[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 30 13:44:25 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ee695792 by Salvatore Bonaccorso at 2024-07-30T14:43:40+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -62,152 +62,299 @@ CVE-2024-5765 (The WpStickyBar WordPress plugin through 2.1.0 does not properly
NOT-FOR-US: WordPress plugin
CVE-2024-4096 (The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-42231 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42230 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- TODO: check
-CVE-2024-42229 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- TODO: check
-CVE-2024-42228 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42227 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42226 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- TODO: check
-CVE-2024-42225 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- TODO: check
-CVE-2024-42224 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42223 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- TODO: check
-CVE-2024-42162 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- TODO: check
-CVE-2024-42161 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42160 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- TODO: check
-CVE-2024-42159 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42158 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42157 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42156 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42155 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42154 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- TODO: check
-CVE-2024-42153 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- TODO: check
-CVE-2024-42152 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42151 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42150 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42149 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- TODO: check
-CVE-2024-42148 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42147 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- TODO: check
-CVE-2024-42146 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42145 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- TODO: check
-CVE-2024-42144 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- TODO: check
-CVE-2024-42143 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- TODO: check
-CVE-2024-42142 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42141 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- TODO: check
-CVE-2024-42140 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- TODO: check
-CVE-2024-42139 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- TODO: check
-CVE-2024-42138 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- TODO: check
-CVE-2024-42137 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- TODO: check
-CVE-2024-42136 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- TODO: check
-CVE-2024-42135 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- TODO: check
-CVE-2024-42134 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- TODO: check
-CVE-2024-42133 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- TODO: check
-CVE-2024-42132 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42131 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- TODO: check
-CVE-2024-42130 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42129 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- TODO: check
-CVE-2024-42128 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- TODO: check
-CVE-2024-42127 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42126 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- TODO: check
-CVE-2024-42125 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- TODO: check
-CVE-2024-42124 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
-CVE-2024-42123 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42122 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42121 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42120 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42119 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42118 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42117 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42116 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- TODO: check
-CVE-2024-42115 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- TODO: check
-CVE-2024-42114 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- TODO: check
-CVE-2024-42113 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42112 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42111 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42110 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42109 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42108 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42107 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- TODO: check
-CVE-2024-42106 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- TODO: check
-CVE-2024-42105 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42104 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- TODO: check
-CVE-2024-42103 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- TODO: check
-CVE-2024-42102 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- TODO: check
-CVE-2024-42101 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- TODO: check
-CVE-2024-42100 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- TODO: check
-CVE-2024-42099 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- TODO: check
+CVE-2024-42231 [btrfs: zoned: fix calc_available_free_space() for zoned mode]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/64d2c847ba380e07b9072d65a50aa6469d2aa43f (6.10-rc7)
+CVE-2024-42230 [powerpc/pseries: Fix scv instruction crash with kexec]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/21a741eb75f80397e5f7d3739e24d7d75e619011 (6.10-rc7)
+CVE-2024-42229 [crypto: aead,cipher - zeroize key buffer after use]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/23e4099bdc3c8381992f9eb975c79196d6755210 (6.10-rc1)
+CVE-2024-42228 [drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/88a9a467c548d0b3c7761b4fd54a68e70f9c0944 (6.10-rc1)
+CVE-2024-42227 [drm/amd/display: Fix overlapping copy within dml_core_mode_programming]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/f1fd8a0a54e6d23a6d16ee29159f247862460fd1 (6.10-rc1)
+CVE-2024-42226 [usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.99-1
+ NOTE: https://git.kernel.org/linus/66cb618bf0bb82859875b00eeffaf223557cb416 (6.10-rc1)
+CVE-2024-42225 [wifi: mt76: replace skb_put with skb_put_zero]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/7f819a2f4fbc510e088b49c79addcf1734503578 (6.10-rc1)
+CVE-2024-42224 [net: dsa: mv88e6xxx: Correct check for empty list]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/4c7f3950a9fd53a62b156c0fe7c3a2c43b0ba19b (6.10-rc1)
+CVE-2024-42223 [media: dvb-frontends: tda10048: Fix integer overflow]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/1aa1329a67cc214c3b7bd2a14d1301a795760b07 (6.10-rc1)
+CVE-2024-42162 [gve: Account for stopped queues when reading NIC stats]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/af9bcf910b1f86244f39e15e701b2dc564b469a6 (6.10-rc1)
+CVE-2024-42161 [bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/009367099eb61a4fc2af44d4eb06b6b4de7de6db (6.10-rc1)
+CVE-2024-42160 [f2fs: check validation of fault attrs in f2fs_build_fault_attr()]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/4ed886b187f47447ad559619c48c086f432d2b77 (6.10-rc1)
+CVE-2024-42159 [scsi: mpi3mr: Sanitise num_phys]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/3668651def2c1622904e58b0280ee93121f2b10b (6.10-rc1)
+CVE-2024-42158 [s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/22e6824622e8a8889df0f8fc4ed5aea0e702a694 (6.10-rc1)
+CVE-2024-42157 [s390/pkey: Wipe sensitive data on failure]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/1d8c270de5eb74245d72325d285894a577a945d9 (6.10-rc1)
+CVE-2024-42156 [s390/pkey: Wipe copies of clear-key structures on failure]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/d65d76a44ffe74c73298ada25b0f578680576073 (6.10-rc1)
+CVE-2024-42155 [s390/pkey: Wipe copies of protected- and secure-keys]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 (6.10-rc1)
+CVE-2024-42154 [tcp_metrics: validate source addr length]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/66be40e622e177316ae81717aa30057ba9e61dff (6.10-rc7)
+CVE-2024-42153 [i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/f63b94be6942ba82c55343e196bd09b53227618e (6.10-rc7)
+CVE-2024-42152 [nvmet: fix a possible leak when destroy a ctrl during qp establishment]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/c758b77d4a0a0ed3a1292b3fd7a2aeccd1a169a4 (6.10-rc2)
+CVE-2024-42151 [bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/1479eaff1f16983d8fda7c5a08a586c21891087d (6.10-rc1)
+CVE-2024-42150 [net: txgbe: remove separate irq request for MSI and INTx]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bd07a98178462e7a02ed2bf7dec90a00944c1da5 (6.10-rc7)
+CVE-2024-42149 [fs: don't misleadingly warn during thaw operations]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2ae4db5647d807efb6a87c09efaa6d1db9c905d7 (6.10-rc7)
+CVE-2024-42148 [bnx2x: Fix multiple UBSAN array-index-out-of-bounds]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/134061163ee5ca4759de5c24ca3bd71608891ba7 (6.10-rc7)
+CVE-2024-42147 [crypto: hisilicon/debugfs - Fix debugfs uninit process issue]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/8be0913389718e8d27c4f1d4537b5e1b99ed7739 (6.10-rc1)
+CVE-2024-42146 [drm/xe: Add outer runtime_pm protection to xe_live_ktest at xe_dma_buf]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/f9116f658a6217b101e3b4e89f845775b6fb05d9 (6.10-rc1)
+CVE-2024-42145 [IB/core: Implement a limit on UMAD receive List]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/ca0b44e20a6f3032224599f02e7c8fb49525c894 (6.10-rc1)
+CVE-2024-42144 [thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/a1191a77351e25ddf091bb1a231cae12ee598b5d (6.10-rc1)
+CVE-2024-42143 [orangefs: fix out-of-bounds fsid access]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/53e4efa470d5fc6a96662d2d3322cfc925818517 (6.10-rc1)
+CVE-2024-42142 [net/mlx5: E-switch, Create ingress ACL when needed]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b20c2fb45470d0c7a603613c9cfa5d45720e17f2 (6.10-rc7)
+CVE-2024-42141 [Bluetooth: ISO: Check socket flag instead of hcon]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/596b6f081336e77764ca35cfeab66d0fcdbe544e (6.10-rc7)
+CVE-2024-42140 [riscv: kexec: Avoid deadlock in kexec crash path]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c562ba719df570c986caf0941fea2449150bcbc4 (6.10-rc7)
+CVE-2024-42139 [ice: Fix improper extts handling]
+ - linux 6.9.9-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/00d3b4f54582d4e4a02cda5886bb336eeab268cc (6.10-rc7)
+CVE-2024-42138 [mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8ce34dccbe8fa7d2ef86f2d8e7db2a9b67cabfc3 (6.10-rc7)
+CVE-2024-42137 [Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/88e72239ead9814b886db54fc4ee39ef3c2b8f26 (6.10-rc7)
+CVE-2024-42136 [cdrom: rearrange last_media_change check to avoid unintentional overflow]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/efb905aeb44b0e99c0e6b07865b1885ae0471ebf (6.10-rc1)
+CVE-2024-42135 [vhost_task: Handle SIGKILL by flushing work and exiting]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/db5247d9bf5c6ade9fd70b4e4897441e0269b233 (6.10-rc1)
+CVE-2024-42134 [virtio-pci: Check if is_avq is NULL]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/c8fae27d141a32a1624d0d0d5419d94252824498 (6.10-rc1)
+CVE-2024-42133 [Bluetooth: Ignore too large handle values in BIG]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/015d79c96d62cd8a4a359fcf5be40d58088c936b (6.10-rc7)
+CVE-2024-42132 [bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1cc18c2ab2e8c54c355ea7c0423a636e415a0c23 (6.10-rc7)
+CVE-2024-42131 [mm: avoid overflows in dirty throttling logic]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/385d838df280eba6c8680f9777bfa0d0bfe7e8b2 (6.10-rc7)
+CVE-2024-42130 [nfc/nci: Add the inconsistency check between the input data length and count]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/068648aab72c9ba7b0597354ef4d81ffaac7b979 (6.10-rc2)
+CVE-2024-42129 [leds: mlxreg: Use devm_mutex_init() for mutex initialization]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/efc347b9efee1c2b081f5281d33be4559fa50a16 (6.10-rc1)
+CVE-2024-42128 [leds: an30259a: Use devm_mutex_init() for mutex initialization]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/c382e2e3eccb6b7ca8c7aff5092c1668428e7de6 (6.10-rc1)
+CVE-2024-42127 [drm/lima: fix shared irq handling on driver remove]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/a6683c690bbfd1f371510cb051e8fa49507f3f5e (6.10-rc1)
+CVE-2024-42126 [powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/0db880fc865ffb522141ced4bfa66c12ab1fbb70 (6.10-rc1)
+CVE-2024-42125 [wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/bb38626f3f97e16e6d368a9ff6daf320f3fe31d9 (6.10-rc1)
+CVE-2024-42124 [scsi: qedf: Make qedf_execute_tmf() non-preemptible]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec (6.10-rc1)
+CVE-2024-42123 [drm/amdgpu: fix double free err_addr pointer warnings]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/506c245f3f1cd989cb89811a7f06e04ff8813a0d (6.10-rc1)
+CVE-2024-42122 [drm/amd/display: Add NULL pointer check for kzalloc]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/8e65a1b7118acf6af96449e1e66b7adbc9396912 (6.10-rc1)
+CVE-2024-42121 [drm/amd/display: Check index msg_id before read or write]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/59d99deb330af206a4541db0c4da8f73880fba03 (6.10-rc1)
+CVE-2024-42120 [drm/amd/display: Check pipe offset before setting vblank]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/5396a70e8cf462ec5ccf2dc8de103c79de9489e6 (6.10-rc1)
+CVE-2024-42119 [drm/amd/display: Skip finding free audio for unknown engine_id]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/1357b2165d9ad94faa4c4a20d5e2ce29c2ff29c3 (6.10-rc1)
+CVE-2024-42118 [drm/amd/display: Do not return negative stream id for array]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/3ac31c9a707dd1c7c890b95333182f955e9dcb57 (6.10-rc1)
+CVE-2024-42117 [drm/amd/display: ASSERT when failing to find index by plane/stream id]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/01eb50e53c1ce505bf449348d433181310288765 (6.10-rc1)
+CVE-2024-42116 [igc: fix a log entry using uninitialized netdev]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/86167183a17e03ec77198897975e9fdfbd53cb0b (6.10-rc1)
+CVE-2024-42115 [jffs2: Fix potential illegal address access in jffs2_free_inode]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/af9a8730ddb6a4b2edd779ccc0aceb994d616830 (6.10-rc1)
+CVE-2024-42114 [wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/d1cba2ea8121e7fdbe1328cea782876b1dd80993 (6.10-rc7)
+CVE-2024-42113 [net: txgbe: initialize num_q_vectors for MSI/INTx interrupts]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7c36711a2cd8059c2d24f5e5c1d76e8ea2d5613c (6.10-rc7)
+CVE-2024-42112 [net: txgbe: free isb resources at the right time]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/935124dd5883b5de68dc5a94f582480a10643dc9 (6.10-rc7)
+CVE-2024-42111 [btrfs: always do the basic checks for btrfs_qgroup_inherit structure]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/724d8042cef84496ddb4492dc120291f997ae26b (6.10-rc7)
+CVE-2024-42110 [net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/e15a5d821e5192a3769d846079bc9aa380139baf (6.10-rc7)
+CVE-2024-42109 [netfilter: nf_tables: unconditionally flush pending work before notifier]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9f6958ba2e902f9820c594869bd710ba74b7c4c0 (6.10-rc7)
+CVE-2024-42108 [net: rswitch: Avoid use-after-free in rswitch_poll()]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9a0c28efeec6383ef22e97437616b920e7320b67 (6.10-rc7)
+CVE-2024-42107 [ice: Don't process extts if PTP is disabled]
+ - linux 6.9.9-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/996422e3230e41468f652d754fefd1bdbcd4604e (6.10-rc7)
+CVE-2024-42106 [inet_diag: Initialize pad field in struct inet_diag_req_v2]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/61cf1c739f08190a4cbf047b9fbb192a94d87e3f (6.10-rc7)
+CVE-2024-42105 [nilfs2: fix inode number range checks]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/e2fec219a36e0993642844be0f345513507031f4 (6.10-rc7)
+CVE-2024-42104 [nilfs2: add missing check for inode numbers on directory entries]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/bb76c6c274683c8570ad788f79d4b875bde0e458 (6.10-rc7)
+CVE-2024-42103 [btrfs: fix adding block group to a reclaim list and the unused list during reclaim]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/48f091fd50b2eb33ae5eaea9ed3c4f81603acf38 (6.10-rc7)
+CVE-2024-42102 [Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/30139c702048f1097342a31302cbd3d478f50c63 (6.10-rc7)
+CVE-2024-42101 [drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes]
+ - linux 6.9.9-1
+ [bookworm] - linux 6.1.98-1
+ NOTE: https://git.kernel.org/linus/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4 (6.10-rc7)
+CVE-2024-42100 [clk: sunxi-ng: common: Don't call hw_to_ccu_common on hw without common]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ea977d742507e534d9fe4f4d74256f6b7f589338 (6.10-rc7)
+CVE-2024-42099 [s390/dasd: Fix invalid dereferencing of indirect CCW data pointer]
+ - linux 6.9.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b3a58f3b90f564f42a5c35778d8c5107b2c2150b (6.10-rc7)
+CVE-2023-52888 [media: mediatek: vcodec: Only free buffer VA that is not NULL]
+ - linux 6.9.9-1
+ NOTE: https://git.kernel.org/linus/eb005c801ec70ff4307727bd3bd6e8280169ef32 (6.10-rc1)
CVE-2024-40836 (A logic issue was addressed with improved checks. This issue is fixed ...)
NOT-FOR-US: Apple
CVE-2024-40835 (A logic issue was addressed with improved checks. This issue is fixed ...)
@@ -360,8 +507,6 @@ CVE-2024-1287 (The pmpro-member-directory WordPress plugin before 1.2.6 does not
NOT-FOR-US: WordPress plugin
CVE-2024-1286 (The pmpro-membership-maps WordPress plugin before 0.7 does not prevent ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-52888 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- TODO: check
CVE-2023-42959 (A race condition was addressed with improved state handling. This issu ...)
NOT-FOR-US: Apple
CVE-2023-42958 (A permissions issue was addressed with additional restrictions. This i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee69579242b1197b1f360d7ae8368089c645ec6e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee69579242b1197b1f360d7ae8368089c645ec6e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240730/df76460e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list