[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Sun Apr 28 15:53:42 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b04723da by Salvatore Bonaccorso at 2024-04-28T16:53:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,193 @@
+CVE-2024-26928 [smb: client: fix potential UAF in cifs_debug_files_proc_show()]
+	- linux <unfixed>
+	[bookworm] - linux 6.1.85-1
+	NOTE: https://git.kernel.org/linus/ca545b7f0823f19db0f1148d59bc5e1a56634502 (6.9-rc3)
+CVE-2024-26927 [ASoC: SOF: Add some bounds checking to firmware data]
+	- linux 6.7.12-1
+	[bookworm] - linux 6.1.85-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/98f681b0f84cfc3a1d83287b77697679e0398306 (6.9-rc1)
+CVE-2022-48668 [smb3: fix temporary data corruption in collapse range]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 (6.0-rc4)
+CVE-2022-48667 [smb3: fix temporary data corruption in insert range]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9c8b7a293f50253e694f19161c045817a938e551 (6.0-rc4)
+CVE-2022-48666 [scsi: core: Fix a use-after-free]
+	- linux 6.0.2-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8fe4ce5836e932f5766317cb651c1ff2a4cd0506 (6.0-rc5)
+CVE-2022-48665 [exfat: fix overflow for large capacity partition]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62 (6.0-rc7)
+CVE-2022-48664 [btrfs: fix hang during unmount when stopping a space reclaim worker]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	NOTE: https://git.kernel.org/linus/a362bb864b8db4861977d00bd2c3222503ccc34b (6.0-rc7)
+CVE-2022-48663 [gpio: mockup: fix NULL pointer dereference when removing debugfs]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68 (6.0-rc7)
+CVE-2022-48662 [drm/i915/gem: Really move i915_gem_context.link under ref protection]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d119888b09bd567e07c6b93a07f175df88857e02 (6.0-rc7)
+CVE-2022-48661 [gpio: mockup: Fix potential resource leakage when register a chip]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/02743c4091ccfb246f5cdbbe3f44b152d5d12933 (6.0-rc7)
+CVE-2022-48660 [gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 (6.0-rc7)
+CVE-2022-48659 [mm/slub: fix to return errno if kmalloc() fails]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/7e9c323c52b379d261a72dc7bd38120a761a93cd (6.0-rc7)
+CVE-2022-48658 [mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e45cc288724f0cfd497bb5920bcfa60caa335729 (6.0-rc7)
+CVE-2022-48657 [arm64: topology: fix possible overflow in amu_fie_setup()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.158-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d4955c0ad77dbc684fc716387070ac24801b8bca (6.0-rc7)
+CVE-2022-48656 [dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87e (6.0-rc7)
+CVE-2022-48655 [firmware: arm_scmi: Harden accesses to the reset domains]
+	- linux 6.0.2-1
+	NOTE: https://git.kernel.org/linus/e9076ffbcaed5da6c182b144ef9f6e24554af268 (6.0-rc7)
+CVE-2022-48654 [netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/559c36c5a8d730c49ef805a72b213d3bba155cc8 (6.0-rc7)
+CVE-2022-48653 [ice: Don't double unplug aux on peer initiated reset]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/23c619190318376769ad7b61504c2ea0703fb783 (6.0-rc7)
+CVE-2022-48652 [ice: Fix crash by keep old cfg when update TCs more than queues]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a509702cac95a8b450228a037c8542f57e538e5b (6.0-rc7)
+CVE-2022-48651 [ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/81225b2ea161af48e093f58e8dfee6d705b16af4 (6.0-rc7)
+CVE-2022-48650 [scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/601be20fc6a1b762044d2398befffd6bf236cebf (6.0-rc7)
+CVE-2022-48649 [mm/slab_common: fix possible double free of kmem_cache]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d71608a877362becdc94191f190902fac1e64d35 (6.0-rc7)
+CVE-2022-48648 [sfc: fix null pointer dereference in efx_hard_start_xmit]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0a242eb2913a4aa3d6fbdb86559f27628e9466f3 (6.0-rc7)
+CVE-2022-48647 [sfc: fix TX channel offset when using legacy interrupts]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f232af4295653afa4ade3230462b3be15ad16419 (6.0-rc7)
+CVE-2022-48646 [sfc/siena: fix null pointer dereference in efx_hard_start_xmit]
+	- linux 6.0.2-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/589c6eded10c77a12b7b2cf235b6b19a2bdb91fa (6.0-rc7)
+CVE-2022-48645 [net: enetc: deny offload of tc-based TSN features on VF interfaces]
+	- linux 6.0.2-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5641c751fe2f92d3d9e8a8e03c1263ac8caa0b42 (6.0-rc7)
+CVE-2022-48644 [net/sched: taprio: avoid disabling offload when it was never enabled]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/db46e3a88a09c5cf7e505664d01da7238cd56c92 (6.0-rc7)
+CVE-2022-48643 [netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/921ebde3c0d22c8cba74ce8eb3cc4626abff1ccd (6.0-rc7)
+CVE-2022-48642 [netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9a4d6dd554b86e65581ef6b6638a39ae079b17ac (6.0-rc7)
+CVE-2022-48641 [netfilter: ebtables: fix memory leak when blob is malformed]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/62ce44c4fff947eebdf10bb582267e686e6835c9 (6.0-rc7)
+CVE-2022-48640 [bonding: fix NULL deref in bond_rr_gen_slave_id]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0e400d602f46360752e4b32ce842dba3808e15e6 (6.0-rc7)
+CVE-2022-48639 [net: sched: fix possible refcount leak in tc_new_tfilter()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c2e1cfefcac35e0eea229e148c8284088ce437b5 (6.0-rc7)
+CVE-2022-48638 [cgroup: cgroup_get_from_id() must check the looked-up kn is a directory]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/df02452f3df069a59bc9e69c84435bf115cb6e37 (6.0-rc7)
+CVE-2022-48637 [bnxt: prevent skb UAF after handing over to PTP worker]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c31f26c8f69f776759cbbdfb38e40ea91aa0dd65 (6.0-rc7)
+CVE-2022-48636 [s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/db7ba07108a48c0f95b74fabbfd5d63e924f992d (6.0-rc7)
+CVE-2022-48635 [fsdax: Fix infinite loop in dax_iomap_rw()]
+	- linux 6.0.2-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/17d9c15c9b9e7fb285f7ac5367dfb5f00ff575e3 (6.0-rc7)
+CVE-2022-48634 [drm/gma500: Fix BUG: sleeping function called from invalid context errors]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	NOTE: https://git.kernel.org/linus/63e37a79f7bd939314997e29c2f5a9f0ef184281 (6.0-rc6)
+CVE-2022-48633 [drm/gma500: Fix WARN_ON(lock->magic != lock) error]
+	- linux 6.0.2-1
+	NOTE: https://git.kernel.org/linus/b6f25c3b94f2aadbf5cbef954db4073614943d74 (6.0-rc6)
+CVE-2022-48632 [i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/de24aceb07d426b6f1c59f33889d6a964770547b (6.0-rc7)
+CVE-2022-48631 [ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0]
+	- linux 6.0.2-1
+	[bullseye] - linux 5.10.148-1
+	NOTE: https://git.kernel.org/linus/29a5b8a137ac8eb410cc823653a29ac0e7b7e1b0 (6.0-rc7)
 CVE-2024-4291 (A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It ha ...)
 	NOT-FOR-US: Tenda
 CVE-2024-4257 (A vulnerability was found in BlueNet Technology Clinical Browsing Syst ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b04723da10f910896599d1bbbc29be4ead2729e9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b04723da10f910896599d1bbbc29be4ead2729e9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240428/a624dc4f/attachment.htm>
