[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a020d079 by Salvatore Bonaccorso at 2024-06-21T21:16:54+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,173 @@
+CVE-2024-39277 [dma-mapping: benchmark: handle NUMA_NO_NODE correctly]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e64746e74f717961250a155e14c156616fcd981f (6.10-rc2)
+CVE-2024-38780 [dma-buf/sw-sync: don't enable IRQ from sync_print_obj()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/b794918961516f667b0c745aebdfebbb8a98df39 (6.10-rc2)
+CVE-2024-38662 [bpf: Allow delete from sockmap/sockhash only if update is allowed]
+	- linux <unfixed>
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d (6.10-rc2)
+CVE-2024-38659 [enic: Validate length of nl attributes in enic_set_vf_port]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/e8021b94b0412c37bcc79027c2e382086b6ce449 (6.10-rc2)
+CVE-2024-38637 [greybus: lights: check return of get_channel_from_mode]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/a1ba19a1ae7cd1e324685ded4ab563e78fe68648 (6.10-rc1)
+CVE-2024-38636 [f2fs: multidev: fix to recognize valid zero block address]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/33e62cd7b4c281cd737c62e5d8c4f0e602a8c5c5 (6.10-rc1)
+CVE-2024-38635 [soundwire: cadence: fix invalid PDI offset]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/8ee1b439b1540ae543149b15a2a61b9dff937d91 (6.10-rc1)
+CVE-2024-38634 [serial: max3100: Lock port->lock when calling uart_handle_cts_change()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/77ab53371a2066fdf9b895246505f5ef5a4b5d47 (6.10-rc1)
+CVE-2024-38633 [serial: max3100: Update uart_driver_registered on driver removal]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/712a1fcb38dc7cac6da63ee79a88708fbf9c45ec (6.10-rc1)
+CVE-2024-38632 [vfio/pci: fix potential memory leak in vfio_intx_enable()]
+	- linux <unfixed>
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2 (6.10-rc1)
+CVE-2024-38631 [iio: adc: PAC1934: fix accessing out of bounds array index]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/51fafb3cd7fcf4f4682693b4d2883e2a5bfffe33 (6.10-rc1)
+CVE-2024-38630 [watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/573601521277119f2e2ba5f28ae6e87fc594f4d4 (6.10-rc1)
+CVE-2024-38629 [dmaengine: idxd: Avoid unnecessary destruction of file_ida]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/76e43fa6a456787bad31b8d0daeabda27351a480 (6.10-rc1)
+CVE-2024-38628 [usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1b739388aa3f8dfb63a9fca777e6dfa6912d0464 (6.10-rc1)
+CVE-2024-38627 [stm class: Fix a double free in stm_register_device()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/3df463865ba42b8f88a590326f4c9ea17a1ce459 (6.10-rc1)
+CVE-2024-38626 [fuse: clear FR_SENT when re-adding requests into pending list]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/246014876d782bbf2e652267482cd2e799fb5fcd (6.10-rc1)
+CVE-2024-38625 [fs/ntfs3: Check 'folio' pointer for NULL]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1cd6c96219c429ebcfa8e79a865277376c563803 (6.10-rc1)
+CVE-2024-38624 [fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e931f6b630ffb22d66caab202a52aa8cbb10c649 (6.10-rc1)
+CVE-2024-38623 [fs/ntfs3: Use variable length array instead of fixed size]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef (6.10-rc1)
+CVE-2024-38622 [drm/msm/dpu: Add callback function pointer check before its call]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/530f272053a5e72243a9cb07bb1296af6c346002 (6.10-rc1)
+CVE-2024-38621 [media: stk1160: fix bounds checking in stk1160_copy_video()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/faa4364bef2ec0060de381ff028d1d836600a381 (6.10-rc1)
+CVE-2024-38391 [cxl/region: Fix cxlr_pmem leaks]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1c987cf22d6b65ade46145c03eef13f0e3e81d83 (6.10-rc1)
+CVE-2024-38390 [drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/46d4efcccc688cbacdd70a238bedca510acaa8e4 (6.10-rc1)
+CVE-2024-38388 [ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/172811e3a557d8681a5e2d0f871dc04a2d17eb13 (6.10-rc1)
+CVE-2024-38381 [nfc: nci: Fix uninit-value in nci_rx_work]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/e4a87abf588536d1cdfb128595e6e680af5cf3ed (6.10-rc1)
+CVE-2024-37356 [tcp: Fix shift-out-of-bounds in dctcp_update_alpha().]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/3ebc46ca8675de6378e3f8f40768e180bb8afa66 (6.10-rc1)
+CVE-2024-37353 [virtio: delete vq in vp_find_vqs_msix() when request_irq() fails]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/89875151fccdd024d571aa884ea97a0128b968b6 (6.10-rc1)
+CVE-2024-36489 [tls: fix missing memory barrier in tls_init]
+	- linux <unfixed>
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/91e61dd7a0af660408e87372d8330ceb218be302 (6.10-rc1)
+CVE-2024-36484 [net: relax socket state check at accept time.]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/26afda78cda3da974fd4c287962c169e9462c495 (6.10-rc1)
+CVE-2024-36481 [tracing/probes: fix error check in parse_btf_field()]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e569eb34970281438e2b48a3ef11c87459fcfbcb (6.10-rc2)
+CVE-2024-36478 [null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues']
+	- linux <unfixed>
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a2db328b0839312c169eb42746ec46fc1ab53ed2 (6.10-rc1)
+CVE-2024-36477 [tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/195aba96b854dd664768f382cd1db375d8181f88 (6.10-rc2)
+CVE-2024-36288 [SUNRPC: Fix loop termination condition in gss_free_in_token_pages()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/4a77c3dead97339478c7422eb07bf4bf63577008 (6.10-rc3)
+CVE-2024-36286 [netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/dc21c6cc3d6986d938efbf95de62473982c98dec (6.10-rc2)
+CVE-2024-36281 [net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/16d66a4fa81da07bc4ed19f4e53b87263c2f8d38 (6.10-rc2)
+CVE-2024-36270 [netfilter: tproxy: bail out if IP has been disabled on the device]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3 (6.10-rc2)
+CVE-2024-36244 [net/sched: taprio: extend minimum interval restriction to entire cycle too]
+	- linux <unfixed>
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fb66df20a7201e60f2b13d7f95d031b31a8831d3 (6.10-rc2)
+CVE-2024-34777 [dma-mapping: benchmark: fix node id validation]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1ff05e723f7ca30644b8ec3fb093f16312e408ad (6.10-rc2)
+CVE-2024-33621 [ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/b3dc6e8003b500861fa307e9a3400c52e78e4d3a (6.10-rc2)
+CVE-2024-33619 [efi: libstub: only free priv.runtime_map when allocated]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4b2543f7e1e6b91cfc8dd1696e3cdf01c3ac8974 (6.10-rc1)
+CVE-2024-31076 [genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32 (6.10-rc1)
+CVE-2023-52884 [Input: cyapa - add missing input core locking to suspend/resume functions]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6 (6.10-rc1)
 CVE-2024-6225 (The Booking for Appointments and Events Calendar \u2013 Amelia plugin  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-6218 (A vulnerability, which was classified as critical, has been found in i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a020d0797410f48dd0e4bae00ec7cf4f766858b0

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a020d0797410f48dd0e4bae00ec7cf4f766858b0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240621/bc5428d7/attachment.htm>