[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Mon, 13 May 2024 08:53:52 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bcc1c6ec by Salvatore Bonaccorso at 2024-05-13T17:52:58+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2024-27401 [firewire: nosy: ensure user_length is taken into account when 
fetching packet contents]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/38762a0763c10c24a4915feee722d7aa6e73eb98 (6.9-rc7)
+CVE-2024-27400 [drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() 
v2]
+       - linux <unfixed>
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       [buster] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/d3a9331a6591e9df64791e076f6591f440af51c3 (6.9-rc7)
+CVE-2024-27399 [Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/adf0398cee86643b8eacde95f17d073d022f782c (6.9)
+CVE-2024-27398 [Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/483bc08181827fc475643272ffb69c533007e546 (6.9)
+CVE-2023-52656 [io_uring: drop any code related to SCM_RIGHTS]
+       - linux 6.7.12-1
+       [bookworm] - linux 6.1.85-1
+       [bullseye] - linux 5.10.216-1
+       NOTE: 
https://git.kernel.org/linus/6e5e6d274956305f1fc0340522b38f5f5be74bdb (6.8-rc1)
+CVE-2023-52655 [usb: aqc111: check packet for fixup for true limit]
+       - linux 6.6.8-1
+       [bookworm] - linux 6.1.69-1
+       [bullseye] - linux 5.10.205-1
+       NOTE: 
https://git.kernel.org/linus/ccab434e674ca95d483788b1895a70c21b7f016a (6.7-rc3)
 CVE-2024-25581 [Transfer requests received over DoH can lead to a denial of 
service in DNSdist]
        - dnsdist <unfixed>
        [bookworm] - dnsdist <not-affected> (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc1c6ec1b2402e02468b4a8dd9b468f0b4cb082

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc1c6ec1b2402e02468b4a8dd9b468f0b4cb082
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to