[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 3 19:52:26 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e536736b by Salvatore Bonaccorso at 2024-05-03T20:51:17+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,96 @@
+CVE-2022-48705 [wifi: mt76: mt7921e: fix crash in chip reset fail]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fa3fbe64037839f448dc569212bafc5a495d8219 (6.0-rc5)
+CVE-2022-48704 [drm/radeon: add a force flush to delay work when radeon]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/f461950fdc374a3ada5a63c669d997de4600dffe (6.0-rc3)
+CVE-2022-48703 [thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR]
+	- linux 5.19.11-1
+	NOTE: https://git.kernel.org/linus/7931e28098a4c1a2a6802510b0cbe57546d2049d (6.0-rc3)
+CVE-2022-48702 [ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/d29f59051d3a07b81281b2df2b8c9dfe4716067f (6.0-rc5)
+CVE-2022-48701 [ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/e53f47f6c1a56d2af728909f1cb894da6b43d9bf (6.0-rc5)
+CVE-2022-48700 [vfio/type1: Unpin zero pages]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	NOTE: https://git.kernel.org/linus/873aefb376bbc0ed1dd2381ea1d6ec88106fdbd4 (6.0-rc5)
+CVE-2022-48699 [sched/debug: fix dentry leak in update_sched_domain_debugfs]
+	- linux 5.19.11-1
+	NOTE: https://git.kernel.org/linus/c2e406596571659451f4b95e37ddfd5a8ef1d0dc (6.0-rc5)
+CVE-2022-48698 [drm/amd/display: fix memory leak when using debugfs_lookup()]
+	- linux 5.19.11-1
+	NOTE: https://git.kernel.org/linus/cbfac7fa491651c57926c99edeb7495c6c1aeac2 (6.0-rc5)
+CVE-2022-48697 [nvmet: fix a use-after-free]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/6a02a61e81c231cc5c680c5dbf8665275147ac52 (6.0-rc5)
+CVE-2022-48696 [regmap: spi: Reserve space for register address/padding]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f5723cfc01932c7a8d5c78dbf7e067e537c91439 (6.0-rc5)
+CVE-2022-48695 [scsi: mpt3sas: Fix use-after-free warning]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34 (6.0-rc5)
+CVE-2022-48694 [RDMA/irdma: Fix drain SQ hang with no completion]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ead54ced6321099978d30d62dc49c282a6e70574 (6.0-rc5)
+CVE-2022-48693 [soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/1085f5080647f0c9f357c270a537869191f7f2a1 (6.0-rc5)
+CVE-2022-48692 [RDMA/srp: Set scmnd->result only when scmnd is not NULL]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/12f35199a2c0551187edbf8eb01379f0598659fa (6.0-rc5)
+CVE-2022-48691 [netfilter: nf_tables: clean up hook list when offload flags check fails]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/77972a36ecc4db7fc7c68f0e80714263c5f03f65 (6.0-rc5)
+CVE-2022-48690 [ice: Fix DMA mappings leak]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7e753eb675f0523207b184558638ee2eed6c9ac2 (6.0-rc5)
+CVE-2022-48689 [tcp: TX zerocopy should not sense pfmemalloc status]
+	- linux 5.19.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3261400639463a853ba2b3be8bd009c2a8089775 (6.0-rc5)
+CVE-2022-48688 [i40e: Fix kernel crash during module removal]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/fb8396aeda5872369a8ed6d2301e2c86e303c520 (6.0-rc5)
+CVE-2022-48687 [ipv6: sr: fix out-of-bounds read when setting HMAC data.]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux 4.19.260-1
+	NOTE: https://git.kernel.org/linus/84a53580c5d2138c7361c7c3eea5b31827e63b35 (6.0-rc5)
+CVE-2022-48686 [nvme-tcp: fix UAF when detecting digest errors]
+	- linux 5.19.11-1
+	[bullseye] - linux 5.10.148-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/160f3549a907a50e51a8518678ba2dcf2541abea (6.0-rc5)
 CVE-2022-48675 [IB/core: Fix a nested dead lock as part of ODP flow]
 	- linux 5.19.11-1
 	[bullseye] - linux 5.10.148-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e536736bb180aebb9c2f43237ab0cc9794c388d2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e536736bb180aebb9c2f43237ab0cc9794c388d2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240503/cfe2960e/attachment.htm>

More information about the debian-security-tracker-commits mailing list