[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 21 16:58:20 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bc18e24e by Salvatore Bonaccorso at 2024-10-21T17:57:48+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,358 @@
+CVE-2024-49862 [powercap: intel_rapl: Fix off by one in get_rpi()]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/95f6580352a7225e619551febb83595bcb77ab17 (6.12-rc1)
+CVE-2024-49861 [bpf: Fix helper writes to read-only maps]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/32556ce93bc45c730829083cb60f95a2728ea48b (6.12-rc1)
+CVE-2024-49860 [ACPI: sysfs: validate return type of _STR method]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/4bb1e7d027413835b086aed35bc3f0713bc0f72b (6.12-rc1)
+CVE-2024-49859 [f2fs: fix to check atomic_file in f2fs ioctl interfaces]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/bfe5c02654261bfb8bd9cb174a67f3279ea99e58 (6.12-rc1)
+CVE-2024-49858 [efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/77d48d39e99170b528e4f2e9fc5d1d64cdedd386 (6.12-rc1)
+CVE-2024-49857 [wifi: iwlwifi: mvm: set the cipher for secured NDP ranging]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a949075d4bbf1ca83ccdeaa6ef4ac2ce7526c5f4 (6.12-rc1)
+CVE-2024-49856 [x86/sgx: Fix deadlock in SGX NUMA node search]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9c936844010466535bd46ea4ce4656ef17653644 (6.12-rc1)
+CVE-2024-49855 [nbd: fix race between timeout and normal completion]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c9ea57c91f03bcad415e1a20113bdb2077bcf990 (6.12-rc1)
+CVE-2024-49854 [block, bfq: fix uaf for accessing waker_bfqq after splitting]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/1ba0403ac6447f2d63914fb760c44a3b19c44eaf (6.12-rc1)
+CVE-2024-49853 [firmware: arm_scmi: Fix double free in OPTEE transport]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e98dba934b2fc587eafb83f47ad64d9053b18ae0 (6.12-rc1)
+CVE-2024-49852 [scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2e4b02fad094976763af08fec2c620f4f8edd9ae (6.12-rc1)
+CVE-2024-49851 [tpm: Clean up TPM space after command failure]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e3aaebcbb7c6b403416f442d1de70d437ce313a7 (6.12-rc1)
+CVE-2024-49850 [bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3d2786d65aaa954ebd3fcc033ada433e10da21c4 (6.12-rc1)
+CVE-2024-47757 [nilfs2: fix potential oob read in nilfs_btree_check_delete()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/f9c96351aa6718b42a9f42eaf7adce0356bdb5e8 (6.12-rc1)
+CVE-2024-47756 [PCI: keystone: Fix if-statement expression in ks_pcie_quirk()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/6188a1c762eb9bbd444f47696eda77a5eae6207a (6.12-rc1)
+CVE-2024-47755 [nvdimm: Fix devs leaks in scan_labels()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/62c2aa6b1f565d2fc1ec11a6e9e8336ce37a6426 (6.12-rc1)
+CVE-2024-47754 [media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9be85491619f1953b8a29590ca630be571941ffa (6.12-rc1)
+CVE-2024-47753 [media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b113bc7c0e83b32f4dd2d291a2b6c4803e0a2c44 (6.12-rc1)
+CVE-2024-47752 [media: mediatek: vcodec: Fix H264 stateless decoder smatch warning]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7878d3a385efab560dce793b595447867fb163f2 (6.12-rc1)
+CVE-2024-47751 [PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c500a86693a126c9393e602741e348f80f1b0fc5 (6.12-rc1)
+CVE-2024-47750 [RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fd8489294dd2beefb70f12ec4f6132aeec61a4d0 (6.12-rc1)
+CVE-2024-47749 [RDMA/cxgb4: Added NULL check for lookup_atid]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e766e6a92410ca269161de059fff0843b8ddd65f (6.12-rc1)
+CVE-2024-47748 [vhost_vdpa: assign irq bypass producer token correctly]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/02e9e9366fefe461719da5d173385b6685f70319 (6.12-rc1)
+CVE-2024-47747 [net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/b5109b60ee4fcb2f2bb24f589575e10cc5283ad4 (6.12-rc1)
+CVE-2024-47746 [fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2f3d8ff457982f4055fe8f7bf19d3821ba22c376 (6.12-rc1)
+CVE-2024-47745 [mm: call the security_mmap_file() LSM hook in remap_file_pages()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/ea7e2d5e49c05e5db1922387b09ca74aa40f46e2 (6.12-rc1)
+CVE-2024-47744 [KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/44d17459626052a2390457e550a12cb973506b2f (6.12-rc1)
+CVE-2024-47743 [KEYS: prevent NULL pointer dereference in find_asymmetric_key()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/70fd1966c93bf3bfe3fe6d753eb3d83a76597eef (6.12-rc1)
+CVE-2024-47742 [firmware_loader: Block path traversal]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/f0e5311aa8022107d63c54e2f03684ec097d1394 (6.12-rc1)
+CVE-2024-47741 [btrfs: fix race setting file private on concurrent lseek using same fd]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7ee85f5515e86a4e2a2f51969795920733912bad (6.12-rc1)
+CVE-2024-47740 [f2fs: Require FMODE_WRITE for atomic write ioctls]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/4f5a100f87f32cb65d4bb1ad282a08c92f6f591e (6.12-rc1)
+CVE-2024-47739 [padata: use integer wrap around to prevent deadlock on seq_nr overflow]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/9a22b2812393d93d84358a760c347c21939029a6 (6.12-rc1)
+CVE-2024-47738 [wifi: mac80211: don't use rate mask for offchannel TX either]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e7a7ef9a0742dbd0818d5b15fba2c5313ace765b (6.12-rc1)
+CVE-2024-47737 [nfsd: call cache_put if xdr_reserve_space returns NULL]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/d078cbf5c38de83bc31f83c47dcd2184c04a50c7 (6.12-rc1)
+CVE-2024-47736 [erofs: handle overlapped pclusters out of crafted images properly]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9e2f9d34dd12e6e5b244ec488bcebd0c2d566c50 (6.12-rc1)
+CVE-2024-47735 [RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/74d315b5af180220d561684d15897730135733a6 (6.12-rc1)
+CVE-2024-47734 [bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0cbfd45fbcf0cb26d85c981b91c62fe73cdee01c (6.12-rc1)
+CVE-2024-47733 [netfs: Delete subtree of 'fs/netfs' when netfs module exits]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3c58a9575e02c2b90a3180007d57105ceaa7c246 (6.12-rc1)
+CVE-2024-47732 [crypto: iaa - Fix potential use after free bug]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e0d3b845a1b10b7b5abdad7ecc69d45b2aab3209 (6.12-rc1)
+CVE-2024-47731 [drivers/perf: Fix ali_drw_pmu driver interrupt status clearing]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a3dd920977dccc453c550260c4b7605b280b79c3 (6.12-rc1)
+CVE-2024-47730 [crypto: hisilicon/qm - inject error before stopping queue]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/b04f06fc0243600665b3b50253869533b7938468 (6.12-rc1)
+CVE-2024-47729 [drm/xe: Use reserved copy engine for user binds on faulting devices]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/852856e3b6f679c694dd5ec41e5a3c11aa46640b (6.12-rc1)
+CVE-2024-47728 [bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/4b3786a6c5397dc220b1483d8e2f4867743e966f (6.12-rc1)
+CVE-2024-47727 [x86/tdx: Fix "in-kernel MMIO" check]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d4fc4d01471528da8a9797a065982e05090e1d81 (6.12-rc1)
+CVE-2024-47726 [f2fs: fix to wait dio completion]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d (6.12-rc1)
+CVE-2024-47725 [dm-verity: restart or panic on an I/O error]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e6a3531dd542cb127c8de32ab1e54a48ae19962b (6.12-rc1)
+CVE-2024-47724 [wifi: ath11k: use work queue to process beacon tx event]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/177b49dbf9c1d8f9f25a22ffafa416fc2c8aa6a3 (6.12-rc1)
+CVE-2024-47723 [jfs: fix out-of-bounds in dbNextAG() and diAlloc()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e63866a475562810500ea7f784099bfe341e761a (6.12-rc1)
+CVE-2024-47721 [wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/56310ddb50b190b3390fdc974aec455d0a516bd2 (6.12-rc1)
+CVE-2024-47720 [drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/08ae395ea22fb3d9b318c8bde28c0dfd2f5fa4d2 (6.12-rc1)
+CVE-2024-47719 [iommufd: Protect against overflow of ALIGN() during iova allocation]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8f6887349b2f829a4121c518aeb064fc922714e4 (6.12-rc1)
+CVE-2024-47718 [wifi: rtw88: always wait for both firmware loading attempts]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/0e735a4c6137262bcefe45bb52fde7b1f5fc6c4d (6.12-rc1)
+CVE-2024-47717 [RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/47d40d93292d9cff8dabb735bed83d930fa03950 (6.12-rc1)
+CVE-2024-47716 [ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/89a906dfa8c3b21b3e5360f73c49234ac1eb885b (6.12-rc1)
+CVE-2024-47715 [wifi: mt76: mt7915: fix oops on non-dbdc mt7986]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/862bf7cbd772c2bad570ef0c5b5556a1330656dd (6.12-rc1)
+CVE-2024-47714 [wifi: mt76: mt7996: use hweight16 to get correct tx antenna]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f98c3de92bb05dac4a4969df8a4595ed380b4604 (6.12-rc1)
+CVE-2024-47713 [wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/9d301de12da6e1bb069a9835c38359b8e8135121 (6.12-rc1)
+CVE-2024-47712 [wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8 (6.12-rc1)
+CVE-2024-47711 [af_unix: Don't return OOB skb in manage_oob().]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5aa57d9f2d5311f19434d95b2a81610aa263e23b (6.12-rc1)
+CVE-2024-47710 [sock_map: Add a cond_resched() in sock_hash_free()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/b1339be951ad31947ae19bc25cb08769bf255100 (6.12-rc1)
+CVE-2024-47709 [can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/94b0818fa63555a65f6ba107080659ea6bcca63e (6.12-rc1)
+CVE-2024-47708 [netkit: Assign missing bpf_net_context]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/157f29152b61ca41809dd7ead29f5733adeced19 (6.12-rc1)
+CVE-2024-47707 [ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/04ccecfa959d3b9ae7348780d8e379c6486176ac (6.12-rc1)
+CVE-2024-47706 [block, bfq: fix possible UAF for bfqq->bic with merge chain]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/18ad4df091dd5d067d2faa8fce1180b79f7041a7 (6.12-rc1)
+CVE-2024-47705 [block: fix potential invalid pointer dereference in blk_add_partition]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/26e197b7f9240a4ac301dd0ad520c0c697c2ea7d (6.12-rc1)
+CVE-2024-47704 [drm/amd/display: Check link_res->hpo_dp_link_enc before using it]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/0beca868cde8742240cd0038141c30482d2b7eb8 (6.12-rc1)
+CVE-2024-47703 [bpf, lsm: Add check for BPF LSM return value]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/5d99e198be279045e6ecefe220f5c52f8ce9bfd5 (6.12-rc1)
+CVE-2024-47702 [bpf: Fail verification for sign-extension of packet data/data_end/data_meta]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/92de36080c93296ef9005690705cba260b9bd68a (6.12-rc1)
+CVE-2024-47701 [ext4: avoid OOB when system.data xattr changes underneath the filesystem]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/c6b72f5d82b1017bad80f9ebf502832fc321d796 (6.12-rc1)
+CVE-2024-47700 [ext4: check stripe size compatibility on remount as well]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ee85e0938aa8f9846d21e4d302c3cf6a2a75110d (6.12-rc1)
+CVE-2024-47699 [nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/9403001ad65ae4f4c5de368bdda3a0636b51d51a (6.12-rc1)
+CVE-2024-47698 [drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/8ae06f360cfaca2b88b98ca89144548b3186aab1 (6.12-rc1)
+CVE-2024-47697 [drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/46d7ebfe6a75a454a5fa28604f0ef1491f9d8d14 (6.12-rc1)
+CVE-2024-47696 [RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/86dfdd8288907f03c18b7fb462e0e232c4f98d89 (6.12-rc1)
+CVE-2024-47695 [RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/3e4289b29e216a55d08a89e126bc0b37cbad9f38 (6.12-rc1)
+CVE-2024-47694 [IB/mlx5: Fix UMR pd cleanup on error flow of driver init]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/112e6e83a894260cc7efe79a1fc47d4d51461742 (6.12-rc1)
+CVE-2024-47693 [IB/core: Fix ib_cache_setup_one error flow cleanup]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/1403c8b14765eab805377dd3b75e96ace8747aed (6.12-rc1)
+CVE-2024-47692 [nfsd: return -EINVAL when namelen is 0]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/22451a16b7ab7debefce660672566be887db1637 (6.12-rc1)
+CVE-2024-47691 [f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/c7f114d864ac91515bb07ac271e9824a20f5ed95 (6.12-rc1)
+CVE-2024-47690 [f2fs: get rid of online repaire on corrupted directory]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/884ee6dc85b959bc152f15bca80c30f06069e6c4 (6.12-rc1)
+CVE-2024-47689 [f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/930c6ab93492c4b15436524e704950b364b2930c (6.12-rc1)
+CVE-2024-47688 [driver core: Fix a potential null-ptr-deref in module_add_driver()]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/18ec12c97b39ff6aa15beb8d2b25d15cd44b87d8 (6.12-rc1)
+CVE-2024-47687 [vdpa/mlx5: Fix invalid mr resource destroy]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dc12502905b7a3de9097ea6b98870470c2921e09 (6.12-rc1)
+CVE-2024-47686 [ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c7f06284a6427475e3df742215535ec3f6cd9662 (6.12-rc1)
+CVE-2024-47685 [netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/9c778fe48d20ef362047e3376dee56d77f8500d4 (6.12-rc1)
+CVE-2024-47684 [tcp: check skb is non-NULL in tcp_rto_delta_us()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/c8770db2d54437a5f49417ae7b46f7de23d14db6 (6.12-rc1)
+CVE-2024-47683 [drm/amd/display: Skip Recompute DSC Params if no Stream on Link]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/8151a6c13111b465dbabe07c19f572f7cbd16fef (6.12-rc1)
+CVE-2024-47682 [scsi: sd: Fix off-by-one error in sd_read_block_characteristics()]
+ - linux 6.11.2-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f81eaf08385ddd474a2f41595a7757502870c0eb (6.12-rc1)
+CVE-2024-47681 [wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f503ae90c7355e8506e68498fe84c1357894cd5b (6.12-rc1)
+CVE-2024-47680 [f2fs: check discard support for conventional zones]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/43aec4d01bd2ce961817a777b3846f8318f398e4 (6.12-rc1)
+CVE-2024-47679 [vfs: fix race between evice_inodes() and find_inode()Description:iput()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/88b1afbf0f6b221f6c5bb66cc80cd3b38d696687 (6.12-rc1)
+CVE-2024-47678 [icmp: change the order of rate limits]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/8c2bd38b95f75f3d2a08c93e35303e26d480d24e (6.12-rc1)
+CVE-2024-47677 [exfat: resolve memory leak from exfat_create_upcase_table()]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c290fe508eee36df1640c3cb35dc8f89e073c8a8 (6.12-rc1)
+CVE-2024-47676 [mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/98b74bb4d7e96b4da5ef3126511febe55b76b807 (6.12-rc1)
+CVE-2024-47675 [bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()]
+ - linux 6.11.2-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5fe6e308abaea082c20fbf2aa5df8e14495622cf (6.12-rc1)
+CVE-2023-52917 [ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()]
+ - linux 6.11.2-1
+ NOTE: https://git.kernel.org/linus/e229897d373a87ee09ec5cc4ecd4bb2f895fc16b (6.12-rc1)
CVE-2024-8625 (The TS Poll WordPress plugin before 2.4.0 does not sanitize and escap ...)
NOT-FOR-US: WordPress plugin
CVE-2024-49215 (An issue was discovered in Sangoma Asterisk through 18.20.0, 19.x and ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc18e24e57f1ea576f8d6cce4c7bbc3ab73aedfb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc18e24e57f1ea576f8d6cce4c7bbc3ab73aedfb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241021/e4892ffd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list