[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Feb 27 20:22:51 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bba9239b by Salvatore Bonaccorso at 2024-02-27T21:22:36+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,127 @@
+CVE-2021-46975 [netfilter: conntrack: Make global sysctls readonly in non-init netns]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2671fa4dc0109d3fb581bc3078fdf17b5d9080f6 (5.13-rc1)
+CVE-2021-46974 [bpf: Fix masking negation logic upon negative dst register]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/b9b34ddbe2076ade359cd5ce7537d5ed019e9807 (5.13-rc1)
+CVE-2021-46971 [perf/core: Fix unconditional security_locked_down() call]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/08ef1af4de5fe7de9c6d69f1e22e51b66e385d9b (5.13-rc1)
+CVE-2021-46970 [bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0fccbf0a3b690b162f53b13ed8bc442ea33437dc (5.13-rc1)
+CVE-2021-46968 [s390/zcrypt: fix zcard and zqueue hot-unplug memleak]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/70fac8088cfad9f3b379c9082832b4d7532c16c2 (5.13-rc1)
+CVE-2021-46967 [vhost-vdpa: fix vm_flags for virtqueue doorbell mapping]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44 (5.13-rc1)
+CVE-2021-46966 [ACPI: custom_method: fix potential use-after-free issue]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/e483bb9a991bdae29a0caa4b3a6d002c968f94aa (5.13-rc1)
+CVE-2021-46965 [mtd: physmap: physmap-bt1-rom: Fix unintentional stack access]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/683313993dbe1651c7aa00bb42a041d70e914925 (5.13-rc1)
+CVE-2021-46964 [scsi: qla2xxx: Reserve extra IRQ vectors]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f02d4086a8f36a0e1aaebf559b54cf24a177a486 (5.13-rc1)
+CVE-2021-46963 [scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/6641df81ab799f28a5d564f860233dd26cca0d93 (5.13-rc1)
+CVE-2021-46962 [mmc: uniphier-sd: Fix a resource leak in the remove function]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e29c84857e2d51aa017ce04284b962742fb97d9e (5.13-rc1)
+CVE-2021-46961 [irqchip/gic-v3: Do not enable irqs when handling spurious interrups]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a97709f563a078e259bf0861cd259aa60332890a (5.13-rc1)
+CVE-2021-46960 [cifs: Return correct error code from smb2_get_enc_key]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/83728cbf366e334301091d5b808add468ab46b27 (5.13-rc1)
+CVE-2021-46955 [openvswitch: fix stack OOB read while fragmenting IPv4 packets]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/7c0ea5930c1c211931819d83cfb157bff1539a4c (5.13-rc1)
+CVE-2021-46954 [net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/31fe34a0118e0acc958c802e830ad5d37ef6b1d3 (5.13-rc1)
+CVE-2021-46953 [ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/1ecd5b129252249b9bc03d7645a7bda512747277 (5.13-rc1)
+CVE-2021-46952 [NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c09f11ef35955785f92369e25819bf0629df2e59 (5.13-rc1)
+CVE-2021-46951 [tpm: efi: Use local variable for calculating final log size]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/48cff270b037022e37835d93361646205ca25101 (5.13-rc1)
+CVE-2021-46950 [md/raid1: properly indicate failure when ending a failed write request]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd (5.13-rc1)
+CVE-2021-46949 [sfc: farch: fix TX queue lookup in TX flush done handling]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5b1faa92289b53cad654123ed2bc8e10f6ddd4ac (5.13-rc1)
+CVE-2021-46948 [sfc: farch: fix TX queue lookup in TX event handling]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/83b09a1807415608b387c7bc748d329fefc5617e (5.13-rc1)
+CVE-2021-46947 [sfc: adjust efx->xdp_tx_queue_count with the real number of initialized queues]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/99ba0ea616aabdc8e26259fd722503e012199a76 (5.13-rc1)
+CVE-2021-46946 [ext4: fix check to prevent false positive report of incorrect used inodes]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/a149d2a5cabbf6507a7832a1c4fd2593c55fd450 (5.13-rc1)
+CVE-2021-46945 [ext4: always panic when errors=panic is specified]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ac2f7ca51b0929461ea49918f27c11b680f28995 (5.13-rc1)
+CVE-2021-46944 [media: staging/intel-ipu3: Fix memory leak in imu_fmt]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3630901933afba1d16c462b04d569b7576339223 (5.13-rc1)
+CVE-2021-46943 [media: staging/intel-ipu3: Fix set_fmt error handling]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ad91849996f9dd79741a961fd03585a683b08356 (5.13-rc1)
+CVE-2021-46942 [io_uring: fix shared sqpoll cancellation hangs]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/734551df6f9bedfbefcd113ede665945e9de0b99 (5.13-rc1)
+CVE-2021-46941 [usb: dwc3: core: Do core softreset when switch mode]
+	- linux 5.10.38-1
+	NOTE: https://git.kernel.org/linus/f88359e1588b85cf0e8209ab7d6620085f3441d9 (5.13-rc1)
+CVE-2021-46940 [tools/power turbostat: Fix offset overflow issue in index converting]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/13a779de4175df602366d129e41782ad7168cef0 (5.13-rc1)
+CVE-2021-46939 [tracing: Restructure trace_clock_global() to never block]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/aafe104aa9096827a429bc1358f8260ee565b7cc (5.13-rc1)
+CVE-2021-46938 [dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/8e947c8f4a5620df77e43c9c75310dc510250166 (5.13-rc1)
+CVE-2020-36777 [media: dvbdev: Fix memory leak in dvb_media_device_free()]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/bf9a40ae8d722f281a2721779595d6df1c33a0bf (5.13-rc1)
+CVE-2020-36776 [thermal/drivers/cpufreq_cooling: Fix slab OOB issue]
+	- linux 5.10.38-1
+	NOTE: https://git.kernel.org/linus/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085 (5.13-rc1)
 CVE-2024-27508 (Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/cryp ...)
 	TODO: check
 CVE-2024-27507 (libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2l ...)
@@ -128,84 +252,6 @@ CVE-2023-48679 (Stored cross-site scripting (XSS) vulnerability due to missing o
 	TODO: check
 CVE-2023-48678 (Sensitive information disclosure due to insecure folder permissions. T ...)
 	TODO: check
-CVE-2021-46975 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2021-46974 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2021-46973 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2021-46972 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
-	TODO: check
-CVE-2021-46971 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
-	TODO: check
-CVE-2021-46970 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2021-46969 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2021-46968 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46967 (In the Linux kernel, the following vulnerability has been resolved:  v ...)
-	TODO: check
-CVE-2021-46966 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
-	TODO: check
-CVE-2021-46965 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2021-46964 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46963 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46962 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2021-46961 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
-CVE-2021-46960 (In the Linux kernel, the following vulnerability has been resolved:  c ...)
-	TODO: check
-CVE-2021-46958 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
-	TODO: check
-CVE-2021-46957 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
-	TODO: check
-CVE-2021-46956 (In the Linux kernel, the following vulnerability has been resolved:  v ...)
-	TODO: check
-CVE-2021-46955 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
-	TODO: check
-CVE-2021-46954 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
-CVE-2021-46953 (In the Linux kernel, the following vulnerability has been resolved:  A ...)
-	TODO: check
-CVE-2021-46952 (In the Linux kernel, the following vulnerability has been resolved:  N ...)
-	TODO: check
-CVE-2021-46951 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
-CVE-2021-46950 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2021-46949 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46948 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46947 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
-	TODO: check
-CVE-2021-46946 (In the Linux kernel, the following vulnerability has been resolved:  e ...)
-	TODO: check
-CVE-2021-46945 (In the Linux kernel, the following vulnerability has been resolved:  e ...)
-	TODO: check
-CVE-2021-46944 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2021-46943 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2021-46942 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
-	TODO: check
-CVE-2021-46941 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
-	TODO: check
-CVE-2021-46940 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
-CVE-2021-46939 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
-CVE-2021-46938 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
-CVE-2020-36777 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
-	TODO: check
-CVE-2020-36776 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
 CVE-2024-27354
 	- phpseclib 1.0.23-1
 	- php-phpseclib 2.0.47-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bba9239b1ca56082cd4abe0ce20f2ec7856b53c7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bba9239b1ca56082cd4abe0ce20f2ec7856b53c7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240227/5ea683ac/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list