[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 2 08:08:41 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4524933c by Salvatore Bonaccorso at 2024-03-02T09:07:53+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -509,7 +509,7 @@ CVE-2023-52486 (In the Linux kernel, the following vulnerability has been resolv
[bookworm] - linux 6.1.76-1
NOTE: https://git.kernel.org/linus/cb4daf271302d71a6b9a7c01bd0b6d76febd8f0c (6.8-rc1)
CVE-2023-52485 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- - linux <unfixed>
+ - linux 6.7.7-1
NOTE: https://git.kernel.org/linus/8892780834ae294bc3697c7d0e056d7743900b39 (6.8-rc1)
CVE-2024-0074
- nvidia-graphics-drivers <unfixed> (bug #1064983)
@@ -2046,7 +2046,7 @@ CVE-2019-25160 (In the Linux kernel, the following vulnerability has been resolv
- linux 4.19.28-1
NOTE: https://git.kernel.org/linus/5578de4834fe0f2a34fedc7374be691443396d1f (5.0)
CVE-2024-26606 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- - linux <unfixed>
+ - linux 6.7.7-1
NOTE: https://git.kernel.org/linus/97830f3c3088638ff90b20dfba2eb4d487bf14d7 (6.8-rc3)
CVE-2024-27456 (rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for th ...)
- ruby-rack-cors <unfixed> (bug #1064862)
@@ -2168,28 +2168,28 @@ CVE-2023-38359 (IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to
CVE-2023-32344 (IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form ...)
NOT-FOR-US: IBM
CVE-2024-26600 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- - linux <unfixed>
+ - linux 6.7.7-1
NOTE: https://git.kernel.org/linus/7104ba0f1958adb250319e68a15eff89ec4fd36d (6.8-rc3)
CVE-2024-26601 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c9b528c35795b711331ed36dc3dbee90d5812d4e (6.8-rc3)
CVE-2024-26602 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- - linux <unfixed>
- NOTE: https://git.kernel.org/linus/944d5fe50f3f03daacfea16300e656a1691c4a23
+ - linux 6.7.7-1
+ NOTE: https://git.kernel.org/linus/944d5fe50f3f03daacfea16300e656a1691c4a23 (6.8-rc6)
CVE-2024-26603 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d877550eaf2dc9090d782864c96939397a3c6835 (6.8-rc4)
CVE-2024-26604 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c (6.8-rc5)
CVE-2024-26605 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1e560864159d002b453da42bd2c13a1805515a20 (6.8-rc3)
@@ -2345,7 +2345,7 @@ CVE-2024-26598 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux 5.10.209-1
NOTE: https://git.kernel.org/linus/ad362fe07fecf0aba839ff2cc59a3617bd42c33f (6.8-rc1)
CVE-2024-26596 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/844f104790bd69c2e4dbb9ee3eba46fde1fcea7b (6.8-rc1)
@@ -2405,7 +2405,8 @@ CVE-2024-22025
NOTE: https://github.com/nodejs/node/commit/f31d47e135973746c4f490d5eb635eded8bb3dda (v18.x)
NOTE: https://github.com/nodejs/node/commit/9052ef43dc2d1b0db340591a9bc9e45a25c01d90 (main)
CVE-2024-26593 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- - linux <unfixed>
+ - linux 6.7.7-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c1c9d0f6f7f1dbf29db996bd8e166242843a5f21 (6.8-rc5)
CVE-2024-23807 (The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contai ...)
NOTE: No change CVE assignment to clarify affected versions for CVE-2018-1311
@@ -2855,18 +2856,18 @@ CVE-2023-6477 (An issue has been discovered in GitLab EE affecting all versions
CVE-2024-1451 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
- gitlab <not-affected> (Only affects 16.9)
CVE-2024-26585 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdb (6.8-rc5)
CVE-2024-26584 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- - linux <unfixed>
+ - linux 6.7.7-1
NOTE: https://git.kernel.org/linus/8590541473188741055d27b955db0777569438e3 (6.8-rc5)
CVE-2024-26583 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aec7961916f3f9e88766e2688992da6980f11b8d (6.8-rc5)
CVE-2024-26582 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/32b55c5ff9103b8508c1e04bfa5a08c64e7a925f (6.8-rc5)
@@ -3501,7 +3502,7 @@ CVE-2023-52434 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.6.8-1
NOTE: https://git.kernel.org/linus/af1689a9b7701d9907dfc84d2a4b57c4bc907144 (6.7-rc6)
CVE-2024-26581 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- - linux <unfixed>
+ - linux 6.7.7-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 (6.8-rc4)
CVE-2023-52433 (In the Linux kernel, the following vulnerability has been resolved: n ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4524933c0b316c0fa88e412aac3e88488a6c4d3b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4524933c0b316c0fa88e412aac3e88488a6c4d3b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240302/f4db8822/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list