Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a24d4d7d by Salvatore Bonaccorso at 2024-02-27T16:43:57+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -76,24 +76,42 @@ CVE-2021-46917 (In the Linux kernel, the following
vulnerability has been resolv
TODO: check
CVE-2021-46916 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
TODO: check
-CVE-2021-46915 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- TODO: check
CVE-2021-46914 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
TODO: check
-CVE-2021-46913 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- TODO: check
-CVE-2021-46912 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- TODO: check
-CVE-2021-46911 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- TODO: check
-CVE-2021-46910 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- TODO: check
-CVE-2021-46909 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- TODO: check
-CVE-2021-46908 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- TODO: check
-CVE-2021-46907 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- TODO: check
+CVE-2021-46915 [netfilter: nft_limit: avoid possible divide error in
nft_limit_init]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE:
https://git.kernel.org/linus/b895bdf5d643b6feb7c60856326dd4feb6981560 (5.12-rc8)
+CVE-2021-46913 [netfilter: nftables: clone set element expression template]
+ - linux 5.14.6-1
+ [bullseye] - linux 5.10.70-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/4d8f9065830e526c83199186c5f56a6514f457d2 (5.12-rc8)
+CVE-2021-46912 [net: Make tcp_allowed_congestion_control readonly in non-init
netns]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/97684f0970f6e112926de631fdd98d9693c7e5c1 (5.12-rc8)
+CVE-2021-46911 [ch_ktls: Fix kernel panic]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/1a73e427b824133940c2dd95ebe26b6dce1cbf10 (5.12-rc8)
+CVE-2021-46910 [ARM: 9063/1: mm: reduce maximum number of CPUs if
DEBUG_KMAP_LOCAL is enabled]
+ - linux 5.14.6-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/d624833f5984d484c5e3196f34b926f9e71dafee (5.12-rc8)
+CVE-2021-46909 [ARM: footbridge: fix PCI interrupt mapping]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE:
https://git.kernel.org/linus/30e3b4f256b4e366a61658c294f6a21b8626dda7 (5.12-rc8)
+CVE-2021-46908 [bpf: Use correct permission flag for mixed signed bounds
arithmetic]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/9601148392520e2e134936e76788fc2a6371e7be (5.12-rc8)
+CVE-2021-46907 [KVM: VMX: Don't use vcpu->run->internal.ndata as an array
index]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE:
https://git.kernel.org/linus/04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a (5.12-rc8)
CVE-2024-26144 [Possible Sensitive Session Information Leak in Active Storage]
- rails <unfixed>
NOTE:
https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a24d4d7d7b8e61bbd0231307f0a4fffd8e34e278
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
