[Git][security-tracker-team/security-tracker][master] Add CVE-2024-53144 and update CVE-2024-8805

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
220c5b0b by Salvatore Bonaccorso at 2024-12-17T18:24:06+01:00
Add CVE-2024-53144 and update CVE-2024-8805

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2024-53144 [Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE]
+	- linux 6.11.4-1
+	[bookworm] - linux 6.1.115-1
+	NOTE: https://git.kernel.org/linus/b25e11f978b63cb7857890edb3a698599cddb10e (6.12-rc3)
 CVE-2024-53241 [Xen hypercall page unsafe against speculative attacks]
 	- linux <unfixed>
 	- xen <unfixed>
@@ -23498,6 +23502,7 @@ CVE-2024-8805 (BlueZ HID over GATT Profile Improper Access Control Remote Code E
 	[bookworm] - linux 6.1.115-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1229/
 	NOTE: https://git.kernel.org/linus/b25e11f978b63cb7857890edb3a698599cddb10e (6.12-rc3)
+	NOTE: CVE-2024-8805 likely to be rejected as Linux kernel CNA assigned later CVE-2024-53144
 CVE-2024-9169 (The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8996 (Unquoted Search Path or Element vulnerability in Grafana Agent (Flow m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220c5b0b4a2c575184772970350d76ac481a7e58

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220c5b0b4a2c575184772970350d76ac481a7e58
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241217/3144c7fe/attachment.htm>