[Git][security-tracker-team/security-tracker][master] Update Linux CVEs from kernel-sec

Sat Dec 28 15:53:46 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c0249fc by Salvatore Bonaccorso at 2024-12-28T16:52:34+01:00
Update Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,136 @@
+CVE-2024-56708 [EDAC/igen6: Avoid segmentation fault on module unload]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fefaae90398d38a1100ccd73b46ab55ff4610fba (6.13-rc1)
+CVE-2024-56707 [octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64 (6.13-rc1)
+CVE-2024-56706 [s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f55bd479d8663a4a4e403b3d308d3d1aa33d92df (6.13-rc1)
+CVE-2024-56705 [media: atomisp: Add check for rgby_data memory allocation failure]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/ed61c59139509f76d3592683c90dc3fdc6e23cd6 (6.13-rc1)
+CVE-2024-56704 [9p/xen: fix release of IRQ]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/e43c608f40c065b30964f0a806348062991b802d (6.13-rc1)
+CVE-2024-56703 [ipv6: Fix soft lockups in fib6_select_path under high next hop churn]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/d9ccb18f83ea2bb654289b6ecf014fd267cc988b (6.13-rc1)
+CVE-2024-56702 [bpf: Mark raw_tp arguments with PTR_MAYBE_NULL]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cb4158ce8ec8a5bb528cc1693356a5eb8058094d (6.13-rc1)
+CVE-2024-56701 [powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cadae3a45d23aa4f6485938a67cbc47aaaa25e38 (6.13-rc1)
+CVE-2024-56700 [media: wl128x: Fix atomicity violation in fmc_send_cmd()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/ca59f9956d4519ab18ab2270be47c6b8c6ced091 (6.13-rc1)
+CVE-2024-56699 [s390/pci: Fix potential double remove of hotplug slot]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c4a585e952ca403a370586d3f16e8331a7564901 (6.13-rc1)
+CVE-2024-56698 [usb: dwc3: gadget: Fix looping of queued SG entries]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/b7fc65f5141c24785dc8c19249ca4efcf71b3524 (6.13-rc1)
+CVE-2024-56697 [drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a1144da794adedb9447437c57d69add56494309d (6.13-rc1)
+CVE-2024-56696 [ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9ad467a2b2716d4ed12f003b041aa6c776a13ff5 (6.13-rc1)
+CVE-2024-56695 [drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()']
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/922f0e00017b09d9d47e3efac008c8b20ed546a0 (6.13-rc1)
+CVE-2024-56694 [bpf: fix recursive lock when verdict program return SK_PASS]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/8ca2a1eeadf09862190b2810697702d803ceef2d (6.13-rc1)
+CVE-2024-56693 [brd: defer automatic disk creation until module initialization succeeds]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/826cc42adf44930a633d11a5993676d85ddb0842 (6.13-rc1)
+CVE-2024-56692 [f2fs: fix to do sanity check on node blkaddr in truncate_node()]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/6babe00ccd34fc65b78ef8b99754e32b4385f23d (6.13-rc1)
+CVE-2024-56691 [mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/686fb77712a4bc94b76a0c5ae74c60118b7a0d79 (6.13-rc1)
+CVE-2024-56690 [crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/662f2f13e66d3883b9238b0b96b17886179e60e2 (6.13-rc1)
+CVE-2024-56689 [PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio']
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5089b3d874e9933d9842e90410d3af1520494757 (6.13-rc1)
+CVE-2024-56688 [sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/4db9ad82a6c823094da27de4825af693a3475d51 (6.13-rc1)
+CVE-2024-56687 [usb: musb: Fix hardware lockup on first Rx endpoint request]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3fc137386c4620305bbc2a216868c53f9245670a (6.13-rc1)
+CVE-2024-56686 [ext4: fix race in buffer_head read fault injection]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/2f3d93e210b9c2866c8b3662adae427d5bf511ec (6.13-rc1)
+CVE-2024-56685 [ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2f2020327cc8561d7c520d2f2d9acea84fa7b3a3 (6.13-rc1)
+CVE-2024-56684 [mailbox: mtk-cmdq: fix wrong use of sizeof in cmdq_get_clocks()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/271ee263cc8771982809185007181ca10346fe73 (6.13-rc1)
+CVE-2024-56683 [drm/vc4: hdmi: Avoid hang with debug registers when suspended]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/223ee2567a55e4f80315c768d2969e6a3b9fb23d (6.13-rc1)
+CVE-2024-56682 [irqchip/riscv-aplic: Prevent crash when MSI domain is missing]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1f181d1cda56c2fbe379c5ace1aa1fac6306669e (6.13-rc1)
+CVE-2024-56681 [crypto: bcm - add error check in the ahash_hmac_init function]
+	- linux 6.12.3-1
+	NOTE: https://git.kernel.org/linus/19630cf57233e845b6ac57c9c969a4888925467b (6.13-rc1)
+CVE-2024-56680 [media: intel/ipu6: do not handle interrupts when device is disabled]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1429826883bb18847092b2e04c6598ef34bae1d4 (6.13-rc1)
+CVE-2024-56679 [octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0fbc7a5027c6f7f2c785adae3dcec22b2f2b69b3 (6.13-rc1)
+CVE-2024-56678 [powerpc/mm/fault: Fix kfence page fault reporting]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/06dbbb4d5f7126b6307ab807cbf04ecfc459b933 (6.13-rc1)
+CVE-2024-56677 [powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init()]
+	- linux 6.12.3-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/05b94cae1c47f94588c3e7096963c1007c4d9c1d (6.13-rc1)
+CVE-2024-56676 [thermal: testing: Initialize some variables annoteded with _free()]
+	- linux 6.12.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0104dcdaad3a7afd141e79a5fb817a92ada910ac (6.13-rc1)
 CVE-2024-54775 (Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting ...)
 	NOT-FOR-US: Dcat-Admin
 CVE-2024-54774 (Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerabi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c0249fc188d29bbbc38ebcd4462a78f27e92e4e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c0249fc188d29bbbc38ebcd4462a78f27e92e4e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241228/b79bb036/attachment.htm>
