[Git][security-tracker-team/security-tracker][master] Merge linux CVEs from kernel-sec

Thu Aug 8 11:41:38 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5855b537 by Salvatore Bonaccorso at 2024-08-08T12:40:49+02:00
Merge linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,26 @@
+CVE-2024-42257 [ext4: use memtostr_pad() for s_volume_name]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/be27cd64461c45a6088a91a04eba5cd44e1767ef (6.11-rc1)
+CVE-2024-42256 [cifs: Fix server re-repick on subrequest retry]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/de40579b903883274fe203865f29d66b168b7236 (6.11-rc1)
+CVE-2024-42255 [tpm: Use auth only after NULL check in tpm_buf_check_hmac_response()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7dc357d343f134bf59815ff6098b93503ec8a23b (6.11-rc1)
+CVE-2024-42254 [io_uring: fix error pbuf checking]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bcc87d978b834c298bbdd9c52454c5d0a946e97e (6.11-rc1)
+CVE-2024-42253 [gpio: pca953x: fix pca953x_irq_bus_sync_unlock race]
+	- linux 6.9.11-1
+	NOTE: https://git.kernel.org/linus/bfc6444b57dc7186b6acc964705d7516cbaf3904 (6.10-rc6)
+CVE-2024-42252 [closures: Change BUG_ON() to WARN_ON()]
+	- linux 6.9.11-1
+	NOTE: https://git.kernel.org/linus/339b84ab6b1d66900c27bd999271cb2ae40ce812 (6.10-rc5)
+CVE-2024-42251 [mm: page_ref: remove folio_try_get_rcu()]
+	- linux 6.9.11-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fa2690af573dfefb47ba6eef888797a64b6b5f3c (6.10)
 CVE-2024-7561 (The The Next theme for WordPress is vulnerable to PHP Object Injection ...)
 	NOT-FOR-US: WordPress theme
 CVE-2024-7560 (The News Flash theme for WordPress is vulnerable to PHP Object Injecti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5855b53738c8224d0dfd1f1d6be9e89c5a02085e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5855b53738c8224d0dfd1f1d6be9e89c5a02085e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/b1a4cc5f/attachment.htm>
