[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 29 06:21:15 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
14aeda49 by Salvatore Bonaccorso at 2024-10-29T07:19:40+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,90 @@
+CVE-2024-50088 [btrfs: fix uninitialized pointer free in add_inode_ref()]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/66691c6e2f18d2aa4b22ffb624b9bdc97e9979e4 (6.12-rc4)
+CVE-2024-50087 [btrfs: fix uninitialized pointer free on read_alloc_one_name() error]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2ab5e243c2266c841e0f6904fad1514b18eaf510 (6.12-rc4)
+CVE-2024-50086 [ksmbd: fix user-after-free from session log off]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/7aa8804c0b67b3cb263a472d17f2cb50d7f1a930 (6.12-rc4)
+CVE-2024-50085 [mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7decd1f5904a489d3ccdcf131972f94645681689 (6.12-rc4)
+CVE-2024-50084 [net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/217a3d98d1e9891a8b1438a27dfbc64ddf01f691 (6.12-rc4)
+CVE-2024-50083 [tcp: fix mptcp DSS corruption due to large pmtu xmit]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/4dabcdf581217e60690467a37c956a5b8dbc6bd9 (6.12-rc3)
+CVE-2024-50082 [blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/e972b08b91ef48488bae9789f03cfedb148667fb (6.12-rc4)
+CVE-2024-50081 [blk-mq: setup queue ->tag_set before initializing hctx]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c25c0c9035bb8b28c844dfddeda7b8bdbcfcae95 (6.12-rc4)
+CVE-2024-50080 [ublk: don't allow user copy for unprivileged device]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/42aafd8b48adac1c3b20fe5892b1b91b80c1a1e6 (6.12-rc4)
+CVE-2024-50079 [io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8f7033aa4089fbaf7a33995f0f2ee6c9d7b9ca1b (6.12-rc4)
+CVE-2024-50078 [Bluetooth: Call iso_exit() on module unload]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d458cd1221e9e56da3b2cc5518ad3225caa91f20 (6.12-rc4)
+CVE-2024-50077 [Bluetooth: ISO: Fix multiple init when debugfs is disabled]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a9b7b535ba192c6b77e6c15a4c82d853163eab8c (6.12-rc4)
+CVE-2024-50076 [vt: prevent kernel-infoleak in con_font_get()]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f956052e00de211b5c9ebaa1958366c23f82ee9e (6.12-rc4)
+CVE-2024-50075 [xhci: tegra: fix checked USB2 port number]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7d381137cb6ecf558ef6698c7730ddd482d4c8f2 (6.12-rc4)
+CVE-2024-50074 [parport: Proper fix for array out-of-bounds access]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9 (6.12-rc4)
+CVE-2024-50073 [tty: n_gsm: Fix use-after-free in gsm_cleanup_mux]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/9462f4ca56e7d2430fdb6dcc8498244acbfc4489 (6.12-rc4)
+CVE-2024-50072 [x86/bugs: Use code segment selector for VERW operand]
+	- linux 6.11.5-1
+	NOTE: https://git.kernel.org/linus/e4d2102018542e3ae5e297bc6e229303abff8a0f (6.12-rc4)
+CVE-2024-50071 [pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3fd976afe9743110f20a23f93b7ff9693f2be4bf (6.12-rc4)
+CVE-2024-50070 [pinctrl: stm32: check devm_kasprintf() returned value]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b0f0e3f0552a566def55c844b0d44250c58e4df6 (6.12-rc4)
+CVE-2024-50069 [pinctrl: apple: check devm_kasprintf() returned value]
+	- linux 6.11.5-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/665a58fe663ac7a9ea618dc0b29881649324b116 (6.12-rc4)
+CVE-2024-50068 [mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()]
+	- linux 6.11.5-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2d6a1c835685de3b0c8e8dc871f60f4ef92ab01a (6.12-rc4)
 CVE-2024-9825 (The Chef Habitat builder-api on-prem-builder package with any version  ...)
 	TODO: check
 CVE-2024-9629 (The Contact Form 7 + Telegram plugin for WordPress is vulnerable to un ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14aeda494cc576ba43fda148e3dfc1b2e3d642a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14aeda494cc576ba43fda148e3dfc1b2e3d642a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241029/6ec52bde/attachment.htm>

More information about the debian-security-tracker-commits mailing list