[Git][security-tracker-team/security-tracker][master] Update some CVEs with kernel-sec information

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 16 22:13:44 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f929b8c by Salvatore Bonaccorso at 2024-05-16T23:13:04+02:00
Update some CVEs with kernel-sec information

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9521,7 +9521,7 @@ CVE-2024-26904 (In the Linux kernel, the following vulnerability has been resolv
 CVE-2024-26903 (In the Linux kernel, the following vulnerability has been resolved:  B ...)
 	{DSA-5681-1}
 	- linux 6.7.12-1
-	[bookworm] - linux 6.1.85-1
+	[bookworm] - linux 6.1.82-1
 	NOTE: https://git.kernel.org/linus/2535b848fa0f42ddff3e5255cf5e742c9b77bb26 (6.8-rc7)
 CVE-2024-26902 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
 	- linux 6.7.12-1
@@ -13113,7 +13113,7 @@ CVE-2022-4965 (The Invitation Code Content Restriction Plugin from CreativeMinds
 	NOT-FOR-US: WordPress plugin
 CVE-2024-2201 [Native Branch History Injection]
 	{DSA-5658-1}
-	- linux <unfixed>
+	- linux 6.8.9-1
 	- xen <unfixed>
 	[bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
@@ -29154,7 +29154,7 @@ CVE-2024-1430 (A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.1
 	NOT-FOR-US: Netgear
 CVE-2024-1151 (A vulnerability was reported in the Open vSwitch sub-component in the  ...)
 	{DSA-5681-1}
-	- linux <unfixed>
+	- linux 6.7.7-1
 	[bookworm] - linux 6.1.82-1
 	NOTE: https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/
 	NOTE: https://git.kernel.org/linus/6e2f90d31fe09f2b852de25125ca875aabd81367
@@ -30469,12 +30469,12 @@ CVE-2024-24859 (A race condition was found in the Linux kernel's net/bluetooth i
 	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=8153
 CVE-2024-24858 (A race condition was found in the Linux kernel's net/bluetooth in {con ...)
 	{DSA-5681-1 DSA-5658-1}
-	- linux <unfixed>
+	- linux 6.8.9-1
 	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=8154
 	NOTE: https://git.kernel.org/linus/7835fcfd132eb88b87e8eb901f88436f63ab60f7 (6.9-rc3)
 CVE-2024-24857 (A race condition was found in the Linux kernel's net/bluetooth device  ...)
 	{DSA-5681-1 DSA-5658-1}
-	- linux <unfixed>
+	- linux 6.8.9-1
 	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=8155
 	NOTE: https://git.kernel.org/linus/7835fcfd132eb88b87e8eb901f88436f63ab60f7 (6.9-rc3)
 CVE-2024-24855 (A race condition was found in the Linux kernel's scsi device driver in ...)
@@ -32250,14 +32250,15 @@ CVE-2023-3181 (The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\u
 CVE-2024-23985 (EzServer 6.4.017 allows a denial of service (daemon crash) via a long  ...)
 	NOT-FOR-US: EzServer
 CVE-2024-23307 (Integer Overflow or Wraparound vulnerability in Linux Linux kernel ker ...)
-	- linux <unfixed>
+	- linux 6.8.9-1
+	[bookworm] - linux 6.1.85-1
 	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=7975
 	NOTE: https://git.kernel.org/linus/dfd2bf436709b2bccb78c2dda550dde93700efa7
 CVE-2024-22751 (D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack ove ...)
 	NOT-FOR-US: D-Link
 CVE-2024-22099 (NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on ...)
 	{DSA-5681-1}
-	- linux <unfixed>
+	- linux 6.7.12-1
 	[bookworm] - linux 6.1.82-1
 	NOTE: https://bugzilla.openanolis.cn/show_bug.cgi?id=7956
 	NOTE: https://git.kernel.org/linus/2535b848fa0f42ddff3e5255cf5e742c9b77bb26 (v6.8-rc7)
@@ -36674,7 +36675,7 @@ CVE-2023-6551 (As a simple library, class.upload.php does not perform an in-dept
 	NOT-FOR-US: class.upload.php library
 CVE-2023-6270 (A flaw was found in the ATA over Ethernet (AoE) driver in the Linux ke ...)
 	{DSA-5681-1}
-	- linux <unfixed>
+	- linux 6.7.12-1
 	[bookworm] - linux 6.1.82-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-22236
 	NOTE: https://git.kernel.org/linus/f98364e926626c678fb4b9004b75cacf92ff0662 (6.9-rc1)
@@ -47423,8 +47424,9 @@ CVE-2023-47234 (An issue was discovered in FRRouting FRR through 9.0.1. A crash
 	NOTE: https://github.com/FRRouting/frr/commit/c37119df45bbf4ef713bc10475af2ee06e12f3bf
 CVE-2023-47233 (The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf ...)
 	{DSA-5681-1 DSA-5658-1}
-	- linux <unfixed>
+	- linux 6.7.12-1
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1216702
+	NOTE: https://git.kernel.org/linus/0f7352557a35ab7888bc7831411ec8a3cbe20d78 (6.9-rc1)
 CVE-2023-45189 (A vulnerability in IBM Robotic Process Automation and IBM Robotic Proc ...)
 	NOT-FOR-US: IBM
 CVE-2023-40215 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f929b8cc4531278e43e0262afcbb982b5787589

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f929b8cc4531278e43e0262afcbb982b5787589
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240516/799baa99/attachment.htm>

More information about the debian-security-tracker-commits mailing list