[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 1 09:12:37 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73ae8f0d by security tracker role at 2024-05-01T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,426 +1,474 @@
-CVE-2024-27022 [fork: defer linking file vma until vma is fully initialized]
+CVE-2024-4369 (An information disclosure flaw was found in OpenShift's internal image ...)
+ TODO: check
+CVE-2024-4349 (A vulnerability has been found in SourceCodester Pisay Online E-Learni ...)
+ TODO: check
+CVE-2024-4348 (A vulnerability, which was classified as problematic, was found in osC ...)
+ TODO: check
+CVE-2024-4192 (Delta Electronics CNCSoft-G2 lacks proper validation of the length of ...)
+ TODO: check
+CVE-2024-3591 (The Geo Controller WordPress plugin before 8.6.5 unserializes user inp ...)
+ TODO: check
+CVE-2024-34149 (In Bitcoin Core through 27.0 and Bitcoin Knots before 25.1.knots202311 ...)
+ TODO: check
+CVE-2024-33768 (lunasvg v2.3.9 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2024-33767 (lunasvg v2.3.9 was discovered to contain a segmentation violation via ...)
+ TODO: check
+CVE-2024-33766 (lunasvg v2.3.9 was discovered to contain an FPE (Floating Point Except ...)
+ TODO: check
+CVE-2024-33764 (lunasvg v2.3.9 was discovered to contain a stack-overflow at lunasvg/s ...)
+ TODO: check
+CVE-2024-33763 (lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at l ...)
+ TODO: check
+CVE-2024-32970 (Phlex is a framework for building object-oriented views in Ruby. In af ...)
+ TODO: check
+CVE-2024-32967 (Zitadel is an open source identity management system. In case ZITADEL ...)
+ TODO: check
+CVE-2024-32966 (Static Web Server (SWS) is a tiny and fast production-ready web server ...)
+ TODO: check
+CVE-2024-32963 (Navidrome is an open source web-based music collection server and stre ...)
+ TODO: check
+CVE-2024-32890 (librespeed/speedtest is an open source, self-hosted speed test for HTM ...)
+ TODO: check
+CVE-2024-32018 (RIOT is a real-time multi-threading operating system that supports a r ...)
+ TODO: check
+CVE-2024-32017 (RIOT is a real-time multi-threading operating system that supports a r ...)
+ TODO: check
+CVE-2024-31225 (RIOT is a real-time multi-threading operating system that supports a r ...)
+ TODO: check
+CVE-2024-29466 (Directory Traversal vulnerability in lsgwr spring boot online exam v.0 ...)
+ TODO: check
+CVE-2024-28979 (Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS i ...)
+ TODO: check
+CVE-2024-28978 (Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Imprope ...)
+ TODO: check
+CVE-2024-23336 (MyBB is a free and open source forum software. The default list of dis ...)
+ TODO: check
+CVE-2024-23335 (MyBB is a free and open source forum software. The backup management m ...)
+ TODO: check
+CVE-2024-27022 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/35e351780fa9d8240dd6f7e4f245f9ea37e96c19 (6.9-rc5)
-CVE-2024-27021 [r8169: fix LED-related deadlock on module removal]
+CVE-2024-27021 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/19fa4f2a85d777a8052e869c1b892a2f7556569d (6.9-rc4)
-CVE-2024-27020 [netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()]
+CVE-2024-27020 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/f969eb84ce482331a991079ab7a5c4dc3b7f89bf (6.9-rc5)
-CVE-2024-27019 [netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()]
+CVE-2024-27019 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/d78d867dcea69c328db30df665be5be7d0148484 (6.9-rc5)
-CVE-2024-27018 [netfilter: br_netfilter: skip conntrack input hook for promisc packets]
+CVE-2024-27018 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/751de2012eafa4d46d8081056761fa0e9cc8a178 (6.9-rc5)
-CVE-2024-27017 [netfilter: nft_set_pipapo: walk over current view on netlink dump]
+CVE-2024-27017 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/29b359cf6d95fd60730533f7f10464e95bd17c73 (6.9-rc5)
-CVE-2024-27016 [netfilter: flowtable: validate pppoe header]
+CVE-2024-27016 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/87b3593bed1868b2d9fe096c01bcdf0ea86cbebf (6.9-rc5)
-CVE-2024-27015 [netfilter: flowtable: incorrect pppoe tuple]
+CVE-2024-27015 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6db5dc7b351b9569940cd1cf445e237c42cd6d27 (6.9-rc5)
-CVE-2024-27014 [net/mlx5e: Prevent deadlock while disabling aRFS]
+CVE-2024-27014 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/fef965764cf562f28afb997b626fc7c3cec99693 (6.9-rc5)
-CVE-2024-27013 [tun: limit printing rate when illegal packet received by tun dev]
+CVE-2024-27013 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/f8bbc07ac535593139c875ffa19af924b1084540 (6.9-rc5)
-CVE-2024-27012 [netfilter: nf_tables: restore set elements when delete set fails]
+CVE-2024-27012 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e79b47a8615d42c68aaeb68971593333667382ed (6.9-rc5)
-CVE-2024-27011 [netfilter: nf_tables: fix memleak in map from abort path]
+CVE-2024-27011 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/86a1471d7cde792941109b93b558b5dc078b9ee9 (6.9-rc5)
-CVE-2024-27010 [net/sched: Fix mirred deadlock on device recursion]
+CVE-2024-27010 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/0f022d32c3eca477fbf79a205243a6123ed0fe11 (6.9-rc5)
-CVE-2024-27009 [s390/cio: fix race condition during online processing]
+CVE-2024-27009 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d8527f2f911fab84aec04df4788c0c23af3df48 (6.9-rc5)
-CVE-2024-27008 [drm: nv04: Fix out of bounds access]
+CVE-2024-27008 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/cf92bb778eda7830e79452c6917efa8474a30c1e (6.9-rc5)
-CVE-2024-27007 [userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE]
+CVE-2024-27007 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c0205eaf3af9f5db14d4b5ee4abacf4a583c3c50 (6.9-rc5)
-CVE-2024-27006 [thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()]
+CVE-2024-27006 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b552f63cd43735048bbe9bfbb7a9dcfce166fbdd (6.9-rc5)
-CVE-2024-27005 [interconnect: Don't access req_list while it's being manipulated]
+CVE-2024-27005 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/de1bf25b6d771abdb52d43546cf57ad775fb68a1 (6.9-rc5)
-CVE-2024-27004 [clk: Get runtime PM before walking tree during disable_unused]
+CVE-2024-27004 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/e581cf5d216289ef292d1a4036d53ce90e122469 (6.9-rc5)
-CVE-2024-27003 [clk: Get runtime PM before walking tree for clk_summary]
+CVE-2024-27003 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9d1e795f754db1ac3344528b7af0b17b8146f321 (6.9-rc5)
-CVE-2024-27002 [clk: mediatek: Do a runtime PM get on controllers during probe]
+CVE-2024-27002 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3 (6.9-rc5)
-CVE-2024-27001 [comedi: vmk80xx: fix incomplete endpoint checking]
+CVE-2024-27001 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/d1718530e3f640b7d5f0050e725216eab57a85d8 (6.9-rc5)
-CVE-2024-27000 [serial: mxs-auart: add spinlock around changing cts state]
+CVE-2024-27000 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/54c4ec5f8c471b7c1137a1f769648549c423c026 (6.9-rc5)
-CVE-2024-26999 [serial/pmac_zilog: Remove flawed mitigation for rx irq flood]
+CVE-2024-26999 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/1be3226445362bfbf461c92a5bcdb1723f2e4907 (6.9-rc5)
-CVE-2024-26998 [serial: core: Clearing the circular buffer before NULLifying it]
+CVE-2024-26998 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9cf7ea2eeb745213dc2a04103e426b960e807940 (6.9-rc5)
-CVE-2024-26997 [usb: dwc2: host: Fix dereference issue in DDMA completion flow.]
+CVE-2024-26997 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/eed04fa96c48790c1cce73c8a248e9d460b088f8 (6.9-rc5)
-CVE-2024-26996 [usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error]
+CVE-2024-26996 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/6334b8e4553cc69f51e383c9de545082213d785e (6.9-rc5)
-CVE-2024-26995 [usb: typec: tcpm: Correct the PDO counting in pd_set]
+CVE-2024-26995 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c4128304c2169b4664ed6fb6200f228cead2ab70 (6.9-rc5)
-CVE-2024-26994 [speakup: Avoid crash on very long word]
+CVE-2024-26994 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c8d2f34ea96ea3bce6ba2535f867f0d4ee3b22e1 (6.9-rc5)
-CVE-2024-26993 [fs: sysfs: Fix reference leak in sysfs_break_active_protection()]
+CVE-2024-26993 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/a90bca2228c0646fc29a72689d308e5fe03e6d78 (6.9-rc5)
-CVE-2024-26992 [KVM: x86/pmu: Disable support for adaptive PEBS]
+CVE-2024-26992 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9e985cbf2942a1bb8fcef9adc2a17d90fd7ca8ee (6.9-rc5)
-CVE-2024-26991 [KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes]
+CVE-2024-26991 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/992b54bd083c5bee24ff7cc35991388ab08598c4 (6.9-rc5)
-CVE-2024-26990 [KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status]
+CVE-2024-26990 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2673dfb591a359c75080dd5af3da484b89320d22 (6.9-rc5)
-CVE-2024-26989 [arm64: hibernate: Fix level3 translation fault in swsusp_save()]
+CVE-2024-26989 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/50449ca66cc5a8cbc64749cf4b9f3d3fc5f4b457 (6.9-rc5)
-CVE-2024-26988 [init/main.c: Fix potential static_command_line memory overflow]
+CVE-2024-26988 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/46dad3c1e57897ab9228332f03e1c14798d2d3b9 (6.9-rc5)
-CVE-2024-26987 [mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled]
+CVE-2024-26987 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1983184c22dd84a4d95a71e5c6775c2638557dc7 (6.9-rc5)
-CVE-2024-26986 [drm/amdkfd: Fix memory leak in create_process failure]
+CVE-2024-26986 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/18921b205012568b45760753ad3146ddb9e2d4e2 (6.9-rc5)
-CVE-2024-26985 [drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init]
+CVE-2024-26985 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/652ead9b746a63e4e79d7ad66d3edf0a8a5b0c2f (6.9-rc5)
-CVE-2024-26984 [nouveau: fix instmem race condition around ptr stores]
+CVE-2024-26984 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/fff1386cc889d8fb4089d285f883f8cba62d82ce (6.9-rc5)
-CVE-2024-26983 [bootconfig: use memblock_free_late to free xbc memory to buddy]
+CVE-2024-26983 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/89f9a1e876b5a7ad884918c03a46831af202c8a0 (6.9-rc5)
-CVE-2024-26982 [Squashfs: check the inode number is not the invalid value of zero]
+CVE-2024-26982 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/9253c54e01b6505d348afbc02abaa4d9f8a01395 (6.9-rc5)
-CVE-2024-26981 [nilfs2: fix OOB in nilfs_set_de_type]
+CVE-2024-26981 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c4a7dc9523b59b3e73fd522c73e95e072f876b16 (6.9-rc5)
-CVE-2024-26980 [ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf]
+CVE-2024-26980 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/c119f4ede3fa90a9463f50831761c28f989bfb20 (6.9-rc6)
-CVE-2024-26979 [drm/vmwgfx: Fix possible null pointer derefence with invalid contexts]
+CVE-2024-26979 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/517621b7060096e48e42f545fa6646fc00252eac (6.9-rc1)
-CVE-2024-26978 [serial: max310x: fix NULL pointer dereference in I2C instantiation]
+CVE-2024-26978 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d27056c24efd3d63a03f3edfbcfc4827086b110 (6.9-rc1)
-CVE-2024-26977 [pci_iounmap(): Fix MMIO mapping leak]
+CVE-2024-26977 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7626913652cc786c238e2dd7d8740b17d41b2637 (6.9-rc1)
-CVE-2024-26976 [KVM: Always flush async #PF workqueue when vCPU is being destroyed]
+CVE-2024-26976 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/3d75b8aa5c29058a512db29da7cbee8052724157 (6.9-rc1)
-CVE-2024-26975 [powercap: intel_rapl: Fix a NULL pointer dereference]
+CVE-2024-26975 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d1f5006ff95770da502f8cee2a224a1ff83866e (6.9-rc1)
-CVE-2024-26974 [crypto: qat - resolve race condition during AER recovery]
+CVE-2024-26974 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/7d42e097607c4d246d99225bf2b195b6167a210c (6.9-rc1)
-CVE-2024-26973 [fat: fix uninitialized field in nostale filehandles]
+CVE-2024-26973 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/fde2497d2bc3a063d8af88b258dbadc86bd7b57c (6.9-rc1)
-CVE-2024-26972 [ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path]
+CVE-2024-26972 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6379b44cdcd67f5f5d986b73953e99700591edfa (6.9-rc1)
-CVE-2024-26971 [clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays]
+CVE-2024-26971 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/90ad946fff70f312b8d23226afc38c13ddd88c4b (6.9-rc1)
-CVE-2024-26970 [clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays]
+CVE-2024-26970 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cdbc6e2d8108bc47895e5a901cfcaf799b00ca8d (6.9-rc1)
-CVE-2024-26969 [clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays]
+CVE-2024-26969 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/1040ef5ed95d6fd2628bad387d78a61633e09429 (6.9-rc1)
-CVE-2024-26968 [clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays]
+CVE-2024-26968 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bd2b6395671d823caa38d8e4d752de2448ae61e1 (6.9-rc1)
-CVE-2024-26967 [clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays]
+CVE-2024-26967 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6a3d70f7802a98e6c28a74f997a264118b9f50cd (6.9-rc1)
-CVE-2024-26966 [clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays]
+CVE-2024-26966 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/a903cfd38d8dee7e754fb89fd1bebed99e28003d (6.9-rc1)
-CVE-2024-26965 [clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays]
+CVE-2024-26965 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/e2c02a85bf53ae86d79b5fccf0a75ac0b78e0c96 (6.9-rc1)
-CVE-2024-26964 [usb: xhci: Add error handling in xhci_map_urb_for_dma]
+CVE-2024-26964 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/be95cc6d71dfd0cba66e3621c65413321b398052 (6.9-rc1)
-CVE-2024-26963 [usb: dwc3-am62: fix module unload/reload behavior]
+CVE-2024-26963 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6661befe41009c210efa2c1bcd16a5cc4cff8a06 (6.9-rc1)
-CVE-2024-26962 [dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape]
+CVE-2024-26962 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
NOTE: https://git.kernel.org/linus/41425f96d7aa59bc865f60f5dda3d7697b555677 (6.9-rc1)
-CVE-2024-26961 [mac802154: fix llsec key resources release in mac802154_llsec_key_del]
+CVE-2024-26961 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/e8a1e58345cf40b7b272e08ac7b32328b2543e40 (6.9-rc1)
-CVE-2024-26960 [mm: swap: fix race between free_swap_and_cache() and swapoff()]
+CVE-2024-26960 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/82b1c07a0af603e3c47b906c8e991dc96f01688e (6.9-rc1)
-CVE-2024-26959 [Bluetooth: btnxpuart: Fix btnxpuart_close]
+CVE-2024-26959 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/664130c0b0309b360bc5bdd40a30604a9387bde8 (6.9-rc1)
-CVE-2024-26958 [nfs: fix UAF in direct writes]
+CVE-2024-26958 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/17f46b803d4f23c66cacce81db35fef3adb8f2af (6.9-rc1)
-CVE-2024-26957 [s390/zcrypt: fix reference counting on zcrypt card objects]
+CVE-2024-26957 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/50ed48c80fecbe17218afed4f8bed005c802976c (6.9-rc1)
-CVE-2024-26956 [nilfs2: fix failure to detect DAT corruption in btree and direct mappings]
+CVE-2024-26956 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/f2f26b4a84a0ef41791bd2d70861c8eac748f4ba (6.9-rc1)
-CVE-2024-26955 [nilfs2: prevent kernel bug at submit_bh_wbc()]
+CVE-2024-26955 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/269cdf353b5bdd15f1a079671b0f889113865f20 (6.9-rc1)
-CVE-2024-26954 [ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()]
+CVE-2024-26954 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.7.12-1
NOTE: https://git.kernel.org/linus/a80a486d72e20bd12c335bcd38b6e6f19356b0aa (6.9-rc1)
-CVE-2024-26953 [net: esp: fix bad handling of pages from page_pool]
+CVE-2024-26953 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.7.12-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c3198822c6cb9fb588e446540485669cc81c5d34 (6.9-rc1)
-CVE-2024-26952 [ksmbd: fix potencial out-of-bounds when buffer offset is invalid]
+CVE-2024-26952 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.7.12-1
NOTE: https://git.kernel.org/linus/c6cd2e8d2d9aa7ee35b1fa6a668e32a22a9753da (6.9-rc1)
-CVE-2024-26951 [wireguard: netlink: check for dangling peer via is_dead instead of empty list]
+CVE-2024-26951 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/55b6c738673871c9b0edae05d0c97995c1ff08c4 (6.9-rc1)
-CVE-2024-26950 [wireguard: netlink: access device through ctx instead of peer]
+CVE-2024-26950 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f (6.9-rc1)
-CVE-2024-26949 [drm/amdgpu/pm: Fix NULL pointer dereference when get power limit]
+CVE-2024-26949 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/08ae9ef829b8055c2fdc8cfee37510c1f4721a07 (6.9-rc1)
-CVE-2024-26948 [drm/amd/display: Add a dc_state NULL check in dc_state_release]
+CVE-2024-26948 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/334b56cea5d9df5989be6cf1a5898114fa70ad98 (6.9-rc1)
-CVE-2024-26947 [ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses]
+CVE-2024-26947 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.7.12-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc (6.9-rc1)
-CVE-2024-26946 [kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address]
+CVE-2024-26946 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4e51653d5d871f40f1bd5cf95cc7f2d8b33d063b (6.9-rc1)
-CVE-2024-26945 [crypto: iaa - Fix nr_cpus < nr_iaa case]
+CVE-2024-26945 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5a7e89d3315d1be86aff8a8bf849023cda6547f7 (6.9-rc2)
-CVE-2024-26944 [btrfs: zoned: fix use-after-free in do_zone_finish()]
+CVE-2024-26944 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/1ec17ef59168a1a6f1105f5dc517f783839a5302 (6.9-rc2)
-CVE-2024-26943 [nouveau/dmem: handle kcalloc() allocation failure]
+CVE-2024-26943 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/16e87fe23d4af6df920406494ced5c0f4354567b (6.9-rc2)
-CVE-2024-26942 [net: phy: qcom: at803x: fix kernel panic with at8031_probe]
+CVE-2024-26942 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6a4aee277740d04ac0fd54cfa17cc28261932ddc (6.9-rc2)
-CVE-2024-26941 [drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau]
+CVE-2024-26941 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9cbd1dae842737bfafa4b10a87909fa209dde250 (6.9-rc2)
-CVE-2024-26940 [drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed]
+CVE-2024-26940 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4be9075fec0a639384ed19975634b662bfab938f (6.9-rc2)
-CVE-2024-26939 [drm/i915/vma: Fix UAF on destroy against retire race]
+CVE-2024-26939 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0e45882ca829b26b915162e8e86dbb1095768e9e (6.9-rc2)
-CVE-2024-26938 [drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()]
+CVE-2024-26938 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/32e39bab59934bfd3f37097d4dd85ac5eb0fd549 (6.9-rc2)
-CVE-2024-26937 [drm/i915/gt: Reset queue_priority_hint on parking]
+CVE-2024-26937 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4a3859ea5240365d21f6053ee219bb240d520895 (6.9-rc2)
-CVE-2024-26936 [ksmbd: validate request buffer size in smb2_allocate_rsp_buf()]
+CVE-2024-26936 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/17cf0c2794bdb6f39671265aa18aea5c22ee8c4a (6.9-rc6)
-CVE-2024-26935 [scsi: core: Fix unremoved procfs host directory regression]
+CVE-2024-26935 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f23a4d6e07570826fe95023ca1aa96a011fa9f84 (6.9-rc2)
-CVE-2024-26934 [USB: core: Fix deadlock in usb_deauthorize_interface()]
+CVE-2024-26934 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/80ba43e9f799cbdd83842fc27db667289b3150f5 (6.9-rc2)
-CVE-2024-26933 [USB: core: Fix deadlock in port "disable" sysfs attribute]
+CVE-2024-26933 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/f4d1960764d8a70318b02f15203a1be2b2554ca1 (6.9-rc2)
-CVE-2024-26932 [usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()]
+CVE-2024-26932 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b63f90487bdf93a4223ce7853d14717e9d452856 (6.9-rc2)
-CVE-2024-26931 [scsi: qla2xxx: Fix command flush on cable pull]
+CVE-2024-26931 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/a27d4d0e7de305def8a5098a614053be208d1aa1 (6.9-rc2)
-CVE-2024-26930 [scsi: qla2xxx: Fix double free of the ha->vp_map pointer]
+CVE-2024-26930 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
NOTE: https://git.kernel.org/linus/e288285d47784fdcf7c81be56df7d65c6f10c58b (6.9-rc2)
-CVE-2024-26929 [scsi: qla2xxx: Fix double free of fcport]
+CVE-2024-26929 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.7.12-1
[bookworm] - linux 6.1.85-1
NOTE: https://git.kernel.org/linus/82f522ae0d97119a43da53e0f729275691b9c525 (6.9-rc2)
-CVE-2023-52648 [drm/vmwgfx: Unmap the surface before resetting it on a plane state]
+CVE-2023-52648 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.7.12-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/27571c64f1855881753e6f33c3186573afbab7ba (6.9-rc1)
-CVE-2023-52647 [media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access]
+CVE-2023-52647 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.7.12-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -8013,6 +8061,7 @@ CVE-2024-31309 (HTTP/2 CONTINUATIONDoS attack can cause Apache Traffic Server to
CVE-2024-30255 (Envoy is a cloud-native, open source edge and service proxy. The HTTP/ ...)
- envoyproxy <itp> (bug #987544)
CVE-2024-28182 (nghttp2 is an implementation of the Hypertext Transfer Protocol versio ...)
+ {DLA-3804-1}
- nghttp2 1.61.0-1 (bug #1068415)
NOTE: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
NOTE: https://www.kb.cert.org/vuls/id/421644
@@ -31690,6 +31739,7 @@ CVE-2023-51772 (One Identity Password Manager before 5.13.1 allows Kiosk Escape.
CVE-2023-51771 (In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHead ...)
NOT-FOR-US: MicroHttpServer
CVE-2023-51714 (An issue was discovered in the HTTP2 implementation in Qt before 5.15. ...)
+ {DLA-3805-1}
- qt6-base 6.4.2+dfsg-21 (bug #1060693)
[bookworm] - qt6-base <no-dsa> (Minor issue)
- qtbase-opensource-src 5.15.10+dfsg-6 (bug #1060694)
@@ -56448,7 +56498,7 @@ CVE-2023-32444 (A logic issue was addressed with improved validation. This issue
CVE-2023-32427 (This issue was addressed by using HTTPS when sending information over ...)
NOT-FOR-US: Apple
CVE-2023-37369 (In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before ...)
- {DLA-3539-1}
+ {DLA-3805-1 DLA-3539-1}
- qt6-base 6.4.2+dfsg-20 (bug #1059302)
[bookworm] - qt6-base <no-dsa> (Minor issue)
- qtbase-opensource-src-gles 5.15.10+dfsg-2
@@ -58217,7 +58267,7 @@ CVE-2023-38199 (coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4
CVE-2023-38198 (acme.sh before 3.0.6 runs arbitrary commands from a remote server via ...)
NOT-FOR-US: acme.sh
CVE-2023-38197 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6 ...)
- {DLA-3539-1}
+ {DLA-3805-1 DLA-3539-1}
- qt6-base <unfixed> (bug #1041104)
[bookworm] - qt6-base <no-dsa> (Minor issue)
- qtbase-opensource-src-gles 5.15.10+dfsg-3 (bug #1041106)
@@ -64509,6 +64559,7 @@ CVE-2023-33288 (An issue was discovered in the Linux kernel before 6.2.9. A use-
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/47c29d69212911f50bdcdd0564b5999a559010d4 (6.3-rc4)
CVE-2023-33285 (An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, an ...)
+ {DLA-3805-1}
- qt6-base 6.4.2+dfsg-10 (bug #1036848)
[bookworm] - qt6-base <no-dsa> (Minor issue)
- qtbase-opensource-src 5.15.8+dfsg-11
@@ -64680,7 +64731,7 @@ CVE-2023-2757 (The Waiting: One-click countdowns plugin for WordPress is vulnera
CVE-2019-25137 (Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Exe ...)
NOT-FOR-US: Umbraco CMS
CVE-2023-32763 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6. ...)
- {DLA-3539-1}
+ {DLA-3805-1 DLA-3539-1}
- qt6-base 6.4.2+dfsg-8
- qtbase-opensource-src 5.15.8+dfsg-10
[bullseye] - qtbase-opensource-src <no-dsa> (Minor issue)
@@ -64693,6 +64744,7 @@ CVE-2023-32763 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9,
NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/476490
NOTE: https://bugreports.qt.io/browse/QTBUG-113337
CVE-2023-32762 (An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6. ...)
+ {DLA-3805-1}
- qt6-base 6.4.2+dfsg-9
- qtbase-opensource-src 5.15.8+dfsg-10
[bullseye] - qtbase-opensource-src <no-dsa> (Minor issue)
@@ -86702,6 +86754,7 @@ CVE-2022-48287 (The HwContacts module has a logic bypass vulnerability. Successf
CVE-2022-48286 (The multi-screen collaboration module has a privilege escalation vulne ...)
NOT-FOR-US: Huawei
CVE-2023-24607 (Qt before 6.4.3 allows a denial of service via a crafted string when t ...)
+ {DLA-3805-1}
- qtbase-opensource-src 5.15.8+dfsg-3 (bug #1031872)
[bullseye] - qtbase-opensource-src <no-dsa> (Minor issue)
- qt6-base 6.4.2+dfsg-7 (bug #1031871)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73ae8f0d89c812a3dcf3e9b4d629de05e36d9eeb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73ae8f0d89c812a3dcf3e9b4d629de05e36d9eeb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240501/769dfaa9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list