[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Sep 13 09:03:38 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
03df33ec by Salvatore Bonaccorso at 2024-09-13T10:03:29+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2024-46712 [drm/vmwgfx: Disable coherent dumb buffers without 3d]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e9fd436bb8fb9b9d31fdf07bbcdba6d30290c5e4 (6.11-rc6)
+CVE-2024-46711 [mptcp: pm: fix ID 0 endp usage after multiple re-creations]
+	- linux 6.10.9-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9366922adc6a71378ca01f898c41be295309f044 (6.11-rc6)
+CVE-2024-46710 [drm/vmwgfx: Prevent unmapping active read buffers]
+	- linux 6.10.9-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/aba07b9a0587f50e5d3346eaa19019cf3f86c0ea (6.11-rc6)
+CVE-2024-46709 [drm/vmwgfx: Fix prime with external buffers]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/50f1199250912568606b3778dc56646c10cb7b04 (6.11-rc6)
+CVE-2024-46708 [pinctrl: qcom: x1e80100: Fix special pin offsets]
+	- linux 6.10.9-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d3692d95cc4d88114b070ee63cffc976f00f207f (6.11-rc6)
+CVE-2024-46707 [KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3]
+	- linux 6.10.7-1
+	NOTE: https://git.kernel.org/linus/3e6245ebe7ef341639e9a7e402b3ade8ad45a19f (6.11-rc5)
+CVE-2024-46706 [tty: serial: fsl_lpuart: mark last busy before uart_add_one_port]
+	- linux 6.10.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dc98d76a15bc29a9a4e76f2f65f39f3e590fb15c (6.11-rc4)
+CVE-2024-46705 [drm/xe: reset mmio mappings with devm]
+	- linux 6.10.7-1
+	NOTE: https://git.kernel.org/linus/c7117419784f612d59ee565145f722e8b5541fe6 (6.11-rc1)
+CVE-2024-46704 [workqueue: Fix spruious data race in __flush_work()]
+	- linux 6.10.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8bc35475ef1a23b0e224f3242eb11c76cab0ea88 (6.11-rc5)
+CVE-2024-46703 [Revert "serial: 8250_omap: Set the console genpd always on if no console suspend"]
+	- linux 6.10.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0863bffda1131fd2fa9c05b653ad9ee3d8db127e (6.11-rc4)
+CVE-2024-46702 [thunderbolt: Mark XDomain as unplugged when router is removed]
+	- linux 6.10.7-1
+	NOTE: https://git.kernel.org/linus/e2006140ad2e01a02ed0aff49cc2ae3ceeb11f8d (6.11-rc4)
+CVE-2024-46701 [libfs: fix infinite directory reads for offset dir]
+	- linux 6.10.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/64a7ce76fb901bf9f9c36cf5d681328fc0fd4b5a (6.11-rc4)
 CVE-2024-46700 [drm/amdgpu/mes: fix mes ring buffer overflow]
 	- linux 6.10.9-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03df33ecc4d06eb6b26e94f05c9503567e356ae6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03df33ecc4d06eb6b26e94f05c9503567e356ae6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240913/1739183f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list