[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs for kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 21 20:57:41 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
18ca5671 by Salvatore Bonaccorso at 2024-10-21T21:56:12+02:00
Merge Linux CVEs for kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,212 @@
+CVE-2024-50065 [ntfs3: Change to non-blocking allocation in ntfs_d_hash]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/589996bf8c459deb5bbc9747d8f1c51658608103 (6.12-rc3)
+CVE-2024-50064 [zram: free secondary algorithms names]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/684826f8271ad97580b138b9ffd462005e470b99 (6.12-rc1)
+CVE-2024-50063 [bpf: Prevent tail call between progs attached to different hooks]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/28ead3eaabc16ecc907cfb71876da028080f6356 (6.12-rc1)
+CVE-2024-50062 [RDMA/rtrs-srv: Avoid null pointer deref during path establishment]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/d0e62bf7b575fbfe591f6f570e7595dd60a2f5eb (6.12-rc1)
+CVE-2024-50061 [i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/609366e7a06d035990df78f1562291c3bf0d4a12 (6.12-rc1)
+CVE-2024-50060 [io_uring: check if we need to reschedule during overflow flush]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/eac2ca2d682f94f46b1973bdf5e77d85d77b8e53 (6.12-rc1)
+CVE-2024-50059 [ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/e51aded92d42784313ba16c12f4f88cc4f973bbb (6.12-rc1)
+CVE-2024-50058 [serial: protect uart_port_dtr_rts() in uart_shutdown() too]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/602babaa84d627923713acaf5f7e9a4369e77473 (6.12-rc1)
+CVE-2024-50057 [usb: typec: tipd: Free IRQ only if it was requested before]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/db63d9868f7f310de44ba7bea584e2454f8b4ed0 (6.12-rc1)
+CVE-2024-50056 [usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/a7bb96b18864225a694e3887ac2733159489e4b0 (6.12-rc1)
+CVE-2024-50055 [driver core: bus: Fix double free in driver API bus_register()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/bfa54a793ba77ef696755b66f3ac4ed00c7d1248 (6.12-rc1)
+CVE-2024-50049 [drm/amd/display: Check null pointer before dereferencing se]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/ff599ef6970ee000fa5bc38d02fa5ff5f3fc7575 (6.12-rc1)
+CVE-2024-50048 [fbcon: Fix a NULL pointer dereference issue in fbcon_putcs]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/5b97eebcce1b4f3f07a71f635d6aa3af96c236e7 (6.12-rc1)
+CVE-2024-50047 [smb: client: fix UAF in async decryption]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/b0abcd65ec545701b8793e12bc27dc98042b151a (6.12-rc1)
+CVE-2024-50046 [NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/a848c29e3486189aaabd5663bc11aea50c5bd144 (6.12-rc3)
+CVE-2024-50045 [netfilter: br_netfilter: fix panic with metadata_dst skb]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/f9ff7665cd128012868098bbd07e28993e314fdb (6.12-rc3)
+CVE-2024-50044 [Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/08d1914293dae38350b8088980e59fbc699a72fe (6.12-rc3)
+CVE-2024-50043 [nfsd: fix possible badness in FREE_STATEID]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c88c150a467fcb670a1608e2272beeee3e86df6e (6.12-rc3)
+CVE-2024-50042 [ice: Fix increasing MSI-X on VF]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bce9af1b030bf59d51bbabf909a3ef164787e44e (6.12-rc3)
+CVE-2024-50041 [i40e: Fix macvlan leak by synchronizing access to mac_filter_hash]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/dac6c7b3d33756d6ce09f00a96ea2ecd79fae9fb (6.12-rc3)
+CVE-2024-50040 [igb: Do not bring the device up after non-fatal error]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/330a699ecbfc9c26ec92c6310686da1230b4e7eb (6.12-rc3)
+CVE-2024-50039 [net/sched: accept TCA_STAB only for root qdisc]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/3cb7cf1540ddff5473d6baeb530228d19bc97b8a (6.12-rc3)
+CVE-2024-50038 [netfilter: xtables: avoid NFPROTO_UNSPEC where needed]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/0bfcb7b71e735560077a42847f69597ec7dcc326 (6.12-rc3)
+CVE-2024-50037 [drm/fbdev-dma: Only cleanup deferred I/O if necessary]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fcddc71ec7ecf15b4df3c41288c9cf0b8e886111 (6.12-rc3)
+CVE-2024-50036 [net: do not delay dst_entries_add() in dst_release()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/ac888d58869bb99753e7652be19a151df9ecb35d (6.12-rc3)
+CVE-2024-50035 [ppp: fix ppp_async_encode() illegal access]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/40dddd4b8bd08a69471efd96107a4e1c73fabefc (6.12-rc3)
+CVE-2024-50034 [net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6fd27ea183c208e478129a85e11d880fc70040f2 (6.12-rc3)
+CVE-2024-50033 [slip: make slhc_remember() more robust against malicious packets]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/7d3fce8cbe3a70a1c7c06c9b53696be5d5d8dd5c (6.12-rc3)
+CVE-2024-50032 [rcu/nocb: Fix rcuog wake-up from offline softirq]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f7345ccc62a4b880cf76458db5f320725f28e400 (6.12-rc3)
+CVE-2024-50031 [drm/v3d: Stop the active perfmon before being destroyed]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7d1fd3638ee3a9f9bca4785fffb638ca19120718 (6.12-rc3)
+CVE-2024-50030 [drm/xe/ct: prevent UAF in send_recv()]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/db7f92af626178ba59dbbcdd5dee9ec24a987a88 (6.12-rc3)
+CVE-2024-50029 [Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/18fd04ad856df07733f5bb07e7f7168e7443d393 (6.12-rc3)
+CVE-2024-50028 [thermal: core: Reference count the zone in thermal_zone_get_by_id()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/a42a5839f400e929c489bb1b58f54596c4535167 (6.12-rc3)
+CVE-2024-50027 [thermal: core: Free tzp copy along with the thermal zone]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/827a07525c099f54d3b15110408824541ec66b3c (6.12-rc3)
+CVE-2024-50026 [scsi: wd33c93: Don't use stale scsi_pointer value]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9023ed8d91eb1fcc93e64dc4962f7412b1c4cbec (6.12-rc3)
+CVE-2024-50025 [scsi: fnic: Move flush_work initialization out of if block]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f30e5f77d2f205ac14d09dec40fd4bb76712f13d (6.12-rc3)
+CVE-2024-50024 [net: Fix an unsafe loop on the list]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/1dae9f1187189bc09ff6d25ca97ead711f7e26f9 (6.12-rc3)
+CVE-2024-50023 [net: phy: Remove LED entry from LEDs list on unregister]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f50b5d74c68e551667e265123659b187a30fe3a5 (6.12-rc3)
+CVE-2024-50022 [device-dax: correct pgoff align in dax_set_mapping()]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7fcbd9785d4c17ea533c42f20a9083a83f301fa6 (6.12-rc3)
+CVE-2024-50021 [ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ccca30a18e36a742e606d5bf0630e75be7711d0a (6.12-rc3)
+CVE-2024-50020 [ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d517cf89874c6039e6294b18d66f40988e62502a (6.12-rc3)
+CVE-2024-50019 [kthread: unpark only parked kthread]
+ - linux 6.11.4-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/214e01ad4ed7158cab66498810094fac5d09b218 (6.12-rc3)
+CVE-2024-50018 [net: napi: Prevent overflow of napi_defer_hard_irqs]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/08062af0a52107a243f7608fd972edb54ca5b7f8 (6.12-rc1)
+CVE-2024-50017 [x86/mm/ident_map: Use gbpages only where full GB page should be mapped.]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/cc31744a294584a36bf764a0ffa3255a8e69f036 (6.12-rc1)
+CVE-2024-50016 [drm/amd/display: Avoid overflow assignment in link_dp_cts]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/a15268787b79fd183dd526cc16bec9af4f4e49a1 (6.12-rc1)
+CVE-2024-50015 [ext4: dax: fix overflowing extents beyond inode size when partially writing]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/dda898d7ffe85931f9cca6d702a51f33717c501e (6.12-rc1)
+CVE-2024-50014 [ext4: fix access to uninitialised lock in fc replay path]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/23dfdb56581ad92a9967bcd720c8c23356af74c1 (6.12-rc1)
+CVE-2024-50013 [exfat: fix memory leak in exfat_load_bitmap()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/d2b537b3e533f28e0d97293fe9293161fe8cd137 (6.12-rc1)
+CVE-2024-50012 [cpufreq: Avoid a bad reference count on CPU node]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/c0f02536fffbbec71aced36d52a765f8c4493dc2 (6.12-rc2)
+CVE-2024-50011 [ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5afc29ba44fdd1bcbad4e07246c395d946301580 (6.12-rc2)
+CVE-2024-50010 [exec: don't WARN for racy path_noexec check]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/0d196e7589cefe207d5d41f37a0a28a1fdeeb7c6 (6.12-rc1)
+CVE-2024-50009 [cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/5493f9714e4cdaf0ee7cec15899a231400cb1a9f (6.12-rc1)
+CVE-2024-50008 [wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/498365e52bebcbc36a93279fe7e9d6aec8479cee (6.12-rc1)
+CVE-2024-50007 [ALSA: asihpi: Fix potential OOB array access]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/7b986c7430a6bb68d523dac7bfc74cbd5b44ef96 (6.12-rc1)
+CVE-2024-50006 [ext4: fix i_data_sem unlock order in ext4_ind_migrate()]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/cc749e61c011c255d81b192a822db650c68b313f (6.12-rc1)
+CVE-2024-50005 [mac802154: Fix potential RCU dereference issue in mac802154_scan_worker]
+ - linux 6.11.4-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bff1709b3980bd7f80be6786f64cc9a9ee9e56da (6.12-rc2)
+CVE-2024-50004 [drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/0d5e5e8a0aa49ea2163abf128da3b509a6c58286 (6.12-rc2)
+CVE-2024-50003 [drm/amd/display: Fix system hang while resume with TBT monitor]
+ - linux 6.11.4-1
+ NOTE: https://git.kernel.org/linus/52d4e3fb3d340447dcdac0e14ff21a764f326907 (6.12-rc2)
CVE-2024-50002 [static_call: Handle module init failure correctly in static_call_del_module()]
- linux 6.11.4-1
NOTE: https://git.kernel.org/linus/4b30051c4864234ec57290c3d142db7c88f10d8a (6.12-rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18ca567183c4ce15a30dea2c0379861f37263152
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18ca567183c4ce15a30dea2c0379861f37263152
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241021/e3d93569/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list