[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 10 08:55:01 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b7f3cea9 by Salvatore Bonaccorso at 2024-07-10T09:54:26+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-39493 [crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak]
+	- linux 6.9.7-1
+	[bookworm] - linux 6.1.94-1
+	NOTE: https://git.kernel.org/linus/d3b17c6d9dddc2db3670bc9be628b122416a3d26 (6.10-rc1)
+CVE-2024-39492 [mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown]
+	- linux 6.9.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/747a69a119c469121385543f21c2d08562968ccc (6.10-rc1)
+CVE-2024-39491 [ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance]
+	- linux 6.9.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d344873c4cbde249b7152d36a273bcc45864001e (6.10-rc1)
+CVE-2024-39490 [ipv6: sr: fix missing sk_buff release in seg6_input_core]
+	- linux 6.9.7-1
+	[bookworm] - linux 6.1.94-1
+	NOTE: https://git.kernel.org/linus/5447f9708d9e4c17a647b16a9cb29e9e02820bd9 (6.10-rc1)
+CVE-2024-39489 [ipv6: sr: fix memleak in seg6_hmac_init_algo]
+	- linux 6.9.7-1
+	[bookworm] - linux 6.1.94-1
+	NOTE: https://git.kernel.org/linus/efb9f4f19f8e37fde43dfecebc80292d179f56c6 (6.10-rc1)
+CVE-2024-39488 [arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY]
+	- linux 6.9.7-1
+	[bookworm] - linux 6.1.94-1
+	NOTE: https://git.kernel.org/linus/ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f (6.10-rc1)
 CVE-2024-6598 (A denial-of-service attack is possible through the execution functiona ...)
 	NOT-FOR-US: KNIME Business Hub
 CVE-2024-6527 (SQL Injection vulnerability in parameter "w" in file "druk.php" in Meg ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f3cea9d6858d543b9ea388e9e51c8ed53404de

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f3cea9d6858d543b9ea388e9e51c8ed53404de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240710/d5e1fa64/attachment.htm>


More information about the debian-security-tracker-commits mailing list