[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 9 20:12:10 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a1a9f9d by security tracker role at 2024-11-09T20:12:04+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,208 +1,426 @@
-CVE-2024-50262 [bpf: Fix out-of-bounds write in trie_get_next_key()]
+CVE-2024-52032 (Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to prop ...)
+ TODO: check
+CVE-2024-51787 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51786 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51785 (Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Sol ...)
+ TODO: check
+CVE-2024-51784 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51783 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51781 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51780 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51779 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51778 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51776 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51763 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51762 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51761 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51760 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51759 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51719 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51718 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51717 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51716 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51714 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51713 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51712 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51711 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51710 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51709 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51708 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51707 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51706 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51705 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51704 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51703 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51702 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51701 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51699 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51698 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51697 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51696 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51695 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51694 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51693 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51692 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51691 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51690 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51689 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51676 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51675 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51674 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51673 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51670 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51668 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51664 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51663 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51662 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51647 (Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured ...)
+ TODO: check
+CVE-2024-51630 (Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Respons ...)
+ TODO: check
+CVE-2024-51629 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51628 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51627 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51625 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51623 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51622 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51621 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51620 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51619 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51618 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51616 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51614 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51613 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51612 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51611 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51610 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51608 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51607 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51606 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51605 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51604 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51603 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51602 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51601 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51599 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51598 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51597 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51596 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51595 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51594 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51593 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51592 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51591 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51590 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51589 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51588 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51587 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51586 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51585 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-51579 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-51570 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-50544 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-50539 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-50524 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-42000 (Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 ...)
+ TODO: check
+CVE-2024-36250 (Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail toprote ...)
+ TODO: check
+CVE-2024-10837 (The SysBasics Customize My Account for WooCommerce plugin for WordPres ...)
+ TODO: check
+CVE-2024-10676 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-10640 (The The FOX \u2013 Currency Switcher Professional for WooCommerce plug ...)
+ TODO: check
+CVE-2024-10352 (The Magical Addons For Elementor plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-10261 (The The Paid Membership Subscriptions \u2013 Effortless Memberships, R ...)
+ TODO: check
+CVE-2024-50262 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21 (6.12-rc6)
-CVE-2024-50261 [macsec: Fix use-after-free while sending the offloading packet]
+CVE-2024-50261 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f1e54d11b210b53d418ff1476c6b58a2f434dfc0 (6.12-rc6)
-CVE-2024-50260 [sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()]
+CVE-2024-50260 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/740be3b9a6d73336f8c7d540842d0831dc7a808b (6.12-rc6)
-CVE-2024-50259 [netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()]
+CVE-2024-50259 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4ce1f56a1eaced2523329bef800d004e30f2f76c (6.12-rc6)
-CVE-2024-50258 [net: fix crash when config small gso_max_size/gso_ipv4_max_size]
+CVE-2024-50258 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/9ab5cf19fb0e4680f95e506d6c544259bf1111c4 (6.12-rc6)
-CVE-2024-50257 [netfilter: Fix use-after-free in get_info()]
+CVE-2024-50257 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f48d258f0ac540f00fa617dac496c4c18b5dc2fa (6.12-rc6)
-CVE-2024-50256 [netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()]
+CVE-2024-50256 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/4ed234fe793f27a3b151c43d2106df2ff0d81aac (6.12-rc6)
-CVE-2024-50255 [Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs]
+CVE-2024-50255 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1e67d8641813f1876a42eeb4f532487b8a7fb0a8 (6.12-rc6)
-CVE-2024-50254 [bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()]
+CVE-2024-50254 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/101ccfbabf4738041273ce64e2b116cf440dea13 (6.12-rc6)
-CVE-2024-50253 [bpf: Check the validity of nr_words in bpf_iter_bits_new()]
+CVE-2024-50253 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/393397fbdcad7396639d7077c33f86169184ba99 (6.12-rc6)
-CVE-2024-50252 [mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address]
+CVE-2024-50252 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12ae97c531fcd3bfd774d4dfeaeac23eafe24280 (6.12-rc6)
-CVE-2024-50251 [netfilter: nft_payload: sanitize offset and length before calling skb_checksum()]
+CVE-2024-50251 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/d5953d680f7e96208c29ce4139a0e38de87a57fe (6.12-rc6)
-CVE-2024-50250 [fsdax: dax_unshare_iter needs to copy entire blocks]
+CVE-2024-50250 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/50793801fc7f6d08def48754fb0f0706b0cfc394 (6.12-rc6)
-CVE-2024-50249 [ACPI: CPPC: Make rmw_lock a raw_spin_lock]
+CVE-2024-50249 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1c10941e34c5fdc0357e46a25bd130d9cf40b925 (6.12-rc6)
-CVE-2024-50248 [ntfs3: Add bounds checking to mi_enum_attr()]
+CVE-2024-50248 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/556bdf27c2dd5c74a9caacbe524b943a6cd42d99 (6.12-rc3)
-CVE-2024-50247 [fs/ntfs3: Check if more than chunk-size bytes are written]
+CVE-2024-50247 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9931122d04c6d431b2c11b5bb7b10f28584067f0 (6.12-rc3)
-CVE-2024-50246 [fs/ntfs3: Add rough attr alloc_size check]
+CVE-2024-50246 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c4a8ba334262e9a5c158d618a4820e1b9c12495c (6.12-rc3)
-CVE-2024-50245 [fs/ntfs3: Fix possible deadlock in mi_read]
+CVE-2024-50245 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/03b097099eef255fbf85ea6a786ae3c91b11f041 (6.12-rc3)
-CVE-2024-50244 [fs/ntfs3: Additional check in ni_clear()]
+CVE-2024-50244 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d178944db36b3369b78a08ba520de109b89bf2a9 (6.12-rc3)
-CVE-2024-50243 [fs/ntfs3: Fix general protection fault in run_is_mapped_full]
+CVE-2024-50243 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a33fb016e49e37aafab18dc3c8314d6399cb4727 (6.12-rc3)
-CVE-2024-50242 [fs/ntfs3: Additional check in ntfs_file_release]
+CVE-2024-50242 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/031d6f608290c847ba6378322d0986d08d1a645a (6.12-rc3)
-CVE-2024-50241 [NFSD: Initialize struct nfsd4_copy earlier]
+CVE-2024-50241 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/63fab04cbd0f96191b6e5beedc3b643b01c15889 (6.12-rc6)
-CVE-2024-50240 [phy: qcom: qmp-usb: fix NULL-deref on runtime suspend]
+CVE-2024-50240 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bd9e4d4a3b127686efc60096271b0a44c3100061 (6.12-rc6)
-CVE-2024-50239 [phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend]
+CVE-2024-50239 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/29240130ab77c80bea1464317ae2a5fd29c16a0c (6.12-rc6)
-CVE-2024-50238 [phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend]
+CVE-2024-50238 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/34c21f94fa1e147a19b54b6adf0c93a623b70dd8 (6.12-rc6)
-CVE-2024-50237 [wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower]
+CVE-2024-50237 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/393b6bc174b0dd21bb2a36c13b36e62fc3474a23 (6.12-rc6)
-CVE-2024-50236 [wifi: ath10k: Fix memory leak in management tx]
+CVE-2024-50236 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/e15d84b3bba187aa372dff7c58ce1fd5cb48a076 (6.12-rc6)
-CVE-2024-50235 [wifi: cfg80211: clear wdev->cqm_config pointer on free]
+CVE-2024-50235 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d5fee261dfd9e17b08b1df8471ac5d5736070917 (6.12-rc6)
-CVE-2024-50234 [wifi: iwlegacy: Clear stale interrupts before resuming device]
+CVE-2024-50234 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/07c90acb071b9954e1fecb1e4f4f13d12c544b34 (6.12-rc6)
-CVE-2024-50233 [staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()]
+CVE-2024-50233 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/6bd301819f8f69331a55ae2336c8b111fc933f3d (6.12-rc6)
-CVE-2024-50232 [iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()]
+CVE-2024-50232 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/efa353ae1b0541981bc96dbf2e586387d0392baa (6.12-rc6)
-CVE-2024-50231 [iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()]
+CVE-2024-50231 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/691e79ffc42154a9c91dc3b7e96a307037b4be74 (6.12-rc6)
-CVE-2024-50230 [nilfs2: fix kernel bug due to missing clearing of checked flag]
+CVE-2024-50230 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/41e192ad2779cae0102879612dfe46726e4396aa (6.12-rc6)
-CVE-2024-50229 [nilfs2: fix potential deadlock with newly created symlinks]
+CVE-2024-50229 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/b3a033e3ecd3471248d474ef263aadc0059e516a (6.12-rc6)
-CVE-2024-50228 [mm: shmem: fix data-race in shmem_getattr()]
+CVE-2024-50228 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/d949d1d14fa281ace388b1de978e8f2cd52875cf (6.12-rc6)
-CVE-2024-50227 [thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()]
+CVE-2024-50227 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e9e1b20fae7de06ba36dd3f8dba858157bad233d (6.12-rc6)
-CVE-2024-50226 [cxl/port: Fix use-after-free, permit out-of-order decoder shutdown]
+CVE-2024-50226 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/101c268bd2f37e965a5468353e62d154db38838e (6.12-rc6)
-CVE-2024-50225 [btrfs: fix error propagation of split bios]
+CVE-2024-50225 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d48e1dea3931de64c26717adc2b89743c7ab6594 (6.12-rc6)
-CVE-2024-50224 [spi: spi-fsl-dspi: Fix crash when not using GPIO chip select]
+CVE-2024-50224 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/25f00a13dccf8e45441265768de46c8bf58e08f6 (6.12-rc6)
-CVE-2024-50223 [sched/numa: Fix the potential null pointer dereference in task_numa_work()]
+CVE-2024-50223 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9c70b2a33cd2aa6a5a59c5523ef053bd42265209 (6.12-rc6)
-CVE-2024-50222 [iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP]
+CVE-2024-50222 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c749d9b7ebbc5716af7a95f7768634b30d9446ec (6.12-rc6)
-CVE-2024-50221 [drm/amd/pm: Vangogh: Fix kernel memory out of bounds write]
+CVE-2024-50221 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4aa923a6e6406b43566ef6ac35a3d9a3197fa3e8 (6.12-rc6)
-CVE-2024-50220 [fork: do not invoke uffd on fork if error occurs]
+CVE-2024-50220 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f64e67e5d3a45a4a04286c47afade4b518acd47b (6.12-rc6)
-CVE-2024-50219 [mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves]
+CVE-2024-50219 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/281dd25c1a018261a04d1b8bf41a0674000bfe38 (6.12-rc6)
-CVE-2024-50218 [ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow]
+CVE-2024-50218 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/bc0a2f3a73fcdac651fca64df39306d1e5ebe3b0 (6.12-rc6)
-CVE-2024-50217 [btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()]
+CVE-2024-50217 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.11.7-1
NOTE: https://git.kernel.org/linus/aec8e6bf839101784f3ef037dcdb9432c3f32343 (6.12-rc6)
-CVE-2024-50216 [xfs: fix finding a last resort AG in xfs_filestream_pick_ag]
+CVE-2024-50216 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc60992ce76fbc2f71c2674f435ff6bde2108028 (6.12-rc6)
-CVE-2024-50215 [nvmet-auth: assign dh_key to NULL after kfree_sensitive]
+CVE-2024-50215 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.11.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d2f551b1f72b4c508ab9298419f6feadc3b5d791 (6.12-rc6)
-CVE-2024-50214 [drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic()]
+CVE-2024-50214 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/926163342a2e7595d950e84c17c693b1272bd491 (6.12-rc6)
-CVE-2024-50213 [drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()]
+CVE-2024-50213 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/add4163aca0d4a86e9fe4aa513865e4237db8aef (6.12-rc6)
-CVE-2024-50212 [lib: alloc_tag_module_unload must wait for pending kfree_rcu calls]
+CVE-2024-50212 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.11.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -83630,6 +83848,7 @@ CVE-2024-20698 (Windows Kernel Elevation of Privilege Vulnerability)
CVE-2024-20697 (Windows libarchive Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-20696 (Windows libarchive Remote Code Execution Vulnerability)
+ {DSA-5806-1}
- libarchive 3.7.4-1.1 (bug #1086155)
NOTE: https://github.com/libarchive/libarchive/pull/2172
NOTE: https://github.com/libarchive/libarchive/commit/eac15e252010c1189a5c0f461364dbe2cd2a68b1 (v3.7.5)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a1a9f9d00b685a3f10061fad6b48c65ad79e281
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a1a9f9d00b685a3f10061fad6b48c65ad79e281
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241109/886bae53/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list