possible UAF in ip6_route_mpath_notify()]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/685f7d531264599b3f167f1e94bbd22f120e5fab (6.8)
+CVE-2024-26851 [netfilter: nf_conntrack_h323: Add protection for bmp length out of range]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/767146637efc528b5e3d31297df115e85a2fd362 (6.8)
+CVE-2024-26850 [mm/debug_vm_pgtable: fix BUG_ON with pud advanced test]
+ - linux 6.7.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/720da1e593b85a550593b415bf1d79a053133451 (6.8-rc7)
+CVE-2024-26849 [netlink: add nla be16/32 types to minlen array]
+ - linux 6.7.9-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9a0d18853c280f6a0ee99f91619f2442a17a323a (6.8-rc7)
+CVE-2024-26848 [afs: Fix endless loop in directory parsing]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5f7a07646655fb4108da527565dcdc80124b14c4 (6.8-rc7)
+CVE-2024-26847 [powerpc/rtas: use correct function name for resetting TCE tables]
+ - linux 6.7.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fad87dbd48156ab940538f052f1820f4b6ed2819 (6.8-rc7)
+CVE-2024-26846 [nvme-fc: do not wait in vain when unloading module]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/70fbfc47a392b98e5f8dba70c6efc6839205c982 (6.8-rc3)
+CVE-2024-26845 [scsi: target: core: Add TMF to tmr_list handling]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/83ab68168a3d990d5ff39ab030ad5754cbbccb25 (6.8-rc1)
+CVE-2024-26844 [block: Fix WARNING in _copy_from_iter]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6 (6.8-rc2)
+CVE-2024-26843 [efi: runtime: Fix potential overflow of soft-reserved region size]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/de1034b38a346ef6be25fe8792f5d1e0684d5ff4 (6.8-rc4)
+CVE-2024-26842 [scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd()]
+ - linux 6.7.7-1
+ NOTE: https://git.kernel.org/linus/b513d30d59bb383a6a5d6b533afcab2cee99a8f8 (6.8-rc4)
+CVE-2024-26841 [LoongArch: Update cpu_sibling_map when disabling nonboot CPUs]
+ - linux 6.7.7-1
+ NOTE: https://git.kernel.org/linus/752cd08da320a667a833803a8fd6bb266114cce5 (6.8-rc6)
+CVE-2024-26840 [cachefiles: fix memory leak in cachefiles_add_cache()]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/e21a2f17566cbd64926fb8f16323972f7a064444 (6.8-rc6)
+CVE-2024-26839 [IB/hfi1: Fix a memleak in init_credit_return]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/809aa64ebff51eb170ee31a95f83b2d21efa32e2 (6.8-rc6)
+CVE-2024-26838 [RDMA/irdma: Fix KASAN issue with tasklet]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bd97cea7b18a0a553773af806dfbfac27a7c4acb (6.8-rc6)
+CVE-2024-26837 [net: bridge: switchdev: Skip MDB replays of deferred events on offload]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dc489f86257cab5056e747344f17a164f63bff4b (6.8-rc6)
+CVE-2024-26836 [platform/x86: think-lmi: Fix password opcode ordering for workstations]
+ - linux 6.7.7-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6f7d0f5fd8e440c3446560100ac4ff9a55eec340 (6.8-rc6)
+CVE-2024-26835 [netfilter: nf_tables: set dormant flag on hook register failure]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bccebf64701735533c8db37773eeacc6566cc8ec (6.8-rc6)
+CVE-2024-26834 [netfilter: nft_flow_offload: release dst in case direct xmit path is used]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8762785f459be1cfe6fcf7285c123aad6a3703f0 (6.8-rc6)
+CVE-2024-26833 [drm/amd/display: Fix memory leak in dm_sw_fini()]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bae67893578d608e35691dcdfa90c4957debf1d3 (6.8-rc6)
+CVE-2024-26832 [mm: zswap: fix missing folio cleanup in writeback race path]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e3b63e966cac0bf78aaa1efede1827a252815a1d (6.8-rc6)
+CVE-2024-26831 [net/handshake: Fix handshake_req_destroy_test1]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4e1d71cabb19ec2586827adfc60d68689c68c194 (6.8-rc5)
+CVE-2024-26830 [i40e: Do not allow untrusted VF to remove administratively set MAC]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/73d9629e1c8c1982f13688c4d1019c3994647ccc (6.8-rc5)
+CVE-2024-26829 [media: ir_toy: fix a memleak in irtoy_tx]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dc9ceb90c4b42c6e5c6757df1d6257110433788e (6.8-rc5)
+CVE-2024-26828 [cifs: fix underflow in parse_server_interfaces()]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/cffe487026be13eaf37ea28b783d9638ab147204 (6.8-rc5)
+CVE-2024-26827 [i2c: qcom-geni: Correct I2C TRE sequence]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/83ef106fa732aea8558253641cd98e8a895604d7 (6.8-rc5)
+CVE-2024-26826 [mptcp: fix data re-injection from stale subflow]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b6c620dc43ccb4e802894e54b651cf81495e9598 (6.8-rc3)
+CVE-2024-26825 [nfc: nci: free rx_data_reassembly skb on NCI device cleanup]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c (6.8-rc3)
+CVE-2024-26824 [crypto: algif_hash - Remove bogus SGL free on zero-length error path]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/24c890dd712f6345e382256cae8c97abb0406b70 (6.8-rc4)
+CVE-2024-26823 [irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8b02da04ad978827e5ccd675acf170198f747a7a (6.8-rc5)
+CVE-2024-26822 [smb: client: set correct id, uid and cruid for multiuser automounts]
+ - linux 6.7.7-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4508ec17357094e2075f334948393ddedbb75157 (6.8-rc5)
+CVE-2024-26821 [fs: relax mount_setattr() permission checks]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/46f5ab762d048dad224436978315cbc2fa79c630 (6.8-rc5)
+CVE-2024-26820 [hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/9cae43da9867412f8bd09aee5c8a8dc5e8dc3dc2 (6.8-rc4)
+CVE-2024-26819 [dm: limit the number of targets and parameter size area]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/bd504bcfec41a503b32054da5472904b404341a4 (6.8-rc3)
+CVE-2024-26818 [tools/rtla: Fix clang warning about mount_point var size]
+ - linux 6.7.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/30369084ac6e27479a347899e74f523e6ca29b89 (6.8-rc5)
+CVE-2023-52645 [pmdomain: mediatek: fix race conditions with genpd]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c41336f4d69057cbf88fed47951379b384540df5 (6.8-rc4)
+CVE-2023-52644 [wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled]
+ - linux <unfixed>
+ [bookworm] - linux 6.1.85-1
+ NOTE: https://git.kernel.org/linus/9636951e4468f02c72cc75a82dc65d003077edbc (6.9-rc1)
+CVE-2023-52643 [iio: core: fix memleak in iio_device_register_sysfs]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/95a0d596bbd0552a78e13ced43f2be1038883c81 (6.8-rc5)
+CVE-2023-52642 [media: rc: bpf attach/detach requires write permission]
+ - linux 6.7.7-1
+ [bookworm] - linux 6.1.82-1
+ NOTE: https://git.kernel.org/linus/6a9d552483d50953320b9d3b57abdee8d436f23f (6.8-rc5)
CVE-2024-3882 (A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been cla ...)
NOT-FOR-US: Tenda
CVE-2024-3881 (A vulnerability was found in Tenda W30E 1.0.1.25(633) and classified a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0cad4cb44f301aaeb63acb64c7ab5f7041c4f51
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0cad4cb44f301aaeb63acb64c7ab5f7041c4f51
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240417/dc2f8297/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list