[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 21 19:34:27 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3f640ffa by Salvatore Bonaccorso at 2024-11-21T20:33:15+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2024-53095 [smb: client: Fix use-after-free of network namespace.]
+ - linux 6.11.9-1
+ NOTE: https://git.kernel.org/linus/ef7134c7fc48e1441b398e55a862232868a6f0a7 (6.12-rc7)
+CVE-2024-53094 [RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES]
+ - linux 6.11.9-1
+ NOTE: https://git.kernel.org/linus/4e1e3dd88a4cedd5ccc1a3fc3d71e03b70a7a791 (6.12-rc4)
+CVE-2024-53093 [nvme-multipath: defer partition scanning]
+ - linux 6.11.9-1
+ NOTE: https://git.kernel.org/linus/1f021341eef41e77a633186e9be5223de2ce5d48 (6.12-rc4)
+CVE-2024-53092 [virtio_pci: Fix admin vq cleanup by using correct info pointer]
+ - linux 6.11.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/97ee04feb682c906a1fa973ebe586fe91567d165 (6.12)
+CVE-2024-53091 [bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx]
+ - linux 6.11.9-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/44d0469f79bd3d0b3433732877358df7dc6b17b1 (6.12)
+CVE-2024-53090 [afs: Fix lock recursion]
+ - linux 6.11.9-1
+ NOTE: https://git.kernel.org/linus/610a79ffea02102899a1373fe226d949944a7ed6 (6.12-rc5)
+CVE-2024-53089 [LoongArch: KVM: Mark hrtimer to expire in hard interrupt context]
+ - linux 6.11.9-1
+ NOTE: https://git.kernel.org/linus/73adbd92f3223dc0c3506822b71c6b259d5d537b (6.12-rc5)
CVE-2024-9875 (Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 a ...)
NOT-FOR-US: Okta
CVE-2024-9851 (The LSX Tour Operator plugin for WordPress is vulnerable to Stored Cro ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f640ffafb996c3dc3b6f02fed868bdf58b88ab5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f640ffafb996c3dc3b6f02fed868bdf58b88ab5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241121/5b4aaabf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list