diff options
| author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-03 13:47:57 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-03 13:47:57 +0200 |
| commit | 5b5d100fee69f8dfa94fcd65449a42f5e68d5d56 (patch) | |
| tree | c05f83226aa6ca1f1104c0fa72946271ba883d86 | |
| parent | 32ff2e5c6c53b1e90b0420374d7ac36d55036f19 (diff) | |
| download | vulns-5b5d100fee69f8dfa94fcd65449a42f5e68d5d56.tar.gz | |
Update the .mbox files with the new information
now that dyad is running, many git ids and information about issues are
wrong, so fix that up by updating all incorrect entries and checking in
new .mbox files.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
82 files changed, 426 insertions, 884 deletions
diff --git a/cve/published/2019/CVE-2019-25160.mbox b/cve/published/2019/CVE-2019-25160.mbox index 2353d6b8..ba97089a 100644 --- a/cve/published/2019/CVE-2019-25160.mbox +++ b/cve/published/2019/CVE-2019-25160.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2019-25160: netlabel: fix out-of-bounds memory accesses @@ -26,16 +26,16 @@ The Linux kernel CVE team has assigned CVE-2019-25160 to this issue. Affected and fixed versions =========================== - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 3.16.66 with commit 97bc3683c249 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 3.18.137 with commit c61d01faa555 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.4.177 with commit dc18101f95fa - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.9.163 with commit 1c973f9c7cc2 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.14.106 with commit fcfe700acdc1 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.19.28 with commit e3713abc4248 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.20.15 with commit fbf9578919d6 - Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 5.0 with commit 5578de4834fe + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 3.16.66 with commit 97bc3683c249 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 3.18.137 with commit c61d01faa555 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 4.4.177 with commit dc18101f95fa + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 4.9.163 with commit 1c973f9c7cc2 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 4.14.106 with commit fcfe700acdc1 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 4.19.28 with commit e3713abc4248 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 4.20.15 with commit fbf9578919d6 + Issue introduced in 2.6.19 with commit 446fda4f2682 and fixed in 5.0 with commit 5578de4834fe -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2020/CVE-2020-36776.mbox b/cve/published/2020/CVE-2020-36776.mbox index 9bd7c964..7afddc56 100644 --- a/cve/published/2020/CVE-2020-36776.mbox +++ b/cve/published/2020/CVE-2020-36776.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -49,6 +49,10 @@ Affected and fixed versions Issue introduced in 5.8 with commit 371a3bc79c11 and fixed in 5.11.20 with commit 876a5f33e5d9 Issue introduced in 5.8 with commit 371a3bc79c11 and fixed in 5.12.3 with commit 6bf443acf6ca Issue introduced in 5.8 with commit 371a3bc79c11 and fixed in 5.13 with commit 34ab17cc6c2c + Issue introduced in 4.14.189 with commit 39e0651cac9c + Issue introduced in 4.19.134 with commit febe56f21371 + Issue introduced in 5.4.53 with commit d3b7bacd1115 + Issue introduced in 5.7.8 with commit 9006b543384a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2020/CVE-2020-36787.mbox b/cve/published/2020/CVE-2020-36787.mbox index b0c38bac..08b68cd1 100644 --- a/cve/published/2020/CVE-2020-36787.mbox +++ b/cve/published/2020/CVE-2020-36787.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2020-36787: media: aspeed: fix clock handling logic -Message-Id: <2024022821-CVE-2020-36787-7efe@gregkh> -Content-Length: 3511 -Lines: 82 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3594; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=yPVH4I1RuOFHe1m3tsJRpstah+St1y2lOmcKm1c0fj0=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xse9E0/5dHjZPqN7z7d+ObLlMasgGye3Rv99wVXdF - UemaOxf0RHLwiDIxCArpsjyZRvP0f0VhxS9DG1Pw8xhZQIZwsDFKQATSdnBME/9gPC89p6HuR3X - EyTr90x9eTzZ7DXD/MoiFsn8aUsy77RWffzwRDK9Is2HEwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -58,13 +47,13 @@ The Linux kernel CVE team has assigned CVE-2020-36787 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.0 with commit d3d04f6c330a and fixed in 5.4.119 with commit 1dc1d30ac101 - Issue introduced in 5.0 with commit d3d04f6c330a and fixed in 5.10.37 with commit a59d01384c80 - Issue introduced in 5.0 with commit d3d04f6c330a and fixed in 5.11.21 with commit 2964c37563e8 - Issue introduced in 5.0 with commit d3d04f6c330a and fixed in 5.12.4 with commit 75321dc8aebe - Issue introduced in 5.0 with commit d3d04f6c330a and fixed in 5.13 with commit 3536169f8531 + Issue introduced in 5.0 with commit d2b4387f3bdf and fixed in 5.4.119 with commit 1dc1d30ac101 + Issue introduced in 5.0 with commit d2b4387f3bdf and fixed in 5.10.37 with commit a59d01384c80 + Issue introduced in 5.0 with commit d2b4387f3bdf and fixed in 5.11.21 with commit 2964c37563e8 + Issue introduced in 5.0 with commit d2b4387f3bdf and fixed in 5.12.4 with commit 75321dc8aebe + Issue introduced in 5.0 with commit d2b4387f3bdf and fixed in 5.13 with commit 3536169f8531 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46915.mbox b/cve/published/2021/CVE-2021-46915.mbox index dde33bb3..d472ede1 100644 --- a/cve/published/2021/CVE-2021-46915.mbox +++ b/cve/published/2021/CVE-2021-46915.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46915: netfilter: nft_limit: avoid possible divide error in nft_limit_init @@ -59,14 +59,14 @@ The Linux kernel CVE team has assigned CVE-2021-46915 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 4.14.232 with commit 9065ccb9ec92 - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 4.19.189 with commit fadd3c4afdf3 - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 5.4.114 with commit 01fb1626b620 - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 5.10.32 with commit dc1732baa9da - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 5.11.16 with commit 1bb3ee425993 - Issue introduced in 4.13 with commit 3e0f64b7dd31 and fixed in 5.12 with commit b895bdf5d643 + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 4.14.232 with commit 9065ccb9ec92 + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 4.19.189 with commit fadd3c4afdf3 + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 5.4.114 with commit 01fb1626b620 + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 5.10.32 with commit dc1732baa9da + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 5.11.16 with commit 1bb3ee425993 + Issue introduced in 4.13 with commit c26844eda9d4 and fixed in 5.12 with commit b895bdf5d643 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46917.mbox b/cve/published/2021/CVE-2021-46917.mbox index 52d6ac17..136c3ed2 100644 --- a/cve/published/2021/CVE-2021-46917.mbox +++ b/cve/published/2021/CVE-2021-46917.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46917: dmaengine: idxd: fix wq cleanup of WQCFG registers @@ -25,8 +25,9 @@ Affected and fixed versions Issue introduced in 5.8 with commit da32b28c95a7 and fixed in 5.10.32 with commit e5eb9757fe4c Issue introduced in 5.8 with commit da32b28c95a7 and fixed in 5.11.16 with commit f7dc8f561916 Issue introduced in 5.8 with commit da32b28c95a7 and fixed in 5.12 with commit ea9aadc06a9f + Issue introduced in 5.7.10 with commit 2a2df2bd10de -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46950.mbox b/cve/published/2021/CVE-2021-46950.mbox index 0f7212d3..db7d5c17 100644 --- a/cve/published/2021/CVE-2021-46950.mbox +++ b/cve/published/2021/CVE-2021-46950.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46950: md/raid1: properly indicate failure when ending a failed write request @@ -30,8 +30,10 @@ Affected and fixed versions Issue introduced in 5.4 with commit eeba6809d8d5 and fixed in 5.11.20 with commit 59452e551784 Issue introduced in 5.4 with commit eeba6809d8d5 and fixed in 5.12.3 with commit 538244fba59f Issue introduced in 5.4 with commit eeba6809d8d5 and fixed in 5.13 with commit 2417b9869b81 + Issue introduced in 5.2.19 with commit a1f4fcb88098 + Issue introduced in 5.3.4 with commit 344242d50f46 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46955.mbox b/cve/published/2021/CVE-2021-46955.mbox index 42afa702..b5642894 100644 --- a/cve/published/2021/CVE-2021-46955.mbox +++ b/cve/published/2021/CVE-2021-46955.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46955: openvswitch: fix stack OOB read while fragmenting IPv4 packets @@ -99,8 +99,9 @@ Affected and fixed versions Issue introduced in 4.16 with commit d52e5a7e7ca4 and fixed in 5.11.20 with commit d841d3cf5297 Issue introduced in 4.16 with commit d52e5a7e7ca4 and fixed in 5.12.3 with commit b3502b04e84a Issue introduced in 4.16 with commit d52e5a7e7ca4 and fixed in 5.13 with commit 7c0ea5930c1c + Issue introduced in 3.16.57 with commit df9ece1148e2 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46959.mbox b/cve/published/2021/CVE-2021-46959.mbox index 42e4dda3..99deb00b 100644 --- a/cve/published/2021/CVE-2021-46959.mbox +++ b/cve/published/2021/CVE-2021-46959.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46959: spi: Fix use-after-free with devm_spi_alloc_* -Message-Id: <2024022916-CVE-2021-46959-f517@gregkh> -Content-Length: 4294 -Lines: 86 -X-Developer-Signature: v=1; a=openpgp-sha256; l=4381; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=MnQY3Z3F/dQPKLyJVKEuAHjTnLLewHmaRcti9khPzQc=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkPWbdEn53+WftJf+EKlxad2IXNkuLb3Kac5w18f3mB6 - Qyey04BHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjARvQUMC2a96mZULD/eMPv0 - mb+es/suPU0/M4lhniZTWfosuSkWP1ncs2JEzmiWCx3IAwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -54,17 +43,18 @@ The Linux kernel CVE team has assigned CVE-2021-46959 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.4.248 with commit 0713aa02f20d and fixed in 4.4.271 with commit 62bb2c7f2411 - Issue introduced in 4.9.248 with commit 2be1837b1737 and fixed in 4.9.271 with commit 8bf96425c90f - Issue introduced in 4.14.212 with commit e620a73d7ca7 and fixed in 4.14.233 with commit 8e029707f50a - Issue introduced in 4.19.163 with commit c886774bf583 and fixed in 4.19.191 with commit 28a5529068c5 - Issue introduced in 5.4.80 with commit 2737549129ec and fixed in 5.4.119 with commit 001c8e83646a + Issue introduced in 4.4.248 with commit a4add022c155 and fixed in 4.4.271 with commit 62bb2c7f2411 + Issue introduced in 4.9.248 with commit 0870525cf94b and fixed in 4.9.271 with commit 8bf96425c90f + Issue introduced in 4.14.212 with commit 8c45a1c6c951 and fixed in 4.14.233 with commit 8e029707f50a + Issue introduced in 4.19.163 with commit 234b432c7b61 and fixed in 4.19.191 with commit 28a5529068c5 + Issue introduced in 5.4.80 with commit 3e04a4976add and fixed in 5.4.119 with commit 001c8e83646a Issue introduced in 5.10 with commit 5e844cc37a5c and fixed in 5.10.37 with commit c7fabe372a90 Issue introduced in 5.10 with commit 5e844cc37a5c and fixed in 5.11.21 with commit cee78aa24578 Issue introduced in 5.10 with commit 5e844cc37a5c and fixed in 5.12.4 with commit 8735248ebb91 Issue introduced in 5.10 with commit 5e844cc37a5c and fixed in 5.13 with commit 794aaf01444d + Issue introduced in 5.9.11 with commit bd1a5b230727 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46961.mbox b/cve/published/2021/CVE-2021-46961.mbox index 7b0852a8..dc0d6091 100644 --- a/cve/published/2021/CVE-2021-46961.mbox +++ b/cve/published/2021/CVE-2021-46961.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -90,11 +90,11 @@ The Linux kernel CVE team has assigned CVE-2021-46961 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.1 with commit and fixed in 5.4.118 with commit e7ea8e46e3b7 - Issue introduced in 5.1 with commit and fixed in 5.10.36 with commit 7be4db5c2b59 - Issue introduced in 5.1 with commit and fixed in 5.11.20 with commit ea817ac1014c - Issue introduced in 5.1 with commit and fixed in 5.12.3 with commit 3f72d3709f53 - Issue introduced in 5.1 with commit and fixed in 5.13 with commit a97709f563a0 + Issue introduced in 5.1 with commit 3f1f3234bc2d and fixed in 5.4.118 with commit e7ea8e46e3b7 + Issue introduced in 5.1 with commit 3f1f3234bc2d and fixed in 5.10.36 with commit 7be4db5c2b59 + Issue introduced in 5.1 with commit 3f1f3234bc2d and fixed in 5.11.20 with commit ea817ac1014c + Issue introduced in 5.1 with commit 3f1f3234bc2d and fixed in 5.12.3 with commit 3f72d3709f53 + Issue introduced in 5.1 with commit 3f1f3234bc2d and fixed in 5.13 with commit a97709f563a0 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-46963.mbox b/cve/published/2021/CVE-2021-46963.mbox index d5bcae4a..994f9ed6 100644 --- a/cve/published/2021/CVE-2021-46963.mbox +++ b/cve/published/2021/CVE-2021-46963.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46963: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() @@ -34,8 +34,9 @@ Affected and fixed versions Issue introduced in 5.5 with commit af2a0c51b120 and fixed in 5.11.20 with commit 80ef24175df2 Issue introduced in 5.5 with commit af2a0c51b120 and fixed in 5.12.3 with commit a73208e32441 Issue introduced in 5.5 with commit af2a0c51b120 and fixed in 5.13 with commit 6641df81ab79 + Issue introduced in 5.3.17 with commit 4a1cc2f71bc5 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46966.mbox b/cve/published/2021/CVE-2021-46966.mbox index c473d29e..c5e16320 100644 --- a/cve/published/2021/CVE-2021-46966.mbox +++ b/cve/published/2021/CVE-2021-46966.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46966: ACPI: custom_method: fix potential use-after-free issue @@ -35,8 +35,10 @@ Affected and fixed versions Issue introduced in 5.4 with commit 03d1571d9513 and fixed in 5.11.20 with commit f16737caf41f Issue introduced in 5.4 with commit 03d1571d9513 and fixed in 5.12.3 with commit b7a5baaae212 Issue introduced in 5.4 with commit 03d1571d9513 and fixed in 5.13 with commit e483bb9a991b + Issue introduced in 5.2.19 with commit 70424999fbf1 + Issue introduced in 5.3.4 with commit 06cd4a06eb59 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46974.mbox b/cve/published/2021/CVE-2021-46974.mbox index 1ebb837a..3aa739d0 100644 --- a/cve/published/2021/CVE-2021-46974.mbox +++ b/cve/published/2021/CVE-2021-46974.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46974: bpf: Fix masking negation logic upon negative dst register @@ -26,15 +26,16 @@ The Linux kernel CVE team has assigned CVE-2021-46974 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.14.113 with commit 12462c88e6e2 and fixed in 4.14.233 with commit 4d542ddb88fb - Issue introduced in 4.19.19 with commit eed84f94ff8d and fixed in 4.19.190 with commit 0e2dfdc74a7f + Issue introduced in 4.14.113 with commit ae03b6b1c880 and fixed in 4.14.233 with commit 4d542ddb88fb + Issue introduced in 4.19.19 with commit f92a819b4cbe and fixed in 4.19.190 with commit 0e2dfdc74a7f Issue introduced in 5.0 with commit 979d63d50c0c and fixed in 5.4.117 with commit 53e0db429b37 Issue introduced in 5.0 with commit 979d63d50c0c and fixed in 5.10.35 with commit 2cfa537674cd Issue introduced in 5.0 with commit 979d63d50c0c and fixed in 5.11.19 with commit 6eba92a4d4be Issue introduced in 5.0 with commit 979d63d50c0c and fixed in 5.12.2 with commit 7cf64d8679ca Issue introduced in 5.0 with commit 979d63d50c0c and fixed in 5.13 with commit b9b34ddbe207 + Issue introduced in 4.20.6 with commit 078da99d449f -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46981.mbox b/cve/published/2021/CVE-2021-46981.mbox index 3ba427eb..90ff87e2 100644 --- a/cve/published/2021/CVE-2021-46981.mbox +++ b/cve/published/2021/CVE-2021-46981.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46981: nbd: Fix NULL pointer in flush_workqueue -Message-Id: <2024022823-CVE-2021-46981-0fb9@gregkh> -Content-Length: 4978 -Lines: 101 -X-Developer-Signature: v=1; a=openpgp-sha256; l=5080; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=rOPGrS+JJP41gtsThK7D03HtEejkU1yTQZ03RQQVoLo=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xsdvus21ntvtWVrqXOtHvYEbY9+8nnEq2Ipzr/EJt - rIffp4TO2JZGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAic0sYFtyMUxZk3Fg5Jfy4 - tXZLIlf7hGUaUQzz9JbfEbZ8dCHBQZTh7gpfkwurZNkFAQ== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -83,8 +72,14 @@ Affected and fixed versions Issue introduced in 5.4 with commit e9e006f5fcf2 and fixed in 5.11.22 with commit b31d237796fd Issue introduced in 5.4 with commit e9e006f5fcf2 and fixed in 5.12.5 with commit 54b78ba7e96e Issue introduced in 5.4 with commit e9e006f5fcf2 and fixed in 5.13 with commit 79ebe9110fa4 - -Please see https://www.kernel.org or a full list of currently supported + Issue introduced in 4.14.149 with commit 0b584bf573ae + Issue introduced in 4.14.161 with commit d1db913b044f + Issue introduced in 4.19.79 with commit 9f0f39c92e4f + Issue introduced in 4.19.92 with commit e83a26a49356 + Issue introduced in 5.3.6 with commit 92ec11cccb7f + Issue introduced in 5.4.7 with commit b3ead320dce6 + +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46987.mbox b/cve/published/2021/CVE-2021-46987.mbox index c97e61a7..6b9a9292 100644 --- a/cve/published/2021/CVE-2021-46987.mbox +++ b/cve/published/2021/CVE-2021-46987.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -150,6 +150,7 @@ Affected and fixed versions Issue introduced in 5.9 with commit c53e9653605d and fixed in 5.11.22 with commit d5347827d0b4 Issue introduced in 5.9 with commit c53e9653605d and fixed in 5.12.5 with commit 96157707c042 Issue introduced in 5.9 with commit c53e9653605d and fixed in 5.13 with commit f9baa501b4fd + Issue introduced in 5.4.141 with commit 36af2de520cc Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-46990.mbox b/cve/published/2021/CVE-2021-46990.mbox index 4f929307..5db4ab01 100644 --- a/cve/published/2021/CVE-2021-46990.mbox +++ b/cve/published/2021/CVE-2021-46990.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46990: powerpc/64s: Fix crashes when toggling entry flush barrier -Message-Id: <2024022825-CVE-2021-46990-5ab1@gregkh> -Content-Length: 3718 -Lines: 78 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3797; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=T41TfeMJINi8zpGqQLKCXNI/HtVlzmVIYUHjOfcSvHk=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XicKtArn3hKp11mf4HV7zpa6VLG+2eGXw37NduOvK - L/vtGxXRywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEzkLgPD/DIx9rdsbnlbk6Yl - d7Q8nX3y5OW+qQzzFHWNTfSDLf5ZLsl/dMpcovEW26aDAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -56,8 +45,9 @@ Affected and fixed versions Issue introduced in 5.10 with commit f79643787e0a and fixed in 5.11.22 with commit dd0d6117052f Issue introduced in 5.10 with commit f79643787e0a and fixed in 5.12.5 with commit 5bc00fdda1e9 Issue introduced in 5.10 with commit f79643787e0a and fixed in 5.13 with commit aec86b052df6 + Issue introduced in 5.9.10 with commit e590b36718d6 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-46999.mbox b/cve/published/2021/CVE-2021-46999.mbox index 3b7ffe56..c842151b 100644 --- a/cve/published/2021/CVE-2021-46999.mbox +++ b/cve/published/2021/CVE-2021-46999.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-46999: sctp: do asoc update earlier in sctp_sf_do_dupcook_a -Message-Id: <2024022828-CVE-2021-46999-d408@gregkh> -Content-Length: 3706 -Lines: 80 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3787; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=wLQ5UbeNRo4uH60qx+RVcUbuhcdY7Rl3NsdfNvUZjkg=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xqes6BGfesM5YMmifV7xOee7DaNOcH5+/NTaMF+S0 - SWvwPdIRywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEyk4RbDXIFZD+4ybtxzYhYL - /82fK40ZMtRCjjIsuPZ2YUBo4c3uC49tV6563r/n4Lv7oQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -61,8 +50,9 @@ Affected and fixed versions Issue introduced in 5.7 with commit 145cb2f7177d and fixed in 5.11.22 with commit 61b877bad9bb Issue introduced in 5.7 with commit 145cb2f7177d and fixed in 5.12.5 with commit 0bfd913c2121 Issue introduced in 5.7 with commit 145cb2f7177d and fixed in 5.13 with commit 35b4f24415c8 + Issue introduced in 5.6.13 with commit a5ce8531ea50 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47000.mbox b/cve/published/2021/CVE-2021-47000.mbox index cf9413e4..3beb53e2 100644 --- a/cve/published/2021/CVE-2021-47000.mbox +++ b/cve/published/2021/CVE-2021-47000.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47000: ceph: fix inode leak on getattr error in __fh_to_dentry -Message-Id: <2024022828-CVE-2021-47000-981a@gregkh> -Content-Length: 2103 -Lines: 51 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2155; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=YD5w9n7fvdabjx0QHEJWSX7TXEjqrnUCYnlSJAc0/d8=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XqesjBcq6d0R/VWp/fCFI0KbZv5XrmvcvZtt9hTtK - ItJq9/P7IhlYRBkYpAVU2T5so3n6P6KQ4pehranYeawMoEMYeDiFICJfONimB8tZnfP66+J0Art - VYkHnshXP9phHsuw4Fjhe9v9622ZrCZLcdcceKmSGHKJHwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -33,8 +22,9 @@ Affected and fixed versions Issue introduced in 5.8 with commit 878dabb64117 and fixed in 5.11.22 with commit 22fa4c8288f1 Issue introduced in 5.8 with commit 878dabb64117 and fixed in 5.12.5 with commit 0a219432127d Issue introduced in 5.8 with commit 878dabb64117 and fixed in 5.13 with commit 1775c7ddacfc + Issue introduced in 5.7.6 with commit 10b7ddff50b3 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47001.mbox b/cve/published/2021/CVE-2021-47001.mbox index 99c81bae..0b352ecb 100644 --- a/cve/published/2021/CVE-2021-47001.mbox +++ b/cve/published/2021/CVE-2021-47001.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47001: xprtrdma: Fix cwnd update ordering -Message-Id: <2024022828-CVE-2021-47001-0e51@gregkh> -Content-Length: 2480 -Lines: 61 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2542; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=SUDo7mzjJOYc2hPn2Vgm5IHlEbgYJpA7y7E7LwnP1gM=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XqeYf/mTtCKnYJWv7To1gcW3PhUZRfOqfCzcrPwnP - Vv1z8qpHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjARnucM8/0PfdOIv3jpaMv8 - /Hvm/1Q2B17S92RY0B4dc0P0t3hNh+/CWUUbg9+91d86AwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -42,8 +31,9 @@ Affected and fixed versions Issue introduced in 5.5 with commit 2ae50ad68cd7 and fixed in 5.11.22 with commit 8834ecb5df22 Issue introduced in 5.5 with commit 2ae50ad68cd7 and fixed in 5.12.5 with commit 19b5fa9489b5 Issue introduced in 5.5 with commit 2ae50ad68cd7 and fixed in 5.13 with commit 35d8b10a2588 + Issue introduced in 5.4.13 with commit 3791c5982ba1 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47004.mbox b/cve/published/2021/CVE-2021-47004.mbox index cce84518..3d830760 100644 --- a/cve/published/2021/CVE-2021-47004.mbox +++ b/cve/published/2021/CVE-2021-47004.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47004: f2fs: fix to avoid touching checkpointed data in get_victim() -Message-Id: <2024022829-CVE-2021-47004-8544@gregkh> -Content-Length: 2960 -Lines: 75 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3036; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=goC9/2fOoDMnL8DKkruFxEu4j+WWLFpj9isVfcROZDs=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xqe22ObWZC0R3rytfqpVKteHX3bHX8w+ViIr/+ZRi - qbv79rgjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZiIqDjDglUzbVdYNFxdXuWl - Iz0v3Mh/m8/htwzzNNsOWKYnpu9L6XfK9joVfGKvpEs2AA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -51,12 +40,12 @@ The Linux kernel CVE team has assigned CVE-2021-47004 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.20 with commit 093749e296e2 and fixed in 5.10.38 with commit 105155a8146d - Issue introduced in 4.20 with commit 093749e296e2 and fixed in 5.11.22 with commit 1e116f87825f - Issue introduced in 4.20 with commit 093749e296e2 and fixed in 5.12.5 with commit 211372b25715 - Issue introduced in 4.20 with commit 093749e296e2 and fixed in 5.13 with commit 61461fc921b7 + Issue introduced in 4.20 with commit 4354994f097d and fixed in 5.10.38 with commit 105155a8146d + Issue introduced in 4.20 with commit 4354994f097d and fixed in 5.11.22 with commit 1e116f87825f + Issue introduced in 4.20 with commit 4354994f097d and fixed in 5.12.5 with commit 211372b25715 + Issue introduced in 4.20 with commit 4354994f097d and fixed in 5.13 with commit 61461fc921b7 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47014.mbox b/cve/published/2021/CVE-2021-47014.mbox index 8bc12464..e3989dfb 100644 --- a/cve/published/2021/CVE-2021-47014.mbox +++ b/cve/published/2021/CVE-2021-47014.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47014: net/sched: act_ct: fix wild memory access when clearing fragments -Message-Id: <2024022831-CVE-2021-47014-ffc7@gregkh> -Content-Length: 3400 -Lines: 79 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3480; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=VciFQDyXpiQPW0D2D5yjjC4k7vuqJbPCZOu2hFgEQdk=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xme4qa+f6HjadpO+eIHhG4WWtk+3uGoSn1fcSKtdK - vHx4na7jlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZhI+UqG+eEL2JUV2j5eTp3M - 8m//L8uO8olTMxjmWXDU/Ody+/s1j5N1+VLJ++le+1Z9AAA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -62,10 +51,11 @@ The Linux kernel CVE team has assigned CVE-2021-47014 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.8 with commit 7baf2429a1a9 and fixed in 5.12.4 with commit 0648941f4c8b - Issue introduced in 5.8 with commit 7baf2429a1a9 and fixed in 5.13 with commit f77bd544a6bb + Issue introduced in 5.8 with commit ae372cb1750f and fixed in 5.12.4 with commit 0648941f4c8b + Issue introduced in 5.8 with commit ae372cb1750f and fixed in 5.13 with commit f77bd544a6bb + Issue introduced in 5.7.12 with commit fbff97eb6f4a -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47015.mbox b/cve/published/2021/CVE-2021-47015.mbox index 97ce0e9e..4e2f1436 100644 --- a/cve/published/2021/CVE-2021-47015.mbox +++ b/cve/published/2021/CVE-2021-47015.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47015: bnxt_en: Fix RX consumer index logic in the error path. -Message-Id: <2024022832-CVE-2021-47015-c2ae@gregkh> -Content-Length: 3741 -Lines: 79 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3821; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=xSDw3DtoIOEQPYND0gXufDMX0+2J1V8sR74y059P5sI=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xmf81vdeZjbfLPHc+n2ns7Y6OArcspx4R7RpV9C7K - 3f9bxfZd8SyMAgyMciKKbJ82cZzdH/FIUUvQ9vTMHNYmUCGMHBxCsBElv1nmO+2qu5rfQODZ7ai - 562lskVvvSZWOjIsONLzM3TK17McPj3X9WR2G5XtvSqzBwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -61,8 +50,12 @@ Affected and fixed versions Issue introduced in 5.1 with commit a1b0e4e684e9 and fixed in 5.11.21 with commit e187ef83c04a Issue introduced in 5.1 with commit a1b0e4e684e9 and fixed in 5.12.4 with commit 3fbc5bc651d6 Issue introduced in 5.1 with commit a1b0e4e684e9 and fixed in 5.13 with commit bbd6f0a94813 + Issue introduced in 4.9.169 with commit 8e302e8e10b0 + Issue introduced in 4.14.112 with commit 46281ee85b65 + Issue introduced in 4.19.35 with commit d2d055a55403 + Issue introduced in 5.0.8 with commit aecbbae850ed -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47016.mbox b/cve/published/2021/CVE-2021-47016.mbox index d785e98b..b4918933 100644 --- a/cve/published/2021/CVE-2021-47016.mbox +++ b/cve/published/2021/CVE-2021-47016.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47016: m68k: mvme147,mvme16x: Don't wipe PCC timer config bits -Message-Id: <2024022919-CVE-2021-47016-320d@gregkh> -Content-Length: 2529 -Lines: 61 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2591; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=O2eAOwNMLlxoF/hAA/Di9janSfhtjXmTQs5jUD+HUCQ=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkPWbczlYqqf/rXE3hpmXSp8Eum9AOWF7+uUy08H5D1r - ajv1TfbjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZjI11UMc6WfV8+cINYgJFn5 - Tde+Vfr/6lLdUIb5QVdEfpr8zA7wdz16U/N3pO6yVplYAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -36,13 +25,13 @@ The Linux kernel CVE team has assigned CVE-2021-47016 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.2 with commit 19999a8b8782 and fixed in 5.4.119 with commit f6a90818a320 - Issue introduced in 5.2 with commit 19999a8b8782 and fixed in 5.10.37 with commit 1dfb26df15fc - Issue introduced in 5.2 with commit 19999a8b8782 and fixed in 5.11.21 with commit 73fdeb612d25 - Issue introduced in 5.2 with commit 19999a8b8782 and fixed in 5.12.4 with commit 5d3422516934 - Issue introduced in 5.2 with commit 19999a8b8782 and fixed in 5.13 with commit 43262178c043 + Issue introduced in 5.2 with commit 7529b90d051e and fixed in 5.4.119 with commit f6a90818a320 + Issue introduced in 5.2 with commit 7529b90d051e and fixed in 5.10.37 with commit 1dfb26df15fc + Issue introduced in 5.2 with commit 7529b90d051e and fixed in 5.11.21 with commit 73fdeb612d25 + Issue introduced in 5.2 with commit 7529b90d051e and fixed in 5.12.4 with commit 5d3422516934 + Issue introduced in 5.2 with commit 7529b90d051e and fixed in 5.13 with commit 43262178c043 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47024.mbox b/cve/published/2021/CVE-2021-47024.mbox index c5ef5fad..3a09425e 100644 --- a/cve/published/2021/CVE-2021-47024.mbox +++ b/cve/published/2021/CVE-2021-47024.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47024: vsock/virtio: free queued packets when closing socket -Message-Id: <2024022833-CVE-2021-47024-c116@gregkh> -Content-Length: 2480 -Lines: 61 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2542; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=OfVxLmPg6cNP4kqz5l2U9m0Z+ymBi7A6EmtJdEv4/5I=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XmcxnIqtPT+nMa5m8+VZsjdCT2yx5vx0c4/t5CbhF - 2rflILndsSyMAgyMciKKbJ82cZzdH/FIUUvQ9vTMHNYmcCGcHEKwERuTmOYK7BE6q+DW+TkcHkB - ixUf76qaadQ/ZVhwYd4sjVm/m6x2Hv0e5ZV9Zush/b2/AQ== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -44,8 +33,13 @@ Affected and fixed versions Issue introduced in 5.2 with commit ac03046ece2b and fixed in 5.11.21 with commit 27691665145e Issue introduced in 5.2 with commit ac03046ece2b and fixed in 5.12.4 with commit 37c38674ef2f Issue introduced in 5.2 with commit ac03046ece2b and fixed in 5.13 with commit 8432b8114957 + Issue introduced in 4.9.179 with commit 4ea082cd3c40 + Issue introduced in 4.14.122 with commit 4e539fa2dec4 + Issue introduced in 4.19.46 with commit 4af8a327aeba + Issue introduced in 5.0.19 with commit 51adb8ebe8c1 + Issue introduced in 5.1.5 with commit 7d29c9ad0ed5 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47028.mbox b/cve/published/2021/CVE-2021-47028.mbox index a3e733e3..01071094 100644 --- a/cve/published/2021/CVE-2021-47028.mbox +++ b/cve/published/2021/CVE-2021-47028.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47028: mt76: mt7915: fix txrate reporting -Message-Id: <2024022834-CVE-2021-47028-3a13@gregkh> -Content-Length: 2509 -Lines: 64 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2574; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=U9hYGhi7ev3DWhn4Zezasf7SriGgGWWs0dewy8GCp/s=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XmcbbgpW1Ah1u7Gux6jYb1nXLMEvp6U0l1l8tV4rx - q6wxW11RywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEykeSvDPNM/u5TnlsZvayw6 - UNprWfmVTc08j2E2S5nB9JRFsVezg6MypDRF6zcUrOgFAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -45,11 +34,11 @@ The Linux kernel CVE team has assigned CVE-2021-47028 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.8 with commit e4c5ead632ff and fixed in 5.11.21 with commit dfc8a71448c7 - Issue introduced in 5.8 with commit e4c5ead632ff and fixed in 5.12.4 with commit 4bd926e5ca88 - Issue introduced in 5.8 with commit e4c5ead632ff and fixed in 5.13 with commit f43b941fd610 + Issue introduced in 5.8 with commit e57b7901469f and fixed in 5.11.21 with commit dfc8a71448c7 + Issue introduced in 5.8 with commit e57b7901469f and fixed in 5.12.4 with commit 4bd926e5ca88 + Issue introduced in 5.8 with commit e57b7901469f and fixed in 5.13 with commit f43b941fd610 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47036.mbox b/cve/published/2021/CVE-2021-47036.mbox index 9d1a3e99..2b59dbe7 100644 --- a/cve/published/2021/CVE-2021-47036.mbox +++ b/cve/published/2021/CVE-2021-47036.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47036: udp: skip L4 aggregation for UDP tunnel packets -Message-Id: <2024022837-CVE-2021-47036-cd49@gregkh> -Content-Length: 2715 -Lines: 71 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2787; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=/K0bzpOcLnWz1n1iFIrZKyhbulJQgGsZlp8Po5Oo6n4=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3XucW3zkUWdgayPhm2rWWZEYv6fdyZw56n8rZ73J04 - /+gnbdLOmJYGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAiP9cwzDjr4nJojhK/o7YU - UytvxK17M6r2MSxYF2SmHHh00/femT4CJ460LXLWfrIAAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -54,10 +43,10 @@ The Linux kernel CVE team has assigned CVE-2021-47036 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.6 with commit 36707061d6ba and fixed in 5.12.4 with commit 450687386cd1 - Issue introduced in 5.6 with commit 36707061d6ba and fixed in 5.13 with commit 18f25dc39990 + Issue introduced in 5.6 with commit 9fd1ff5d2ac7 and fixed in 5.12.4 with commit 450687386cd1 + Issue introduced in 5.6 with commit 9fd1ff5d2ac7 and fixed in 5.13 with commit 18f25dc39990 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47049.mbox b/cve/published/2021/CVE-2021-47049.mbox index da4762da..c5df4268 100644 --- a/cve/published/2021/CVE-2021-47049.mbox +++ b/cve/published/2021/CVE-2021-47049.mbox @@ -1,19 +1,8 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47049: Drivers: hv: vmbus: Use after free in __vmbus_open() -Message-Id: <2024022840-CVE-2021-47049-5cc6@gregkh> -Content-Length: 2174 -Lines: 54 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2229; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=IFWrEa3OTYY59UEvazFSJlZhzJd2PGVgwE8wK6g4nOU=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKn3Xhdc8ZCezCOuf+qD2+GQbV9D2DRLbz36u1j7l/IPo - /rb7nc2dMSyMAgyMciKKbJ82cZzdH/FIUUvQ9vTMHNYmUCGMHBxCsBESrcxzJU7XXtnksLJ7tyd - Egq6/knsTJ/29TMsOPgwkfXi5lUbU5rPCmzyaxTKn3ZkIQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -37,8 +26,9 @@ Affected and fixed versions Issue introduced in 4.14 with commit 6f3d791f3006 and fixed in 5.11.21 with commit f37dd5d1b5d3 Issue introduced in 4.14 with commit 6f3d791f3006 and fixed in 5.12.4 with commit 2728f289b327 Issue introduced in 4.14 with commit 6f3d791f3006 and fixed in 5.13 with commit 3e9bf43f7f7a + Issue introduced in 4.13.9 with commit 6b32d45bd599 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47055.mbox b/cve/published/2021/CVE-2021-47055.mbox index 4702bbdf..73d5b785 100644 --- a/cve/published/2021/CVE-2021-47055.mbox +++ b/cve/published/2021/CVE-2021-47055.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47055: mtd: require write permissions for locking and badblock ioctls -Message-Id: <2024022950-CVE-2021-47055-6927@gregkh> -Content-Length: 3091 -Lines: 66 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3158; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=vbteWGibCRja0U0IaaL4f2XA6sJUIMOCSibR+GgvNVA=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkP2e02Fe+bNNv2psa5VIE2M3Y+/RdpTx9t3jnpQucUm - /0bFkxv7IhlYRBkYpAVU2T5so3n6P6KQ4pehranYeawMoEMYeDiFICJ3L7IMD9ye6bc7ZePE0vi - nuhW2nZNOyIySY9hQevdiocurbrui7kX1ai5t9p+bbJSBwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -44,8 +33,10 @@ Affected and fixed versions Issue introduced in 5.9 with commit f7e6b19bc764 and fixed in 5.11.21 with commit 077259f5e777 Issue introduced in 5.9 with commit f7e6b19bc764 and fixed in 5.12.4 with commit a08799d3e8c8 Issue introduced in 5.9 with commit f7e6b19bc764 and fixed in 5.13 with commit 1e97743fd180 + Issue introduced in 5.7.15 with commit 36a8b2f49235 + Issue introduced in 5.8.1 with commit eb3d82abc335 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47058.mbox b/cve/published/2021/CVE-2021-47058.mbox index e90441d9..92840aab 100644 --- a/cve/published/2021/CVE-2021-47058.mbox +++ b/cve/published/2021/CVE-2021-47058.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47058: regmap: set debugfs_name to NULL after it is freed -Message-Id: <2024022951-CVE-2021-47058-3130@gregkh> -Content-Length: 2760 -Lines: 65 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2826; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=KlvjHfxTC+7D4JC6+lh45kLpWubkPS2mfmHcbjOL0NI=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkP2e29ur84ye8rNv7jMuvilUbB42Zn35+NPOPKFidXo - ZhbuZClI5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACZyfTfD/NSGg6tVZFOfcP/e - cXj+3Z0Sr0NzuxnmiggI8JrMstFi+St05mnkTjZ15QvlAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -40,14 +29,14 @@ The Linux kernel CVE team has assigned CVE-2021-47058 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.19.168 with commit 1b8dd2d64ea9 and fixed in 4.19.191 with commit 2dc1554d5f0f - Issue introduced in 5.4.90 with commit 6f484096196b and fixed in 5.4.119 with commit d8897f7b2283 - Issue introduced in 5.10.8 with commit 75e5e51acf59 and fixed in 5.10.37 with commit eb949f891226 + Issue introduced in 4.19.168 with commit 5b654b030079 and fixed in 4.19.191 with commit 2dc1554d5f0f + Issue introduced in 5.4.90 with commit 480c5e9c7e4c and fixed in 5.4.119 with commit d8897f7b2283 + Issue introduced in 5.10.8 with commit c9698380b01a and fixed in 5.10.37 with commit eb949f891226 Issue introduced in 5.11 with commit cffa4b2122f5 and fixed in 5.11.21 with commit c764e375ae64 Issue introduced in 5.11 with commit cffa4b2122f5 and fixed in 5.12.4 with commit b9e569ae1da3 Issue introduced in 5.11 with commit cffa4b2122f5 and fixed in 5.13 with commit e41a962f82e7 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47060.mbox b/cve/published/2021/CVE-2021-47060.mbox index 6bfe0bca..2f416b18 100644 --- a/cve/published/2021/CVE-2021-47060.mbox +++ b/cve/published/2021/CVE-2021-47060.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47060: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed -Message-Id: <2024022952-CVE-2021-47060-d2ce@gregkh> -Content-Length: 2878 -Lines: 66 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2945; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=KL//hVjqzJUDmhEk7bin1FYnk9ZLeeLwinQ4/LxMEeI=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkP2R1k3n3bbqD5dDGr+Cq/I2HaJS7tpZ6zHhR/vfq1J - e/yU+6IjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZhI+BeG+Q7FsvefS3VIcRb5 - KxnsYvu/qcRHj2GuIJNAepzYrP21RzX3G/FUvJFcteYeAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -46,8 +35,13 @@ Affected and fixed versions Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.11.21 with commit 168e82f640ed Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.12.4 with commit 50cbad42bfea Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.13 with commit 5d3c4c79384a + Issue introduced in 4.4.238 with commit f0dfffce3f4f + Issue introduced in 4.9.238 with commit 840e124f89a5 + Issue introduced in 4.14.200 with commit 40a023f681be + Issue introduced in 4.19.148 with commit 19184bd06f48 + Issue introduced in 5.8.10 with commit 68c125324b5e -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47061.mbox b/cve/published/2021/CVE-2021-47061.mbox index 5f36b48d..f1dcfb3d 100644 --- a/cve/published/2021/CVE-2021-47061.mbox +++ b/cve/published/2021/CVE-2021-47061.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47061: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU -Message-Id: <2024022952-CVE-2021-47061-6fea@gregkh> -Content-Length: 2277 -Lines: 55 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2333; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=CEdVu1sigzQ+fGXxGsu8YU7WS9IGpOn4YwImNUINuaQ=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKkP2R2tz+marJ/5uU3t1+8Nm8Vz739UqFRi0xCceuCOs - cvWHelHOmJZGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAirr8Y5hdKbhEw+6F7/Vlb - WOrTCTpifnY70hkW9DR8vrr7vPvRco3XZQf33XqoNFlGFAA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -38,8 +27,14 @@ Affected and fixed versions Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.11.21 with commit 4e899ca84863 Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.12.4 with commit 30f46c699373 Issue introduced in 5.9 with commit f65886606c2d and fixed in 5.13 with commit 2ee3757424be - -Please see https://www.kernel.org or a full list of currently supported + Issue introduced in 4.4.238 with commit f0dfffce3f4f + Issue introduced in 4.9.238 with commit 840e124f89a5 + Issue introduced in 4.14.200 with commit 40a023f681be + Issue introduced in 4.19.148 with commit 19184bd06f48 + Issue introduced in 5.4.66 with commit 41b2ea7a6a11 + Issue introduced in 5.8.10 with commit 68c125324b5e + +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47087.mbox b/cve/published/2021/CVE-2021-47087.mbox index 99c1c391..032ed1a7 100644 --- a/cve/published/2021/CVE-2021-47087.mbox +++ b/cve/published/2021/CVE-2021-47087.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47087: tee: optee: Fix incorrect page free bug -Message-Id: <2024030413-CVE-2021-47087-4132@gregkh> -Content-Length: 2194 -Lines: 54 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2249; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=jEn480WJwg/UPuPyCwRXqP87MLEo5/+vBLxEZKlHTzk=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnP+A5uCWxYf6PD+/nrjqYLLm5uT05urfrAaXXCS9VBb - MvZevOHHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjCRGbYM8xT52adN51/HmTbz - 1oRd8R9ffeUwFGSYK7tgJbMxz+PwtxFKyby8BjpTC/mfAAA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -37,8 +26,9 @@ Affected and fixed versions Issue introduced in 5.10.58 with commit 1340dc3fb75e and fixed in 5.10.89 with commit ad338d825e3f Issue introduced in 5.14 with commit ec185dd3ab25 and fixed in 5.15.12 with commit 91e94e42f6fc Issue introduced in 5.14 with commit ec185dd3ab25 and fixed in 5.16 with commit 18549bf4b21c + Issue introduced in 5.13.10 with commit 255e17923b22 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47094.mbox b/cve/published/2021/CVE-2021-47094.mbox index f70ca84a..b7a7805f 100644 --- a/cve/published/2021/CVE-2021-47094.mbox +++ b/cve/published/2021/CVE-2021-47094.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47094: KVM: x86/mmu: Don't advance iterator after restart due to yielding -Message-Id: <2024030414-CVE-2021-47094-8cc7@gregkh> -Content-Length: 5832 -Lines: 139 -X-Developer-Signature: v=1; a=openpgp-sha256; l=5972; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=Zt6jGdO30SQyL/GaGbK/DQKLcHnh968UaGhTnDCInis=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnP+A7V17+XmfSc5ejaH+5Nz1YWKXvGpdazOd/3f6/7O - aLu4slfHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjCRJ1cZ5tdvOqgtWstbwlb2 - vNO0s0tYViJjN8M8C83N/HU7+A/3/rjyRXM+97zt0+fxAgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -120,10 +109,11 @@ The Linux kernel CVE team has assigned CVE-2021-47094 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.10 with commit 1af4a96025b3 and fixed in 5.15.12 with commit d884eefd75cc - Issue introduced in 5.10 with commit 1af4a96025b3 and fixed in 5.16 with commit 3a0f64de479c + Issue introduced in 5.10 with commit faaf05b00aec and fixed in 5.15.12 with commit d884eefd75cc + Issue introduced in 5.10 with commit faaf05b00aec and fixed in 5.16 with commit 3a0f64de479c + Issue introduced in 5.10.30 with commit 3c7a18440638 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47096.mbox b/cve/published/2021/CVE-2021-47096.mbox index faf69874..0aa1a170 100644 --- a/cve/published/2021/CVE-2021-47096.mbox +++ b/cve/published/2021/CVE-2021-47096.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47096: ALSA: rawmidi - fix the uninitalized user_pversion -Message-Id: <2024030415-CVE-2021-47096-40c7@gregkh> -Content-Length: 1910 -Lines: 54 -X-Developer-Signature: v=1; a=openpgp-sha256; l=1965; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=Jkn0t4rkf7g4iqsgrt+OuKfGAgL6Id8khC/a/BTlsn8=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnP+A4bPPywlfOBnbL0nn/7YvIvXpGW/SgQFe/7JWdn5 - d0zYtbCHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjCRFxoM88MVdgioFszbl5p0 - dV1b6ZKdmTFHxBgWrA0SmDTTwvP/NUfJzevXJ0Wd/OpaDQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -39,8 +28,9 @@ Affected and fixed versions Issue introduced in 5.15 with commit 09d23174402d and fixed in 5.15.12 with commit b398fcbe4de1 Issue introduced in 5.15 with commit 09d23174402d and fixed in 5.16 with commit 39a8fc4971a0 + Issue introduced in 5.14.10 with commit 12d508014972 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47104.mbox b/cve/published/2021/CVE-2021-47104.mbox index ea0080f8..b482cd2f 100644 --- a/cve/published/2021/CVE-2021-47104.mbox +++ b/cve/published/2021/CVE-2021-47104.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47104: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() -Message-Id: <2024030444-CVE-2021-47104-bedc@gregkh> -Content-Length: 2806 -Lines: 62 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2869; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=leIla4bEr34iV8Jk6Ya5zNQTjtQ3PpYwJ3rxlK6uW1k=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnPBDzcP77Me213WfnOurXeyVsfzHGevsN96R2eFjb7B - GmxW2uXdMSyMAgyMciKKbJ82cZzdH/FIUUvQ9vTMHNYmUCGMHBxCsBEJnoxLJhc3Vf07t7iRVy/ - fiy1jXAvXFKZs5Bhnm3tn5CVy0xa1DakM/hVN+6WlNqdBQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -41,8 +30,9 @@ Affected and fixed versions Issue introduced in 5.10.77 with commit c3e17e58f571 and fixed in 5.10.89 with commit 7cf6466e00a7 Issue introduced in 5.15 with commit d39bf40e55e6 and fixed in 5.15.12 with commit aefcc25f3a0c Issue introduced in 5.15 with commit d39bf40e55e6 and fixed in 5.16 with commit bee90911e013 + Issue introduced in 5.14.16 with commit 0d4395477741 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47108.mbox b/cve/published/2021/CVE-2021-47108.mbox index 910c3d1e..e2adda2b 100644 --- a/cve/published/2021/CVE-2021-47108.mbox +++ b/cve/published/2021/CVE-2021-47108.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47108: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf -Message-Id: <2024030445-CVE-2021-47108-252a@gregkh> -Content-Length: 2366 -Lines: 62 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2429; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=lhzDW8MYLB55c0r9CGt1YHAjDJ2cjVGKByn3Bvr2U14=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnPBDyP8F4tONRz56zt/lstHdejC7RTL/OYZLF6FfTrR - a+drfSwI5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACZi28EwT/WJN1dvgU7MhZPa - tc5pdebzNx1MYViw9Ymq7pruUxZiDufNmXdtX5F39pMyAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -45,10 +34,10 @@ The Linux kernel CVE team has assigned CVE-2021-47108 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.14 with commit c91026a938c2 and fixed in 5.15.12 with commit 71d07ebc5000 - Issue introduced in 5.14 with commit c91026a938c2 and fixed in 5.16 with commit 3b8e19a0aa39 + Issue introduced in 5.14 with commit 41ca9caaae0b and fixed in 5.15.12 with commit 71d07ebc5000 + Issue introduced in 5.14 with commit 41ca9caaae0b and fixed in 5.16 with commit 3b8e19a0aa39 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47124.mbox b/cve/published/2021/CVE-2021-47124.mbox index e822af26..89d073b2 100644 --- a/cve/published/2021/CVE-2021-47124.mbox +++ b/cve/published/2021/CVE-2021-47124.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -41,6 +41,7 @@ Affected and fixed versions Issue introduced in 5.12 with commit 9ae1f8dd372e and fixed in 5.12.10 with commit 876808dba2ff Issue introduced in 5.12 with commit 9ae1f8dd372e and fixed in 5.12.19 with commit ff4a96ba5c8f Issue introduced in 5.12 with commit 9ae1f8dd372e and fixed in 5.13 with commit a298232ee6b9 + Issue introduced in 5.11.6 with commit 567c81912cec Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-47126.mbox b/cve/published/2021/CVE-2021-47126.mbox index 428aa178..26fba741 100644 --- a/cve/published/2021/CVE-2021-47126.mbox +++ b/cve/published/2021/CVE-2021-47126.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -196,10 +196,10 @@ The Linux kernel CVE team has assigned CVE-2021-47126 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.3 with commit 706ec9191646 and fixed in 5.4.125 with commit 7ba7fa78a92d - Issue introduced in 5.3 with commit 706ec9191646 and fixed in 5.10.43 with commit 098702358274 - Issue introduced in 5.3 with commit 706ec9191646 and fixed in 5.12.10 with commit 0a462e25ef0f - Issue introduced in 5.3 with commit 706ec9191646 and fixed in 5.13 with commit 821bbf79fe46 + Issue introduced in 5.3 with commit f88d8ea67fbd and fixed in 5.4.125 with commit 7ba7fa78a92d + Issue introduced in 5.3 with commit f88d8ea67fbd and fixed in 5.10.43 with commit 098702358274 + Issue introduced in 5.3 with commit f88d8ea67fbd and fixed in 5.12.10 with commit 0a462e25ef0f + Issue introduced in 5.3 with commit f88d8ea67fbd and fixed in 5.13 with commit 821bbf79fe46 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-47132.mbox b/cve/published/2021/CVE-2021-47132.mbox index 689478dd..8154bb04 100644 --- a/cve/published/2021/CVE-2021-47132.mbox +++ b/cve/published/2021/CVE-2021-47132.mbox @@ -1,19 +1,8 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47132: mptcp: fix sk_forward_memory corruption on retransmission -Message-Id: <2024031514-CVE-2021-47132-80b2@gregkh> -Content-Length: 2136 -Lines: 61 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2198; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=mSXBYHLU7qzLQYeGSf6Vg9CdpkQbW05Eu99VmEtdjq0=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKlf1gTF2z3nftW1oCGhbeProyunnRO5yLHIseVBVkvMf - T8hg28FHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjARA0WGuYKsmpEhC/6zysq2 - WF42OMi9uOGyCcP8RCHbe/eOZvMUPv8QyfvVwnmX0NwaAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -46,8 +35,9 @@ Affected and fixed versions Issue introduced in 5.12 with commit 64b9cea7a0af and fixed in 5.12.10 with commit b9c78b1a9596 Issue introduced in 5.12 with commit 64b9cea7a0af and fixed in 5.13 with commit b5941f066b4c + Issue introduced in 5.11.4 with commit 96db8ffef075 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2021/CVE-2021-47136.mbox b/cve/published/2021/CVE-2021-47136.mbox index 945d615b..933adfe9 100644 --- a/cve/published/2021/CVE-2021-47136.mbox +++ b/cve/published/2021/CVE-2021-47136.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47136: net: zero-initialize tc skb extension on allocation -Message-Id: <2024032553-CVE-2021-47136-407d@gregkh> -Content-Length: 6783 -Lines: 139 -X-Developer-Signature: v=1; a=openpgp-sha256; l=6923; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=KDzzl2ga59kGSf9VccHxu84O9Qq30KTkh3yr5MsGMcs=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGmMdi/vVf5md30u/PPLkhsKtn7Jhwsceu9HGMaduF+7s - H1rbUtvRywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEyEYzPDHL5Z529s88o7H/Bk - ksnEO/aHTusY1jPMjyhb/DtvZd3bVwX9z/52lH2/xT75OwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -117,9 +106,10 @@ The Linux kernel CVE team has assigned CVE-2021-47136 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.9 with commit d29334c15d33 and fixed in 5.10.42 with commit ac493452e937 - Issue introduced in 5.9 with commit d29334c15d33 and fixed in 5.12.9 with commit 86ab133b695e - Issue introduced in 5.9 with commit d29334c15d33 and fixed in 5.13 with commit 9453d45ecb6c + Issue introduced in 5.9 with commit 038ebb1a713d and fixed in 5.10.42 with commit ac493452e937 + Issue introduced in 5.9 with commit 038ebb1a713d and fixed in 5.12.9 with commit 86ab133b695e + Issue introduced in 5.9 with commit 038ebb1a713d and fixed in 5.13 with commit 9453d45ecb6c + Issue introduced in 5.7.15 with commit 7154bda4cfc1 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-47162.mbox b/cve/published/2021/CVE-2021-47162.mbox index 0a78e137..6dc15ce4 100644 --- a/cve/published/2021/CVE-2021-47162.mbox +++ b/cve/published/2021/CVE-2021-47162.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47162: tipc: skb_linearize the head skb when reassembling msgs -Message-Id: <2024032534-CVE-2021-47162-01da@gregkh> -Content-Length: 4544 -Lines: 110 -X-Developer-Signature: v=1; a=openpgp-sha256; l=4655; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=tATufNcqLgJFZgH472b2flQonR3o/kl3CH9mCGQXetg=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGmMDp/YZa7ObJrc5sk/YY2+tX9+ycGZ/3pifvI66MmaZ - P/eWiHWEcvCIMjEICumyPJlG8/R/RWHFL0MbU/DzGFlAhnCwMUpABP5IsKw4EKQ6VzXgFu/ZzQx - BbRnr+Ov/7cwlGEO75Knhf+2r7ATn3z0b57BzUmcLWYNAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -89,6 +78,8 @@ Affected and fixed versions Issue introduced in 4.3 with commit 45c8b7b175ce and fixed in 5.10.42 with commit 6da24cfc83ba Issue introduced in 4.3 with commit 45c8b7b175ce and fixed in 5.12.9 with commit ace300eecbcc Issue introduced in 4.3 with commit 45c8b7b175ce and fixed in 5.13 with commit b7df21cf1b79 + Issue introduced in 4.1.14 with commit d45ed6c1ff20 + Issue introduced in 4.2.7 with commit c19282fd54a1 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-47165.mbox b/cve/published/2021/CVE-2021-47165.mbox index 9c6dd05a..01c3f116 100644 --- a/cve/published/2021/CVE-2021-47165.mbox +++ b/cve/published/2021/CVE-2021-47165.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47165: drm/meson: fix shutdown crash when component not probed -Message-Id: <2024032535-CVE-2021-47165-95d9@gregkh> -Content-Length: 2913 -Lines: 73 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2987; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=v7PRApWrCmEa5Qt7DRUzT/yGkhyBevvmXaRk77RvvLg=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGmMDp8NGY+e2ZxY4MUtf4rrzk631nMZqrs97MuYExruT - +FgWrW2I5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACayzY9hnqnM0Vktr2b2KD54 - NCuu7lpEqcOClQwLtmT8U/ryVsLwtkibnExFu/Os2j8fAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -54,6 +43,7 @@ Affected and fixed versions Issue introduced in 5.10.24 with commit d4ec1ffbdaa8 and fixed in 5.10.42 with commit d66083c0d6f5 Issue introduced in 5.12 with commit fa0c16caf3d7 and fixed in 5.12.9 with commit b4b91033a0b1 Issue introduced in 5.12 with commit fa0c16caf3d7 and fixed in 5.13 with commit 7cfc4ea78fc1 + Issue introduced in 5.11.7 with commit cef14d5d92f1 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2021/CVE-2021-47179.mbox b/cve/published/2021/CVE-2021-47179.mbox index a1a32cf8..c0a66a21 100644 --- a/cve/published/2021/CVE-2021-47179.mbox +++ b/cve/published/2021/CVE-2021-47179.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2021-47179: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() -Message-Id: <2024032538-CVE-2021-47179-d9c2@gregkh> -Content-Length: 2705 -Lines: 62 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2768; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=hjbfMFZcKX+ugIuNvzdpGQmgdPa2FsIDJKsmN7Dgfy4=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGmMDt+evl2ylOdcICury4YtNWbCO1peKrAy+Ta/VS1I/ - Sqt/rukI5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACaiVckwP69AKeqyw+vo8M/J - 15nNllz1fH5yAsM8A80vXV91J/QrqP2XbNIq50/W5QsFAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -43,6 +32,7 @@ Affected and fixed versions Issue introduced in 5.4.118 with commit 6be0e4b59314 and fixed in 5.4.124 with commit aba3c7795f51 Issue introduced in 5.10.36 with commit 2fafe7d5047f and fixed in 5.10.42 with commit f9890652185b Issue introduced in 5.12.3 with commit 7e65ea887d0c and fixed in 5.12.9 with commit b090d110e666 + Issue introduced in 5.11.20 with commit 96260bde1ea8 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. @@ -77,3 +67,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/aba3c7795f51717ae316f3566442dee7cc3eeccb https://git.kernel.org/stable/c/f9890652185b72b8de9ebeb4406037640b6e1b53 https://git.kernel.org/stable/c/b090d110e66636bca473fd8b98d5c97b555a965a + https://git.kernel.org/stable/c/a421d218603ffa822a0b8045055c03eae394a7eb diff --git a/cve/published/2022/CVE-2022-48630.mbox b/cve/published/2022/CVE-2022-48630.mbox index ad1c4fa8..4cfed2bc 100644 --- a/cve/published/2022/CVE-2022-48630.mbox +++ b/cve/published/2022/CVE-2022-48630.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2022-48630: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ -Message-Id: <2024030516-CVE-2022-48630-ae00@gregkh> -Content-Length: 2760 -Lines: 64 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2825; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=xbPPJQM+YhKDxNo8cYS3OR6oK9EQszMYeaENZRIk4Aw=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKnP/lckhSyueTnj690bhRubXL+8X/Fy37Hps6oLHltUX - ud/prsgoiOWhUGQiUFWTJHlyzaeo/srDil6GdqehpnDygQyhIGLUwAmwunLME+9WXErz/8YiVa7 - nEwd7et6rktyjRlmszm+WtnaEa35vSj7wXRNY0OFJxwyAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -45,8 +34,9 @@ Affected and fixed versions Issue introduced in 5.15.31 with commit ab9337c7cb6f and fixed in 5.15.42 with commit 8a06f25f5941 Issue introduced in 5.17 with commit a680b1832ced and fixed in 5.17.10 with commit 05d4d17475d8 Issue introduced in 5.17 with commit a680b1832ced and fixed in 5.18 with commit 16287397ec5c + Issue introduced in 5.16.17 with commit 485995cbc98a -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52433.mbox b/cve/published/2023/CVE-2023-52433.mbox index 217477eb..21ec545c 100644 --- a/cve/published/2023/CVE-2023-52433.mbox +++ b/cve/published/2023/CVE-2023-52433.mbox @@ -1,5 +1,5 @@ -From bippy-c298863b1525 Mon Sep 17 00:00:00 2001 -From: gregkh@kernel.org +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52433: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction @@ -24,8 +24,9 @@ Affected and fixed versions Issue introduced in 6.5 with commit f6c383b8c31a and fixed in 6.5.4 with commit e3213ff99a35 Issue introduced in 6.5 with commit f6c383b8c31a and fixed in 6.6 with commit 2ee52ae94baa + Issue introduced in 6.4.11 with commit e4d71d6a9c7d -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to @@ -52,5 +53,9 @@ release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: + https://git.kernel.org/stable/c/03caf75da1059f0460666c826e9f50e13dfd0017 + https://git.kernel.org/stable/c/c323ed65f66e5387ee0a73452118d49f1dae81b8 + https://git.kernel.org/stable/c/9af7dfb3c9d7985172a240f85e684c5cd33e29ce + https://git.kernel.org/stable/c/9a8c544158f68f656d1734eb5ba00c4f817b76b1 https://git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a https://git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4 diff --git a/cve/published/2023/CVE-2023-52439.mbox b/cve/published/2023/CVE-2023-52439.mbox index 493510a2..01e2e242 100644 --- a/cve/published/2023/CVE-2023-52439.mbox +++ b/cve/published/2023/CVE-2023-52439.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -51,8 +51,9 @@ Affected and fixed versions Issue introduced in 4.18 with commit 57c5f4df0a5a and fixed in 6.6.13 with commit 35f102607054 Issue introduced in 4.18 with commit 57c5f4df0a5a and fixed in 6.7.1 with commit 913205930da6 Issue introduced in 4.18 with commit 57c5f4df0a5a and fixed in 6.8 with commit 0c9ae0b86050 + Issue introduced in 4.14.100 with commit 13af019c87f2 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52447.mbox b/cve/published/2023/CVE-2023-52447.mbox index c67f0577..a798e7ae 100644 --- a/cve/published/2023/CVE-2023-52447.mbox +++ b/cve/published/2023/CVE-2023-52447.mbox @@ -1,4 +1,4 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -36,12 +36,12 @@ The Linux kernel CVE team has assigned CVE-2023-52447 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 5.10.214 with commit 90c445799fd1 - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 5.15.153 with commit 37d98fb9c314 - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 6.1.75 with commit 62fca83303d6 - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 6.6.14 with commit f91cd728b10c - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 6.7.2 with commit bfd9b20c4862 - Issue introduced in 5.9 with commit 638e4b825d52 and fixed in 6.8 with commit 876673364161 + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 5.10.214 with commit 90c445799fd1 + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 5.15.153 with commit 37d98fb9c314 + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 6.1.75 with commit 62fca83303d6 + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 6.6.14 with commit f91cd728b10c + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 6.7.2 with commit bfd9b20c4862 + Issue introduced in 5.9 with commit bba1dc0b55ac and fixed in 6.8 with commit 876673364161 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2023/CVE-2023-52452.mbox b/cve/published/2023/CVE-2023-52452.mbox index 53f553c2..1bc37228 100644 --- a/cve/published/2023/CVE-2023-52452.mbox +++ b/cve/published/2023/CVE-2023-52452.mbox @@ -1,4 +1,4 @@ -From bippy-1e70cc10feda Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -62,6 +62,8 @@ Affected and fixed versions Issue introduced in 5.12 with commit 01f810ace9ed and fixed in 6.6.14 with commit 0954982db828 Issue introduced in 5.12 with commit 01f810ace9ed and fixed in 6.7.2 with commit fbcf372c8eda Issue introduced in 5.12 with commit 01f810ace9ed and fixed in 6.8 with commit 6b4a64bafd10 + Issue introduced in 5.10.33 with commit f3c4b01689d3 + Issue introduced in 5.11.17 with commit d1b725ea5d10 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2023/CVE-2023-52457.mbox b/cve/published/2023/CVE-2023-52457.mbox index 4c314b25..be8de3ef 100644 --- a/cve/published/2023/CVE-2023-52457.mbox +++ b/cve/published/2023/CVE-2023-52457.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -36,8 +36,9 @@ Affected and fixed versions Issue introduced in 6.1 with commit e3f0c638f428 and fixed in 6.6.14 with commit 887a558d0298 Issue introduced in 6.1 with commit e3f0c638f428 and fixed in 6.7.2 with commit 95e4e0031eff Issue introduced in 6.1 with commit e3f0c638f428 and fixed in 6.8 with commit ad90d0358bd3 + Issue introduced in 6.0.10 with commit 02eed6390dbe -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52463.mbox b/cve/published/2023/CVE-2023-52463.mbox index 8fe7acd5..7003f40b 100644 --- a/cve/published/2023/CVE-2023-52463.mbox +++ b/cve/published/2023/CVE-2023-52463.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -79,8 +79,9 @@ Affected and fixed versions Issue introduced in 5.8 with commit f88814cc2578 and fixed in 6.6.14 with commit 0049fe7e4a85 Issue introduced in 5.8 with commit f88814cc2578 and fixed in 6.7.2 with commit d4a714873db0 Issue introduced in 5.8 with commit f88814cc2578 and fixed in 6.8 with commit 0e8d2444168d + Issue introduced in 5.7.11 with commit 552952e51fad -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52494.mbox b/cve/published/2023/CVE-2023-52494.mbox index a9addbce..90921d04 100644 --- a/cve/published/2023/CVE-2023-52494.mbox +++ b/cve/published/2023/CVE-2023-52494.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -30,8 +30,11 @@ Affected and fixed versions Issue introduced in 5.13 with commit ec32332df764 and fixed in 6.6.15 with commit a9ebfc405fe1 Issue introduced in 5.13 with commit ec32332df764 and fixed in 6.7.3 with commit ecf832011182 Issue introduced in 5.13 with commit ec32332df764 and fixed in 6.8 with commit eff9704f5332 + Issue introduced in 5.10.36 with commit a1d2bd164c1c + Issue introduced in 5.11.20 with commit fd5f40fc8874 + Issue introduced in 5.12.3 with commit 76879a980cd5 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52497.mbox b/cve/published/2023/CVE-2023-52497.mbox index 9fdcc89d..6a84a072 100644 --- a/cve/published/2023/CVE-2023-52497.mbox +++ b/cve/published/2023/CVE-2023-52497.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -40,14 +40,14 @@ The Linux kernel CVE team has assigned CVE-2023-52497 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.3 with commit 598162d05080 and fixed in 5.10.211 with commit a0180e940cf1 - Issue introduced in 5.3 with commit 598162d05080 and fixed in 5.15.150 with commit 77cbc04a1a86 - Issue introduced in 5.3 with commit 598162d05080 and fixed in 6.1.76 with commit 33bf23c9940d - Issue introduced in 5.3 with commit 598162d05080 and fixed in 6.6.15 with commit f36d200a80a3 - Issue introduced in 5.3 with commit 598162d05080 and fixed in 6.7.3 with commit bffc4cc334c5 - Issue introduced in 5.3 with commit 598162d05080 and fixed in 6.8 with commit 3c12466b6b7b + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 5.10.211 with commit a0180e940cf1 + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 5.15.150 with commit 77cbc04a1a86 + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 6.1.76 with commit 33bf23c9940d + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 6.6.15 with commit f36d200a80a3 + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 6.7.3 with commit bffc4cc334c5 + Issue introduced in 5.3 with commit 0ffd71bcc3a0 and fixed in 6.8 with commit 3c12466b6b7b -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52515.mbox b/cve/published/2023/CVE-2023-52515.mbox index 9d791733..7bdadc73 100644 --- a/cve/published/2023/CVE-2023-52515.mbox +++ b/cve/published/2023/CVE-2023-52515.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52515: RDMA/srp: Do not call scsi_done() from srp_abort() -Message-Id: <2024030251-CVE-2023-52515-5af7@gregkh> -Content-Length: 2611 -Lines: 62 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2674; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=FfnWQtl9BD0239stZjqXlIQNzF/lH508P7jcGQMtzuE=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmP52+J04gydZ2lWlDy8FNjVbe7+twz17MZV3+YdibWa - NFFa+31HbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjCRhhKG+e4uMV0ls6vbVyye - 9MVgnihnlqq8DsMcjvh5Lw3Tn6oXHF/qEMibpnREyv4nAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -44,8 +33,13 @@ Affected and fixed versions Issue introduced in 3.7 with commit d8536670916a and fixed in 6.1.57 with commit 2b298f918158 Issue introduced in 3.7 with commit d8536670916a and fixed in 6.5.7 with commit 05a10b316ada Issue introduced in 3.7 with commit d8536670916a and fixed in 6.6 with commit e193b7955dfa + Issue introduced in 3.0.45 with commit 738589592a04 + Issue introduced in 3.2.32 with commit 0575df129e2e + Issue introduced in 3.4.13 with commit 22fb58240500 + Issue introduced in 3.5.6 with commit 39d6594c457c + Issue introduced in 3.6.1 with commit b3f3b814add7 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52524.mbox b/cve/published/2023/CVE-2023-52524.mbox index 697aab2b..77a65583 100644 --- a/cve/published/2023/CVE-2023-52524.mbox +++ b/cve/published/2023/CVE-2023-52524.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52524: net: nfc: llcp: Add lock when modifying device list -Message-Id: <2024030253-CVE-2023-52524-a5e0@gregkh> -Content-Length: 2410 -Lines: 56 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2467; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=gSgbsPyaWGPjw8M87+kTWOPsex+jcDhR3/Vqt2KPtWA=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmP52/b/flay99pAdtr5U+1advMb++Ujpx2Okb77dNXT - BUhj3k2dMSyMAgyMciKKbJ82cZzdH/FIUUvQ9vTMHNYmUCGMHBxCsBEuv4xLJj9yDzvFNObtJpd - cmIflRKqLSrenmFYMOe1gN2XB6qKM50fycqEM70wsBTuAgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -37,8 +26,10 @@ Affected and fixed versions Issue introduced in 6.1.39 with commit 425d9d3a92df and fixed in 6.1.57 with commit 7562780e32b8 Issue introduced in 6.5 with commit 6709d4b7bc2e and fixed in 6.5.7 with commit 29c16c2bf586 Issue introduced in 6.5 with commit 6709d4b7bc2e and fixed in 6.6 with commit dfc7f7a988da + Issue introduced in 6.3.13 with commit b3ad46e155a6 + Issue introduced in 6.4.4 with commit e5207c1d69b1 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52525.mbox b/cve/published/2023/CVE-2023-52525.mbox index 3a60698f..2e40021a 100644 --- a/cve/published/2023/CVE-2023-52525.mbox +++ b/cve/published/2023/CVE-2023-52525.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52525: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet -Message-Id: <2024030254-CVE-2023-52525-3989@gregkh> -Content-Length: 2672 -Lines: 59 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2732; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=sSDrNVvuC7Pko7cy5e8UVJijxLnV/P2tBt3PHuznm3g=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmP5287rBD3xks/R2TDvlUXeW6dZQyP0Vt/7uhmDyanx - Nl9k9RYOmJZGASZGGTFFFm+bOM5ur/ikKKXoe1pmDmsTCBDGLg4BWAidVMYFqwTuCiUav9XiS3p - /4NKNu9F6/hajBnmmU1cwt7oztnw522de5eNbFySsdwBAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -32,15 +21,16 @@ The Linux kernel CVE team has assigned CVE-2023-52525 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.14.326 with commit a7a35f35b7a4 and fixed in 4.14.327 with commit 71b1d2b57f14 - Issue introduced in 4.19.295 with commit 68a1716869af and fixed in 4.19.296 with commit 16cc18b90808 - Issue introduced in 5.4.257 with commit df1753eae74b and fixed in 5.4.258 with commit b8e260654a29 - Issue introduced in 5.10.195 with commit 08a6e99a334d and fixed in 5.10.198 with commit 10a18c8bac7f - Issue introduced in 5.15.132 with commit 89f19a9a055d and fixed in 5.15.135 with commit 5afb996349cb - Issue introduced in 6.1.53 with commit cde525d61178 and fixed in 6.1.57 with commit 6b706286473d - Issue introduced in 6.5.3 with commit 7be3bf0bb299 and fixed in 6.5.7 with commit be2ff39b1504 + Issue introduced in 4.14.326 with commit f517c97fc129 and fixed in 4.14.327 with commit 71b1d2b57f14 + Issue introduced in 4.19.295 with commit 8824aa4ab62c and fixed in 4.19.296 with commit 16cc18b90808 + Issue introduced in 5.4.257 with commit 29eca8b7863d and fixed in 5.4.258 with commit b8e260654a29 + Issue introduced in 5.10.195 with commit 3fe3923d092e and fixed in 5.10.198 with commit 10a18c8bac7f + Issue introduced in 5.15.132 with commit 7c54b6fc39eb and fixed in 5.15.135 with commit 5afb996349cb + Issue introduced in 6.1.53 with commit 3975e21d4d01 and fixed in 6.1.57 with commit 6b706286473d + Issue introduced in 6.5.3 with commit 650d1bc02fba and fixed in 6.5.7 with commit be2ff39b1504 + Issue introduced in 6.4.16 with commit a7300e3800e9 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to @@ -74,3 +64,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/5afb996349cb6d1f14d6ba9aaa7aed3bd82534f6 https://git.kernel.org/stable/c/6b706286473db4fd54b5f869faa67f4a8cb18e99 https://git.kernel.org/stable/c/be2ff39b1504c5359f4a083c1cfcad21d666e216 + https://git.kernel.org/stable/c/aef7a0300047e7b4707ea0411dc9597cba108fc8 diff --git a/cve/published/2023/CVE-2023-52529.mbox b/cve/published/2023/CVE-2023-52529.mbox index 97f39728..bd7d1ac6 100644 --- a/cve/published/2023/CVE-2023-52529.mbox +++ b/cve/published/2023/CVE-2023-52529.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52529: HID: sony: Fix a potential memory leak in sony_probe() -Message-Id: <2024030255-CVE-2023-52529-56ff@gregkh> -Content-Length: 2031 -Lines: 52 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2084; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=qoQq8RIOxl+MSg+OKbs9Pb7hcx9vpY21Ncjo2EMc2HU=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmP52//1Hjfojs/d9eGSlvLaQXmsnO0+/YFKa1iXVuu/ - NPQfNPZjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZhIlzXDHI4Py4Q/GjZnqvTt - 2fLEO/HR+u7tWgwLOpcc3VxWejGqO7Vizr6P68TfbF+3BAA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -35,8 +24,10 @@ Affected and fixed versions Issue introduced in 5.14 with commit fb1a79a6b6e1 and fixed in 6.1.57 with commit f237b17611fa Issue introduced in 5.14 with commit fb1a79a6b6e1 and fixed in 6.5.7 with commit f566efa7de1e Issue introduced in 5.14 with commit fb1a79a6b6e1 and fixed in 6.6 with commit e1cd4004cde7 + Issue introduced in 5.12.17 with commit 44535bbc811f + Issue introduced in 5.13.2 with commit 02f04a3c5d74 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52530.mbox b/cve/published/2023/CVE-2023-52530.mbox index ee916a7e..233ed4f3 100644 --- a/cve/published/2023/CVE-2023-52530.mbox +++ b/cve/published/2023/CVE-2023-52530.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52530: wifi: mac80211: fix potential key use-after-free -Message-Id: <2024030255-CVE-2023-52530-ebf0@gregkh> -Content-Length: 2322 -Lines: 58 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2381; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=JBhGr7aN+wCooHcxC/3anaV+HgSn8yz5UUvrTaAh4ZE=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmP52/fXF5+KpDxQCr/T/XC46+EvIueeTulcy4uemsv0 - zlPUPlMRywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEzkrzfDgs5J6+3mlRn+bwmp - WjXN6exn+R3XTBnm6XLJSlY8tby7UJeZPU/hdums4EwuAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -41,8 +30,15 @@ Affected and fixed versions Issue introduced in 4.14 with commit fdf7cb4185b6 and fixed in 6.1.57 with commit 2f4e16e39e4f Issue introduced in 4.14 with commit fdf7cb4185b6 and fixed in 6.5.7 with commit 65c72a720170 Issue introduced in 4.14 with commit fdf7cb4185b6 and fixed in 6.6 with commit 31db78a4923e - -Please see https://www.kernel.org or a full list of currently supported + Issue introduced in 3.2.95 with commit ef810e7c3d2a + Issue introduced in 3.16.50 with commit a0a8a11d1630 + Issue introduced in 3.18.82 with commit 6891c6fd2a50 + Issue introduced in 4.1.47 with commit 003aa22c9619 + Issue introduced in 4.4.99 with commit 6440f0ee8a17 + Issue introduced in 4.9.63 with commit 2586fa0007dc + Issue introduced in 4.13.14 with commit a9ab1b2e30e8 + +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52562.mbox b/cve/published/2023/CVE-2023-52562.mbox index eaa24905..99ed690b 100644 --- a/cve/published/2023/CVE-2023-52562.mbox +++ b/cve/published/2023/CVE-2023-52562.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52562: mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() -Message-Id: <2024030253-CVE-2023-52562-da24@gregkh> -Content-Length: 3837 -Lines: 81 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3919; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=wxpgWho52Cyv9mZQkqv4xqe7HHtAxQFnVe+l0l8bIEw=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF0Yq7krtixSKO7dUcr3os3W7llbcNHdjmbPWTeuxQ - QSv8lOzjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZhI1W6GeRYzouZ4vP17yP6z - /CItkQZfsaVl/xjm5990VvvlWnj+4fSmB5OeLrmyISdmKQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -65,8 +54,9 @@ Affected and fixed versions Issue introduced in 6.0 with commit 0495e337b703 and fixed in 6.1.56 with commit a5569bb18752 Issue introduced in 6.0 with commit 0495e337b703 and fixed in 6.5.6 with commit 51988be187b0 Issue introduced in 6.0 with commit 0495e337b703 and fixed in 6.6 with commit 46a9ea668190 + Issue introduced in 5.19.8 with commit 357321557920 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52563.mbox b/cve/published/2023/CVE-2023-52563.mbox index c5755a92..ab6b9a05 100644 --- a/cve/published/2023/CVE-2023-52563.mbox +++ b/cve/published/2023/CVE-2023-52563.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52563: drm/meson: fix memory leak on ->hpd_notify callback -Message-Id: <2024030253-CVE-2023-52563-269f@gregkh> -Content-Length: 2020 -Lines: 51 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2072; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=7z/KoNvFc1AKAk766EJ08funKvvfGBr6wpvsLMyMqcs=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF0Zqnd1d/nDdsq2/bSzKrLQYd75lUwzdbbVuW8vtb - Qu/T5qS1RHLwiDIxCArpsjyZRvP0f0VhxS9DG1Pw8xhZQIZwsDFKQATYVnMMN892p+vjEnZ5LbU - 7unLb8x987nDJIVhnm3gfIGuWS/sld70Xr0bILX6ztZwFgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -30,12 +19,12 @@ The Linux kernel CVE team has assigned CVE-2023-52563 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.15.61 with commit 50446ac34545 and fixed in 5.15.134 with commit 66cb6d74f5a1 + Issue introduced in 5.15.61 with commit e098989a9219 and fixed in 5.15.134 with commit 66cb6d74f5a1 Issue introduced in 5.17 with commit 0af5e0b41110 and fixed in 6.1.56 with commit ee335e0094ad Issue introduced in 5.17 with commit 0af5e0b41110 and fixed in 6.5.6 with commit 43b63e088887 Issue introduced in 5.17 with commit 0af5e0b41110 and fixed in 6.6 with commit 099f0af9d982 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52564.mbox b/cve/published/2023/CVE-2023-52564.mbox index a341ba2e..6beb8701 100644 --- a/cve/published/2023/CVE-2023-52564.mbox +++ b/cve/published/2023/CVE-2023-52564.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52564: Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" -Message-Id: <2024030253-CVE-2023-52564-88cb@gregkh> -Content-Length: 3415 -Lines: 87 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3503; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=gc2eoKi2SdbRe+ne4QLc5RROh02rJ+uT6QBYyGhn2sE=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF0bparVeaEhWu1TSucfaeHG1TWQmxzF/BsYv5xoWs - ++XyczqiGVhEGRikBVTZPmyjefo/opDil6Gtqdh5rAygQxh4OIUgIkoxTPMYj6ffO/ZffvvK07t - utEZeEwnzMLbjWF+UvKNDHWH2L8LPYU7I/jZRHeyrvUCAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -69,8 +58,9 @@ Affected and fixed versions Issue introduced in 6.1.43 with commit 9615ca54bc13 and fixed in 6.1.56 with commit c61d0b87a702 Issue introduced in 6.5 with commit 9b9c8195f3f0 and fixed in 6.5.6 with commit 2bff660e0ff3 Issue introduced in 6.5 with commit 9b9c8195f3f0 and fixed in 6.6 with commit 29346e217b8a + Issue introduced in 6.4.8 with commit 74a8d6f50cc9 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52565.mbox b/cve/published/2023/CVE-2023-52565.mbox index 8825961d..8efe9440 100644 --- a/cve/published/2023/CVE-2023-52565.mbox +++ b/cve/published/2023/CVE-2023-52565.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52565: media: uvcvideo: Fix OOB read -Message-Id: <2024030254-CVE-2023-52565-07ce@gregkh> -Content-Length: 1849 -Lines: 50 -X-Developer-Signature: v=1; a=openpgp-sha256; l=1900; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=13K/mJazEZoaNVAYbREsGkwpWnfNlNqzRqPVmdqK6Uo=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF0Z1ra7ev/CnMPPuD48UI2OU93yUMYxQuZ7rWuXgO - /2/+QLhjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZjIjNsM8+znCj3MWOaqbtO3 - ieHBHrtj5Ru0qxjm6R3mWJ/TJ+S2t8dlWiO3pf3LuncNAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -34,8 +23,9 @@ Affected and fixed versions Issue introduced in 6.1.16 with commit 367703c3ec4f and fixed in 6.1.56 with commit 09635bf4cdd4 Issue introduced in 6.3 with commit 40140eda661e and fixed in 6.5.6 with commit 8bcf70d787f7 Issue introduced in 6.3 with commit 40140eda661e and fixed in 6.6 with commit 41ebaa5e0eeb + Issue introduced in 6.2.3 with commit 42cbbc6b2c39 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52567.mbox b/cve/published/2023/CVE-2023-52567.mbox index 7efcb27a..1a2383d5 100644 --- a/cve/published/2023/CVE-2023-52567.mbox +++ b/cve/published/2023/CVE-2023-52567.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52567: serial: 8250_port: Check IRQ data before use -Message-Id: <2024030254-CVE-2023-52567-38c1@gregkh> -Content-Length: 3278 -Lines: 73 -X-Developer-Signature: v=1; a=openpgp-sha256; l=3352; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=A1R/yMGX2VgMgItwnEjUlqWSwJvlgQAUzIwB9ctSjtE=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF0adjmjTmNz01lI5jLVh3SbBhy5zp3lWusi0T3qzu - 8GrO4e1I5aFQZCJQVZMkeXLNp6j+ysOKXoZ2p6GmcPKBDKEgYtTACYiYsIw3/kot3lCYCBrMuvd - 9WaZkYdZxb/9YFiwv8zu7Jmr525VcCxzmN2VsEevtUceAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -52,8 +41,10 @@ Affected and fixed versions Issue introduced in 6.1.28 with commit 727e92fe13e8 and fixed in 6.1.56 with commit e14f68a48fd4 Issue introduced in 6.4 with commit 0ba9e3a13c6a and fixed in 6.5.6 with commit 3345cc5f02f1 Issue introduced in 6.4 with commit 0ba9e3a13c6a and fixed in 6.6 with commit cce7fc8b2996 + Issue introduced in 6.2.15 with commit d7c6aa39eb04 + Issue introduced in 6.3.2 with commit f5fd2fd999b3 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52575.mbox b/cve/published/2023/CVE-2023-52575.mbox index 356d68fd..d876cd02 100644 --- a/cve/published/2023/CVE-2023-52575.mbox +++ b/cve/published/2023/CVE-2023-52575.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52575: x86/srso: Fix SBPB enablement for spec_rstack_overflow=off -Message-Id: <2024030256-CVE-2023-52575-34bf@gregkh> -Content-Length: 2239 -Lines: 54 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2294; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=YWM+Q1Lu1tpitgmgohW3HJ+2FXw7etaGxlPtfr7L10c=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF8YUrpyYm7Hp7plZ+xrDlMzlO9U4Zkm/c29+5NUhq - C3095h1RywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAExEk5dhNusXMbv5Z4vt3//+ - EzD//TSFHYc36DMsWMedXVi32J/t3/8JrRKFL50cTpeWAgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -31,13 +20,14 @@ The Linux kernel CVE team has assigned CVE-2023-52575 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.10.189 with commit 8457fb5740b1 and fixed in 5.10.198 with commit ae806c74c063 - Issue introduced in 5.15.125 with commit 153f9a7b02d4 and fixed in 5.15.134 with commit 13ea4b92e875 - Issue introduced in 6.1.44 with commit 4f25355540ad and fixed in 6.1.56 with commit adbcec23c842 + Issue introduced in 5.10.189 with commit 3f9b7101bea1 and fixed in 5.10.198 with commit ae806c74c063 + Issue introduced in 5.15.125 with commit b35087763a44 and fixed in 5.15.134 with commit 13ea4b92e875 + Issue introduced in 6.1.44 with commit ac41e90d8daa and fixed in 6.1.56 with commit adbcec23c842 Issue introduced in 6.5 with commit fb3bd914b3ec and fixed in 6.5.6 with commit e3cb8b2c391b Issue introduced in 6.5 with commit fb3bd914b3ec and fixed in 6.6 with commit 01b057b2f4cc + Issue introduced in 6.4.9 with commit acdc883eb61e -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2023/CVE-2023-52577.mbox b/cve/published/2023/CVE-2023-52577.mbox index 625714ce..0b75b5f3 100644 --- a/cve/published/2023/CVE-2023-52577.mbox +++ b/cve/published/2023/CVE-2023-52577.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52577: dccp: fix dccp_v4_err()/dccp_v6_err() again -Message-Id: <2024030257-CVE-2023-52577-2638@gregkh> -Content-Length: 5607 -Lines: 124 -X-Developer-Signature: v=1; a=openpgp-sha256; l=5732; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=/8nVUZa06G89v+CBYGemNrsleCZQuabGlol9SyIZtII=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF8Z+cV677n/55ckbz9UdsOhe7Scg/1Mgvzah4lqAg - Kfgx3MCHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjARPgmGBWdf+M5/t7dzqnC4 - vPqvusk/RNs2TmOY7788OPSVkmnGMp3HG4prM8pOibczAAA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -103,8 +92,9 @@ Affected and fixed versions Issue introduced in 5.15.132 with commit 6ecf09699eb1 and fixed in 5.15.134 with commit 26df9ab5de30 Issue introduced in 6.1.53 with commit f8a7f10a1dcc and fixed in 6.1.56 with commit 73be49248a04 Issue introduced in 6.5.3 with commit ec620c34f5fa and fixed in 6.5.6 with commit 1512d8f45d3c + Issue introduced in 6.4.16 with commit d8171411a661 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to @@ -139,3 +129,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/26df9ab5de308caa1503d937533c56c35793018d https://git.kernel.org/stable/c/73be49248a04746096339a48a33fa2f03bd85969 https://git.kernel.org/stable/c/1512d8f45d3c5d0b5baa00bd8e600492fa569f40 + https://git.kernel.org/stable/c/6af289746a636f71f4c0535a9801774118486c7a diff --git a/cve/published/2023/CVE-2023-52581.mbox b/cve/published/2023/CVE-2023-52581.mbox index 063b6ac0..8774c605 100644 --- a/cve/published/2023/CVE-2023-52581.mbox +++ b/cve/published/2023/CVE-2023-52581.mbox @@ -1,19 +1,8 @@ -From bippy-4986f5686161 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired -Message-Id: <2024030258-CVE-2023-52581-2165@gregkh> -Content-Length: 2032 -Lines: 57 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2090; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=o4r85AtjvQSMDzSUl+Lh8+3Pymx4JVd/k4tnAQNrg30=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKmPF8Yt/xbzXk+i3D7ZJORX4qLefxzHPJYGTOh/asQmm - yn+4mJNRywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAEyk6SHDgq6Fbx6+02p43JfC - MC/l2OpU9vlPmRgW7JX64flsUqZz9L3ml4Ghyeq7HggWAgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -41,8 +30,9 @@ Affected and fixed versions Issue introduced in 6.5 with commit 5f68718b34a5 and fixed in 6.5.6 with commit 4aea243b6853 Issue introduced in 6.5 with commit 5f68718b34a5 and fixed in 6.6 with commit cf5000a7787c + Issue introduced in 6.4.11 with commit 0624f190b574 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to @@ -70,5 +60,9 @@ release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: + https://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01 + https://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8 + https://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171 + https://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07 https://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14 https://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5 diff --git a/cve/published/2023/CVE-2023-52626.mbox b/cve/published/2023/CVE-2023-52626.mbox index 381cb344..7bf4b803 100644 --- a/cve/published/2023/CVE-2023-52626.mbox +++ b/cve/published/2023/CVE-2023-52626.mbox @@ -1,24 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 -From: Lee Jones <lee@kernel.org> +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52626: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context -X-Developer-Signature: v=1; a=openpgp-sha256; l=2184; i=lee@kernel.org; - h=from:subject; bh=MMZDgBQxa8xh+CyibRdwYNFd1lUsJPJFapIICmO9hRE=; - b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBmAwrQIZpd6+FBTztk8rmeXMdy5PHA6TdR5LmUH - QgavwABhSOJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZgMK0AAKCRBRr4ovh/x3 - YZVDD/99fU+Dx1GUrvE5igbHbp47mdaCLPHTnYl6IMPwkgIwFbnP9U5FfiXtD+4ZcPSkVamikoe - fnRCIrdheZiJbF9YNAkIpJ0Qs7ars/shQ/hNFhViU68QYLbypIJX9A7XUGDVkFPM3ADqOIwHJ/L - bwL8msXF/V+po5wXl8WWsLsN6yRiyRophyvh4JsHlmNbz7WSEpYyby5bGqP8Hh+JtJY1SSqMKZp - Lwd4pmNrqr5Xll+NIP47TGBUUAZ7hYarwkxw5bDWk6JT8uXZSFrDWI0NFX05F+pIR4cMLYUsJ8Y - JdUAp/Bgwyb89TK548pqLLUMoUS/5VlgzjtEKDiMaMAbJxZckondYD3J4uO0+wKCRn48P/BIeUg - Bwrdh4WR7+5FfHGaWXI8DrIFZ5SDhpjpTgAf76/IWUTIOhMAxZxxv8371Qh8+alXBIJqp93dAE6 - bZVVPlRKwYMCTxVTrUqr+LjUXweGqksVE9Ns+jhILg75PhVoLkPe9odSaJy/Ix5SDbsfRYuHu1h - q1R+Zd+bUcEsLS3kM/jold3Orr424yg5cfCE9lmi+UlEwrizlOLe99/2t0r9wvOqhMhsaP/3N9r - lVYuV8EHL5BhFtfl4p1j7sq7UljFBJBh9mO7CwCRroz82W2udM93Cd332lUrvnjjD5dd1Zx5jAQ - PsJKVgzyVgVJW4g== -X-Developer-Key: i=lee@kernel.org; a=openpgp; - fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Description =========== @@ -42,6 +26,7 @@ Affected and fixed versions Issue introduced in 6.6.3 with commit e5d30f7da357 and fixed in 6.6.15 with commit 40e0d0746390 Issue introduced in 6.7 with commit 92214be5979c and fixed in 6.7.3 with commit 33cdeae8c6fb Issue introduced in 6.7 with commit 92214be5979c and fixed in 6.8 with commit 3876638b2c7e + Issue introduced in 6.5.13 with commit 42b11d1293e5 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2023/CVE-2023-52628.mbox b/cve/published/2023/CVE-2023-52628.mbox index 984d74a7..78a4b228 100644 --- a/cve/published/2023/CVE-2023-52628.mbox +++ b/cve/published/2023/CVE-2023-52628.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2023-52628: netfilter: nftables: exthdr: fix 4-byte stack OOB write -Message-Id: <2024032850-CVE-2023-52628-14fb@gregkh> -Content-Length: 2604 -Lines: 64 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2669; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=WVb0yzekgufjAI7KcWXbsII5bZ1ZUlmtURedeWUEW+4=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGmssnHLzpzwz1h80otJJc7kzYVui41yd89c10z4ZW/lt - DoxcsLWjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZgIyzyG+dXtixi3vbH5LP06 - orqK+1OL3cNlMxjmcAfxiBrpy504efVoZlTi6uU/i68dAgA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -41,11 +30,11 @@ The Linux kernel CVE team has assigned CVE-2023-52628 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.1 with commit dbb5281a1f84 and fixed in 5.10.198 with commit a7d86a77c33b - Issue introduced in 4.1 with commit dbb5281a1f84 and fixed in 5.15.132 with commit 1ad7b189cc14 - Issue introduced in 4.1 with commit dbb5281a1f84 and fixed in 6.1.54 with commit d9ebfc0f2137 - Issue introduced in 4.1 with commit dbb5281a1f84 and fixed in 6.5.4 with commit c8f292322ff1 - Issue introduced in 4.1 with commit dbb5281a1f84 and fixed in 6.6 with commit fd94d9dadee5 + Issue introduced in 4.1 with commit 49499c3e6e18 and fixed in 5.10.198 with commit a7d86a77c33b + Issue introduced in 4.1 with commit 49499c3e6e18 and fixed in 5.15.132 with commit 1ad7b189cc14 + Issue introduced in 4.1 with commit 49499c3e6e18 and fixed in 6.1.54 with commit d9ebfc0f2137 + Issue introduced in 4.1 with commit 49499c3e6e18 and fixed in 6.5.4 with commit c8f292322ff1 + Issue introduced in 4.1 with commit 49499c3e6e18 and fixed in 6.6 with commit fd94d9dadee5 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2024/CVE-2024-26581.mbox b/cve/published/2024/CVE-2024-26581.mbox index 62810aa5..fd125fca 100644 --- a/cve/published/2024/CVE-2024-26581.mbox +++ b/cve/published/2024/CVE-2024-26581.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -28,8 +28,9 @@ Affected and fixed versions Issue introduced in 6.5 with commit f718863aca46 and fixed in 6.6.17 with commit b734f7a47aeb Issue introduced in 6.5 with commit f718863aca46 and fixed in 6.7.5 with commit 6eb14441f106 Issue introduced in 6.5 with commit f718863aca46 and fixed in 6.8 with commit 60c0c230c6f0 + Issue introduced in 6.4.8 with commit cd6673393239 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26583.mbox b/cve/published/2024/CVE-2024-26583.mbox index 6b826c7f..12c9f140 100644 --- a/cve/published/2024/CVE-2024-26583.mbox +++ b/cve/published/2024/CVE-2024-26583.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -33,8 +33,11 @@ Affected and fixed versions Issue introduced in 5.7 with commit 0cada33241d9 and fixed in 6.6.18 with commit 86dc27ee36f5 Issue introduced in 5.7 with commit 0cada33241d9 and fixed in 6.7.6 with commit 6209319b2efd Issue introduced in 5.7 with commit 0cada33241d9 and fixed in 6.8 with commit aec7961916f3 + Issue introduced in 5.4.44 with commit cf4cc95a15f5 + Issue introduced in 5.4.71 with commit 8dc5025c6a44 + Issue introduced in 5.6.16 with commit 9b81d43da15e -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26584.mbox b/cve/published/2024/CVE-2024-26584.mbox index ea7fedfb..6ecfe2c9 100644 --- a/cve/published/2024/CVE-2024-26584.mbox +++ b/cve/published/2024/CVE-2024-26584.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -31,11 +31,11 @@ The Linux kernel CVE team has assigned CVE-2024-26584 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.16 with commit 94524d8fc965 and fixed in 6.6.18 with commit 13eca403876b - Issue introduced in 4.16 with commit 94524d8fc965 and fixed in 6.7.6 with commit ab6397f072e5 - Issue introduced in 4.16 with commit 94524d8fc965 and fixed in 6.8 with commit 859054147318 + Issue introduced in 4.16 with commit a54667f6728c and fixed in 6.6.18 with commit 13eca403876b + Issue introduced in 4.16 with commit a54667f6728c and fixed in 6.7.6 with commit ab6397f072e5 + Issue introduced in 4.16 with commit a54667f6728c and fixed in 6.8 with commit 859054147318 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26590.mbox b/cve/published/2024/CVE-2024-26590.mbox index b959e87a..e826dfd8 100644 --- a/cve/published/2024/CVE-2024-26590.mbox +++ b/cve/published/2024/CVE-2024-26590.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -31,12 +31,12 @@ The Linux kernel CVE team has assigned CVE-2024-26590 to this issue. Affected and fixed versions =========================== - Issue introduced in 5.16 with commit 622ceaddb764 and fixed in 6.1.80 with commit 47467e04816c - Issue introduced in 5.16 with commit 622ceaddb764 and fixed in 6.6.14 with commit 823ba1d21060 - Issue introduced in 5.16 with commit 622ceaddb764 and fixed in 6.7.2 with commit eed24b816e50 - Issue introduced in 5.16 with commit 622ceaddb764 and fixed in 6.8 with commit 118a8cf504d7 + Issue introduced in 5.16 with commit 8f89926290c4 and fixed in 6.1.80 with commit 47467e04816c + Issue introduced in 5.16 with commit 8f89926290c4 and fixed in 6.6.14 with commit 823ba1d21060 + Issue introduced in 5.16 with commit 8f89926290c4 and fixed in 6.7.2 with commit eed24b816e50 + Issue introduced in 5.16 with commit 8f89926290c4 and fixed in 6.8 with commit 118a8cf504d7 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26602.mbox b/cve/published/2024/CVE-2024-26602.mbox index 62485221..8dfb03bf 100644 --- a/cve/published/2024/CVE-2024-26602.mbox +++ b/cve/published/2024/CVE-2024-26602.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -22,16 +22,16 @@ The Linux kernel CVE team has assigned CVE-2024-26602 to this issue. Affected and fixed versions =========================== - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 4.19.307 with commit 3cd139875e9a - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 5.4.269 with commit 2441a64070b8 - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 5.10.210 with commit db896bbe4a9c - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 5.15.149 with commit 50fb4e17df31 - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 6.1.79 with commit 24ec7504a08a - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 6.6.18 with commit b6a2a9cbb675 - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 6.7.6 with commit c5b2063c65d0 - Issue introduced in 4.14 with commit c5f58bd58f43 and fixed in 6.8 with commit 944d5fe50f3f + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 4.19.307 with commit 3cd139875e9a + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 5.4.269 with commit 2441a64070b8 + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 5.10.210 with commit db896bbe4a9c + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 5.15.149 with commit 50fb4e17df31 + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 6.1.79 with commit 24ec7504a08a + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 6.6.18 with commit b6a2a9cbb675 + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 6.7.6 with commit c5b2063c65d0 + Issue introduced in 4.14 with commit 22e4ebb97582 and fixed in 6.8 with commit 944d5fe50f3f -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26605.mbox b/cve/published/2024/CVE-2024-26605.mbox index 1e3a1bb2..57af2fe8 100644 --- a/cve/published/2024/CVE-2024-26605.mbox +++ b/cve/published/2024/CVE-2024-26605.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -63,8 +63,11 @@ Affected and fixed versions Issue introduced in 6.7 with commit f93e71aea6c6 and fixed in 6.7.5 with commit ef90508574d7 Issue introduced in 6.7 with commit f93e71aea6c6 and fixed in 6.8 with commit 1e560864159d + Issue introduced in 5.15.147 with commit 1f2f662c8bec + Issue introduced in 6.1.72 with commit b9c370b61d73 + Issue introduced in 6.6.11 with commit 8cc22ba3f77c -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26618.mbox b/cve/published/2024/CVE-2024-26618.mbox index 9f82e768..ce14573e 100644 --- a/cve/published/2024/CVE-2024-26618.mbox +++ b/cve/published/2024/CVE-2024-26618.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -28,8 +28,10 @@ Affected and fixed versions Issue introduced in 6.5 with commit 5d0a8d2fba50 and fixed in 6.6.15 with commit 569156e4fa34 Issue introduced in 6.5 with commit 5d0a8d2fba50 and fixed in 6.7.3 with commit 814af6b4e600 Issue introduced in 6.5 with commit 5d0a8d2fba50 and fixed in 6.8 with commit dc7eb8755797 + Issue introduced in 6.1.47 with commit 21614ba60883 + Issue introduced in 6.4.12 with commit e01af8e26c23 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26629.mbox b/cve/published/2024/CVE-2024-26629.mbox index 2d7d62a9..3d7a840c 100644 --- a/cve/published/2024/CVE-2024-26629.mbox +++ b/cve/published/2024/CVE-2024-26629.mbox @@ -1,4 +1,4 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> @@ -84,8 +84,17 @@ Affected and fixed versions Issue introduced in 5.19 with commit ce3c4ad7f4ce and fixed in 6.6.15 with commit b7d2eee1f538 Issue introduced in 5.19 with commit ce3c4ad7f4ce and fixed in 6.7.3 with commit 8f5b860de870 Issue introduced in 5.19 with commit ce3c4ad7f4ce and fixed in 6.8 with commit edcf9725150e - -Please see https://www.kernel.org or a full list of currently supported + Issue introduced in 4.9.317 with commit fea1d0940301 + Issue introduced in 4.14.282 with commit 2ec65dc6635d + Issue introduced in 4.19.246 with commit ef481b262bba + Issue introduced in 4.19.306 with commit 10d75984495f + Issue introduced in 5.4.197 with commit a2235bc65ade + Issue introduced in 5.10.120 with commit 3097f38e9126 + Issue introduced in 5.15.45 with commit e2fc17fcc503 + Issue introduced in 5.17.13 with commit ba747abfca27 + Issue introduced in 5.18.2 with commit e8020d96dd5b + +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26633.mbox b/cve/published/2024/CVE-2024-26633.mbox index 39493454..c1835545 100644 --- a/cve/published/2024/CVE-2024-26633.mbox +++ b/cve/published/2024/CVE-2024-26633.mbox @@ -1,24 +1,8 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 -From: Lee Jones <lee@kernel.org> +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() -X-Developer-Signature: v=1; a=openpgp-sha256; l=7075; i=lee@kernel.org; - h=from:subject; bh=CXb2B+I96DjKSURtfamnAUE5cmIToa7QMn8Sj0wYpWc=; - b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBl+BJ/lnjdOwjBVvVJNIUW/McGPZtcTrPBHFLPp - zNQa1UzhL6JAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZfgSfwAKCRBRr4ovh/x3 - YSpfEACrr+eYczWyXN+JTQIqzW8V9bgFAighT3a5+Vb3QTKlGzW9+bq4D4IyDqoFU5ryDDI2f7+ - UmyBvfHp7Z8n+NVG1v7XvjB60bAdjgFFvKedNh8N5x4Q5XT8vLDRz/ZChxsv40JnbgvdDJKyp3+ - XDbhSTu+m8rFET6abDrqsyEeTUd6R8SPnkCDuk0xx7+WLuHRc/wUKyvKyGjbmt1hVSHLKLD2ieC - LJ3zqNDSBrt0nRTK+bM1rCAavvLJnruQT+EOtAqIRR6IY8Sg3L7v17lBVAgyf86GEK4eOWxMp2j - pNQX/YBeKFm1Z762tSqIYIwaRHHUrvzsrN8SRDz5/8LaGD3hrQfVepTj5YfkCiMiqLap5GuB4wt - 9xf6hQgZlo173Dlh5CTyAkdG5IIWy8klh0SLzUDuit4JUAFgV21wDM4mzolP3+RS6nZIJoA7HBm - WImhlII2UhKxErkMT6LMxD7zu2hr1H3/CXeb7U2BEN7tnqBKE/Qjn2dt2LxWdRH+hIvf2A9w4yx - sgkgyzocOZOqTg4R2qK4kpWtCifLNlY8nqufG0ljLeNQmgd++lOYRyrotN1aSp37KUqgrnwOTXr - MhWKWgIZt80YUgI/q3obpdxXhez8NZ5HrAA5y68hiWNmMu4auBRonaLGoAl1/851IvKLieTg5Q9 - K3mpb5mhSxhJXrA== -X-Developer-Key: i=lee@kernel.org; a=openpgp; - fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Description =========== @@ -130,8 +114,15 @@ Affected and fixed versions Issue introduced in 4.10 with commit fbfa743a9d2a and fixed in 6.6.14 with commit 687c5d52fe53 Issue introduced in 4.10 with commit fbfa743a9d2a and fixed in 6.7.2 with commit ba8d904c2742 Issue introduced in 4.10 with commit fbfa743a9d2a and fixed in 6.8 with commit d375b98e0248 - -Please see https://www.kernel.org or a full list of currently supported + Issue introduced in 3.2.87 with commit a6f6bb6bc04a + Issue introduced in 3.10.106 with commit 72bbf335e7aa + Issue introduced in 3.12.71 with commit decccc92ee0a + Issue introduced in 3.16.42 with commit d3d9b59ab321 + Issue introduced in 3.18.49 with commit d397f7035d2c + Issue introduced in 4.4.50 with commit 41e07a7e01d9 + Issue introduced in 4.9.11 with commit a7fe4e5d0633 + +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26634.mbox b/cve/published/2024/CVE-2024-26634.mbox index 477d97f4..2e8a15d3 100644 --- a/cve/published/2024/CVE-2024-26634.mbox +++ b/cve/published/2024/CVE-2024-26634.mbox @@ -1,24 +1,8 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 -From: Lee Jones <lee@kernel.org> +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26634: net: fix removing a namespace with conflicting altnames -X-Developer-Signature: v=1; a=openpgp-sha256; l=2455; i=lee@kernel.org; - h=from:subject; bh=FQyAevjXSuvGEKyiEqO0qtLIE3mDDZilCpK5Tb8S9DY=; - b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBl+BQjXDAkAzz/WmDTd5tV2AUWoxADR8dSlvyQn - 6vhIv2AmR6JAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZfgUIwAKCRBRr4ovh/x3 - YWicEACQi6O2DG3L71ZarWdxoNMPR2WeyjC8bKRl086xrxBeI+56ay8W1dqO8BmBxf33mbBSzQY - OSJsbVgJfu88D5gKO3zOn5g+pTaMJh1iqNSaC6ErCMY1r/ZB7ZmmdMmH04AttC53X2F324VezCL - yl6fFcyPDAwfAM2wr5xmguVY4SbxWmRj+nAzLWTIlz5LNxadds+RZG4yMUUbHGFJ4Yp6ots+7K9 - brv2NJjQ0eY1bznMQBzPLeiEUzGNIFG8anC2CGeJ29i0o20LsXD6kyAACG9InLUMh3Zc4jnW7q/ - i2uIBCkRtmY2dIpTCfXXgwiZw8r76zap/kW7N3fvMjddRZU+BJ08nt67Gcp+QMg8lJZ8pNcnqhy - ED/8CitHWeUMicr1TWhDMxG5wKL8dtDVxogegKNaikzv/yT5vQJCC7XQ9IZRknV2wwtTNy0v/fm - gCM+p+5uNJrC69wEAwWid+50vCxbsqXy1Q662aiBfGgG0Y1KF1pbOqqUyoM59iQBhwG9X2FmHEn - Az2ZF33vVnzudCl3cCpXU9rYglONmkS4MgLP094kWN0tjB8zWAIW/jsdH/IB85XacJoQRHjzh1S - 27Gpn4rdNxiu42Xz9pUjyrcwLGVdtsURfvBVGHaO5Vzae5oNqwAgfaM6aYO98HWm+AjtkyFOPg0 - vpSIn4h/ePz3ibg== -X-Developer-Key: i=lee@kernel.org; a=openpgp; - fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Description =========== @@ -48,8 +32,9 @@ Affected and fixed versions Issue introduced in 6.6 with commit 7663d522099e and fixed in 6.6.15 with commit e855dded4b70 Issue introduced in 6.6 with commit 7663d522099e and fixed in 6.7.3 with commit 8072699aa9e6 Issue introduced in 6.6 with commit 7663d522099e and fixed in 6.8 with commit d09486a04f5d + Issue introduced in 6.5.9 with commit f7a69786fe5e -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to diff --git a/cve/published/2024/CVE-2024-26639.mbox b/cve/published/2024/CVE-2024-26639.mbox index 2cbad28d..4c4709dd 100644 --- a/cve/published/2024/CVE-2024-26639.mbox +++ b/cve/published/2024/CVE-2024-26639.mbox @@ -1,24 +1,8 @@ -From bippy-8df59b4913de Mon Sep 17 00:00:00 2001 -From: Lee Jones <lee@kernel.org> +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26639: mm, kmsan: fix infinite recursion due to RCU critical section -X-Developer-Signature: v=1; a=openpgp-sha256; l=3919; i=lee@kernel.org; - h=from:subject; bh=xh6h8GSF2KIVe8wiWQfLjcQ5ko1DUhYhmxR11DatfPg=; - b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBl+BWdl0cf+ovIo/gguABjHeVF2bIdkEjov4ImR - 3gM1qanNOmJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZfgVnQAKCRBRr4ovh/x3 - YcYxD/4q8kBP04hckRjFNhdMoMngOlL0y+//dH2dQ8wVNbcpMY2QmweLsggKcYy7h9DercNCEeF - de0VDHZKcTxfUXttj5LPkUEFiI5p+rJyP5PnsuPLkutCJZZVG7hD1DSE50Ne32Z40Bq0zhr6Ohm - lmQn+b3schmxS2YkYMm8CxubT4WAaT244IFvql1Q22NXSO2fwG1AG+h+tNdYBUuC0OyRFlO7PUT - u9NfG/qzdeGOplK4oPmfLRRNFqUOB07sBKkMsWnMuJ1vV2RTJZsdmLdLcAVDmi0tnhNOVSHoGOr - ow7mkWVVAMiIXnDUzJ3/Cjz7tZwA55HgyNtIac+vM9TDODM4ti2NoFXIv3GFsUlb3+DNXq3GC4k - 5zShvwZv0ywGRiXH50NGebRuUyNp+rqmUlM2rmlst/vneGgMVjq6bSExQ2O10N64yyQjqzebsVp - t0TKSTa78QSBr3khIEHOHNtpg5rGf++cbFoQsCwyXTuI6myx5Wxt3b0o3j2VcCXJeNra4D0psgo - X0KksKoIDnXfQi3FLgiYXtmM/FX0de0ntCPKhrLkYi3gUMRAu0j5TFNY+LTPwbUvDLr9R7av1e2 - kbICduFsXNhpC3t/9+gWbYGfiFDbvzLpFyMGdrnuoxq0jhHKDrtja4wObZy/0zepvFwIMb3XxK6 - xJeCcNjMQGsBXvw== -X-Developer-Key: i=lee@kernel.org; a=openpgp; - fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Description =========== @@ -74,8 +58,10 @@ Affected and fixed versions Issue introduced in 6.1.76 with commit 68ed9e333240 and fixed in 6.1.77 with commit dc904345e377 Issue introduced in 6.6.15 with commit 70064241f222 and fixed in 6.6.16 with commit 6335c0cdb2ea Issue introduced in 6.7.3 with commit 3a01daace71b and fixed in 6.7.4 with commit 5a33420599fa + Issue introduced in 5.10.210 with commit 90ad17575d26 + Issue introduced in 5.15.149 with commit b448de2459b6 -Please see https://www.kernel.org or a full list of currently supported +Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to @@ -106,3 +92,4 @@ issue can be found at these commits: https://git.kernel.org/stable/c/dc904345e3771aa01d0b8358b550802fdc6fe00b https://git.kernel.org/stable/c/6335c0cdb2ea0ea02c999e04d34fd84f69fb27ff https://git.kernel.org/stable/c/5a33420599fa0288792537e6872fd19cc8607ea6 + https://git.kernel.org/stable/c/f6564fce256a3944aa1bc76cb3c40e792d97c1eb diff --git a/cve/published/2024/CVE-2024-26643.mbox b/cve/published/2024/CVE-2024-26643.mbox index b4bb451f..9868338b 100644 --- a/cve/published/2024/CVE-2024-26643.mbox +++ b/cve/published/2024/CVE-2024-26643.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26643: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout -Message-Id: <2024032150-CVE-2024-26643-4f9d@gregkh> -Content-Length: 2176 -Lines: 60 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2237; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=LZ7KSzv0gEaheJiU66c2JAGeF9vBkfTSiFAaWWmzdb8=; - b=owGbwMvMwCRo6H6F97bub03G02pJDKl/+NMkZ91qYujzjeL3eWeYHGJqEu/j9lu6/+q+vWGbh - RK2BXd0xLIwCDIxyIopsnzZxnN0f8UhRS9D29Mwc1iZQIYwcHEKwEQcuhgWLOAtZDb9OedYBats - csniKf+Tz0s+YljQdEskzE7ugP6lhvc61/9GZHWtXjcJAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -46,6 +35,11 @@ Affected and fixed versions =========================== Issue introduced in 6.5 with commit 5f68718b34a5 and fixed in 6.8 with commit 552705a3650b + Issue introduced in 5.4.262 with commit bbdb3b65aa91 + Issue introduced in 5.10.198 with commit 448be0774882 + Issue introduced in 5.15.134 with commit d19e8bf3ea41 + Issue introduced in 6.1.56 with commit ea3eb9f2192e + Issue introduced in 6.4.11 with commit 0624f190b574 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2024/CVE-2024-26664.mbox b/cve/published/2024/CVE-2024-26664.mbox index 49645570..cd1c51f6 100644 --- a/cve/published/2024/CVE-2024-26664.mbox +++ b/cve/published/2024/CVE-2024-26664.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26664: hwmon: (coretemp) Fix out-of-bounds memory access -Message-Id: <2024040223-CVE-2024-26664-03db@gregkh> -Content-Length: 2778 -Lines: 61 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2840; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=jLxKqK2Fs5wlOxN31vQlmgdpUj1smTDhqSV6wqeK3bg=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGncSxReCWrK8cr3/mBZZcBQ+7zyd8nmXzNbvq4X0Zq6v - M724bOpHbEsDIJMDLJiiixftvEc3V9xSNHL0PY0zBxWJpAhDFycAjCRRy8ZFqz0TN9lfChvZ8W+ - ilz7vTvKNnb/f8cwz/ROIWsf+wbJ5V+0dZZlcnw0v1o3GwA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -40,6 +29,7 @@ Affected and fixed versions Issue introduced in 6.1 with commit 7108b80a542b and fixed in 6.6.17 with commit 853a6503c586 Issue introduced in 6.1 with commit 7108b80a542b and fixed in 6.7.5 with commit 3a7753bda559 Issue introduced in 6.1 with commit 7108b80a542b and fixed in 6.8 with commit 4e440abc8945 + Issue introduced in 6.0.6 with commit d1de8e1ae924 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2024/CVE-2024-26670.mbox b/cve/published/2024/CVE-2024-26670.mbox index 7f41d24f..8b6d9741 100644 --- a/cve/published/2024/CVE-2024-26670.mbox +++ b/cve/published/2024/CVE-2024-26670.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26670: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD -Message-Id: <2024040238-CVE-2024-26670-ecbd@gregkh> -Content-Length: 4331 -Lines: 118 -X-Developer-Signature: v=1; a=openpgp-sha256; l=4450; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=oHwDpsoS8Tg+wCT6WTRg9U29YW7kD9ut092scBpAm0M=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGncK6Uk+Z8kGuT+tun4f6Dx9u3nnrUz10Z8DN+Zyt6jq - 7rk4gS3jlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZhI5BeG+Ylv7n/YWaZ7+oys - QIrLI7/vM1U8bjHMD9q0RVZX2zj/qXb1038O3XzLbjMWAQA= -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -102,6 +91,8 @@ Affected and fixed versions Issue introduced in 6.6 with commit 471470bc7052 and fixed in 6.6.15 with commit 58eb5c07f417 Issue introduced in 6.6 with commit 471470bc7052 and fixed in 6.7.3 with commit baa0aaac1643 Issue introduced in 6.6 with commit 471470bc7052 and fixed in 6.8 with commit 832dd634bd1b + Issue introduced in 6.1.57 with commit 6e3ae2927b43 + Issue introduced in 6.5.7 with commit 32b0a4ffcaea Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2024/CVE-2024-26676.mbox b/cve/published/2024/CVE-2024-26676.mbox index 8707b32f..74bcc644 100644 --- a/cve/published/2024/CVE-2024-26676.mbox +++ b/cve/published/2024/CVE-2024-26676.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26676: af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC. -Message-Id: <2024040252-CVE-2024-26676-222f@gregkh> -Content-Length: 5469 -Lines: 117 -X-Developer-Signature: v=1; a=openpgp-sha256; l=5587; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=/T3I78SDWRx4ARYFRwyFcDxBVnBQLlSLscV58fLD3nI=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGncaxNEnJ/Jb963+LCGamS/X9wahZyd1VFCV/pYkrlV9 - nzPmpPbEcvCIMjEICumyPJlG8/R/RWHFL0MbU/DzGFlAhnCwMUpABMJz2CYw996rKn3obBzg9hO - No+wbaK1a+7MZpjvWyvnHnOt8dB693eN7bUPQ7I5mVYCAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -99,6 +88,7 @@ Affected and fixed versions Issue introduced in 6.3 with commit 2aab4b969002 and fixed in 6.6.17 with commit b74aa9ce13d0 Issue introduced in 6.3 with commit 2aab4b969002 and fixed in 6.7.5 with commit 82ae47c5c3a6 Issue introduced in 6.3 with commit 2aab4b969002 and fixed in 6.8 with commit 1279f9d9dec2 + Issue introduced in 6.2.7 with commit a59d6306263c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. diff --git a/cve/published/2024/CVE-2024-26679.mbox b/cve/published/2024/CVE-2024-26679.mbox index 0e30b11d..b3390e62 100644 --- a/cve/published/2024/CVE-2024-26679.mbox +++ b/cve/published/2024/CVE-2024-26679.mbox @@ -1,19 +1,8 @@ -From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From bippy-d3b290d2becc Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> Subject: CVE-2024-26679: inet: read sk->sk_family once in inet_recv_error() -Message-Id: <2024040253-CVE-2024-26679-d520@gregkh> -Content-Length: 2773 -Lines: 62 -X-Developer-Signature: v=1; a=openpgp-sha256; l=2836; - i=gregkh@linuxfoundation.org; h=from:subject:message-id; - bh=PEcr/I6GQn0JO5NuK+MepWedtSJTm+4wzD6hMkwcJ+0=; - b=owGbwMvMwCRo6H6F97bub03G02pJDGncaxM/511JCH+zrPnmrJXVXuX1nxm2XckNzdB9czv8n - bRiUn1URywLgyATg6yYIsuXbTxH91ccUvQytD0NM4eVCWQIAxenAExEgJthnuKi+rnlOc4XX5n0 - bbhxJl35zp1LMxnmlxdxJaTs+Zc1980bF0PzBxH3PPrNAA== -X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; - fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Description =========== @@ -41,6 +30,7 @@ Affected and fixed versions Issue introduced in 3.18 with commit f4713a3dfad0 and fixed in 6.6.17 with commit 4a5e31bdd3c1 Issue introduced in 3.18 with commit f4713a3dfad0 and fixed in 6.7.5 with commit 307fa8a75ab7 Issue introduced in 3.18 with commit f4713a3dfad0 and fixed in 6.8 with commit eef00a82c568 + Issue introduced in 3.17.7 with commit 433337f9c00c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. |