[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Fri Sep 13 07:20:09 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0685986c by Salvatore Bonaccorso at 2024-09-13T08:07:43+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,118 @@
+CVE-2024-46700 [drm/amdgpu/mes: fix mes ring buffer overflow]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/11752c013f562a1124088a35bd314aa0e9f0e88f (6.11-rc4)
+CVE-2024-46699 [drm/v3d: Disable preemption while updating GPU stats]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9d824c7fce58f59982228aa85b0376b113cdfa35 (6.11-rc6)
+CVE-2024-46698 [video/aperture: optionally match the device in sysfb_disable()]
+	- linux 6.10.9-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b49420d6a1aeb399e5b107fc6eb8584d0860fbd7 (6.11-rc6)
+CVE-2024-46697 [nfsd: ensure that nfsd4_fattr_args.context is zeroed out]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f58bab6fd4063913bd8321e99874b8239e9ba726 (6.11-rc6)
+CVE-2024-46696 [nfsd: fix potential UAF in nfsd4_cb_getattr_release]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1116e0e372eb16dd907ec571ce5d4af325c55c10 (6.11-rc6)
+CVE-2024-46695 [selinux,smack: don't bypass permissions check in inode_setsecctx hook]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/76a0e79bc84f466999fa501fce5bf7a07641b8a7 (6.11-rc6)
+CVE-2024-46694 [drm/amd/display: avoid using null object of framebuffer]
+	- linux 6.10.9-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3b9a33235c773c7a3768060cf1d2cf8a9153bc37 (6.11-rc6)
+CVE-2024-46693 [soc: qcom: pmic_glink: Fix race during initialization]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3568affcddd68743e25aa3ec1647d9b82797757b (6.11-rc6)
+CVE-2024-46692 [firmware: qcom: scm: Mark get_wq_ctx() as atomic call]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9960085a3a82c58d3323c1c20b991db6045063b0 (6.11-rc6)
+CVE-2024-46691 [usb: typec: ucsi: Move unregister out of atomic section]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/11bb2ffb679399f99041540cf662409905179e3a (6.11-rc6)
+CVE-2024-46690 [nfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/40927f3d0972bf86357a32a5749be71a551241b6 (6.11-rc6)
+CVE-2024-46689 [soc: qcom: cmd-db: Map shared memory as WC, not WB]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/f9bb896eab221618927ae6a2f1d566567999839d (6.11-rc6)
+CVE-2024-46688 [erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0005e01e1e875c5e27130c5e2ed0189749d1e08a (6.11-rc5)
+CVE-2024-46687 [btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/10d9d8c3512f16cad47b2ff81ec6fc4b27d8ee10 (6.11-rc6)
+CVE-2024-46686 [smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()]
+	- linux 6.10.9-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c724b2ab6a46435b4e7d58ad2fbbdb7a318823cf (6.11-rc6)
+CVE-2024-46685 [pinctrl: single: fix potential NULL dereference in pcs_get_function()]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/1c38a62f15e595346a1106025722869e87ffe044 (6.11-rc6)
+CVE-2024-46684 [binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c6a09e342f8e6d3cac7f7c5c14085236aca284b9 (6.11-rc6)
+CVE-2024-46683 [drm/xe: prevent UAF around preempt fence]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/730b72480e29f63fd644f5fa57c9d46109428953 (6.11-rc5)
+CVE-2024-46682 [nfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a204501e1743d695ca2930ed25a2be9f8ced96d3 (6.11-rc6)
+CVE-2024-46681 [pktgen: use cpus_read_lock() in pg_net_init()]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/979b581e4c69257acab1af415ddad6b2d78a2fa5 (6.11-rc6)
+CVE-2024-46680 [Bluetooth: btnxpuart: Fix random crash seen while removing driver]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/35237475384ab3622f63c3c09bdf6af6dacfe9c3 (6.11-rc6)
+CVE-2024-46679 [ethtool: check device is present when getting link settings]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/a699781c79ecf6cfe67fb00a0331b4088c7c8466 (6.11-rc6)
+CVE-2024-46678 [bonding: change ipsec_lock from spin lock to mutex]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/2aeeef906d5a526dc60cf4af92eda69836c39b1f (6.11-rc6)
+CVE-2024-46677 [gtp: fix a potential NULL pointer dereference]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda (6.11-rc6)
+CVE-2024-46676 [nfc: pn533: Add poll mod list filling check]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/febccb39255f9df35527b88c953b2e0deae50e53 (6.11-rc6)
+CVE-2024-46675 [usb: dwc3: core: Prevent USB core invalid event buffer address access]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/14e497183df28c006603cc67fd3797a537eef7b9 (6.11-rc6)
+CVE-2024-46674 [usb: dwc3: st: fix probed platform device ref count on probe error path]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/ddfcfeba891064b88bb844208b43bef2ef970f0c (6.11-rc6)
+CVE-2024-46673 [scsi: aacraid: Fix double-free on probe failure]
+	- linux 6.10.9-1
+	NOTE: https://git.kernel.org/linus/919ddf8336f0b84c0453bac583808c9f165a85c2 (6.11-rc6)
 CVE-2024-8754 (An issue has been discovered in GitLab EE/CE affecting all versions fr ...)
 	TODO: check
 CVE-2024-8750 (Cross-site Scripting (XSS) vulnerability in idoit pro version 28. This ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0685986cd5fc811b318ebb0e6a2f8a042d011436

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0685986cd5fc811b318ebb0e6a2f8a042d011436
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240913/13093bee/attachment.htm>
