Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 50b45cb1 by Salvatore Bonaccorso at 2024-05-19T13:26:35+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,427 @@ +CVE-2024-35946 [wifi: rtw89: fix null pointer access when abort scan] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/7e11a2966f51695c0af0b1f976a32d64dee243b2 (6.9-rc1) +CVE-2024-35945 [net: phy: phy_device: Prevent nullptr exceptions on ISR] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/61c81872815f46006982bb80460c0c80a949b35b (6.9-rc1) +CVE-2024-35944 [VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/19b070fefd0d024af3daa7329cbc0d00de5302ec (6.9-rc1) +CVE-2024-35943 [pmdomain: ti: Add a null pointer check to the omap_prm_domain_init] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/5d7f58ee08434a33340f75ac7ac5071eea9673b3 (6.9-rc1) +CVE-2024-35942 [pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/697624ee8ad557ab5417f985d2c804241a7ad30d (6.9-rc1) +CVE-2024-35941 [net: skbuff: add overflow debug check to pull/push helpers] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/219eee9c0d16f1b754a8b85275854ab17df0850a (6.9-rc1) +CVE-2024-35940 [pstore/zone: Add a null pointer check to the psz_kmsg_read] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/98bc7e26e14fbb26a6abf97603d59532475e97f8 (6.9-rc1) +CVE-2024-35939 [dma-direct: Leak pages on dma_set_decrypted() failure] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf (6.9-rc1) +CVE-2024-35938 [wifi: ath11k: decrease MHI channel buffer length to 8KB] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/1cca1bddf9ef080503c15378cecf4877f7510015 (6.9-rc1) +CVE-2024-35937 [wifi: cfg80211: check A-MSDU format more carefully] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/9ad7974856926129f190ffbe3beea78460b3b7cc (6.9-rc1) +CVE-2024-35936 [btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/7411055db5ce64f836aaffd422396af0075fdc99 (6.9-rc1) +CVE-2024-35935 [btrfs: send: handle path ref underflow in header iterate_inode_ref()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/3c6ee34c6f9cd12802326da26631232a61743501 (6.9-rc1) +CVE-2024-35934 [net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/00af2aa93b76b1bade471ad0d0525d4d29ca5cc0 (6.9-rc1) +CVE-2024-35933 [Bluetooth: btintel: Fix null ptr deref in btintel_read_version] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/b79e040910101b020931ba0c9a6b77e81ab7f645 (6.9-rc1) +CVE-2024-35932 [drm/vc4: don't check if plane->state->fb == state->fb] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9 (6.9-rc1) +CVE-2024-35931 [drm/amdgpu: Skip do PCI error slot reset during RAS recovery] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/601429cca96b4af3be44172c3b64e4228515dbe1 (6.9-rc1) +CVE-2024-35930 [scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/2ae917d4bcab80ab304b774d492e2fcd6c52c06b (6.9-rc1) +CVE-2024-35929 [rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/dda98810b552fc6bf650f4270edeebdc2f28bd3f (6.9-rc1) +CVE-2024-35928 [drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/eb4f139888f636614dab3bcce97ff61cefc4b3a7 (6.9-rc1) +CVE-2024-35927 [drm: Check output polling initialized before disabling] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/5abffb66d12bcac84bf7b66389c571b8bb6e82bd (6.9-rc1) +CVE-2024-35926 [crypto: iaa - Fix async_disable descriptor leak] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/262534ddc88dfea7474ed18adfecf856e4fbe054 (6.9-rc1) +CVE-2024-35925 [block: prevent division by zero in blk_rq_stat_sum()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/93f52fbeaf4b676b21acfe42a5152620e6770d02 (6.9-rc1) +CVE-2024-35924 [usb: typec: ucsi: Limit read size on v1.2] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/b3db266fb031fba88c423d4bb8983a73a3db6527 (6.9-rc1) +CVE-2024-35923 [io_uring: clear opcode specific data for an early failure] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + NOTE: https://git.kernel.org/linus/e21e1c45e1fe2e31732f40256b49c04e76a17cee (6.9-rc1) +CVE-2024-35922 [fbmon: prevent division by zero in fb_videomode_from_videomode()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/c2d953276b8b27459baed1277a4fdd5dd9bd4126 (6.9-rc1) +CVE-2024-35921 [media: mediatek: vcodec: Fix oops when HEVC init fails] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/97c75ee5de060d271d80109b0c47cb6008439e5b (6.9-rc4) +CVE-2024-35920 [media: mediatek: vcodec: adding lock to protect decoder context list] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6467cda18c9f9b5f2f9a0aa1e2861c653e41f382 (6.9-rc4) +CVE-2024-35919 [media: mediatek: vcodec: adding lock to protect encoder context list] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/afaaf3a0f647a24a7bf6a2145d8ade37baaf75ad (6.9-rc4) +CVE-2024-35918 [randomize_kstack: Improve entropy diffusion] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9c573cd313433f6c1f7236fe64b9b743500c1628 (6.9-rc4) +CVE-2024-35917 [s390/bpf: Fix bpf_plt pointer arithmetic] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7ded842b356d151ece8ac4985940438e6d3998bb (6.9-rc2) +CVE-2024-35916 [dma-buf: Fix NULL pointer dereference in sanitycheck()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2295bd846765c766701e666ed2e4b35396be25e6 (6.9-rc2) +CVE-2024-35915 [nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/d24b03535e5eb82e025219c2f632b485409c898f (6.9-rc2) +CVE-2024-35914 [nfsd: Fix error cleanup path in nfsd_rename()] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9fe6e9e7b58944037714442384075c17cfde1c56 (6.9-rc2) +CVE-2024-35913 [wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/bbe806c294c9c4cd1221140d96e5f367673e393a (6.9-rc2) +CVE-2024-35912 [wifi: iwlwifi: mvm: rfi: fix potential response leaks] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/06a093807eb7b5c5b29b6cff49f8174a4e702341 (6.9-rc2) +CVE-2024-35911 [ice: fix memory corruption bug with suspend and rebuild] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1cb7fdb1dfde1aab66780b4ba44dba6402172111 (6.9-rc2) +CVE-2024-35910 [tcp: properly terminate timers for kernel sockets] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/151c9c724d05d5b0dd8acd3e11cb69ef1f2dbada (6.9-rc2) +CVE-2024-35909 [net: wwan: t7xx: Split 64bit accesses to fix alignment issues] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7d5a7dd5a35876f0ecc286f3602a88887a788217 (6.9-rc2) +CVE-2024-35908 [tls: get psock ref after taking rxlock to avoid leak] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/417e91e856099e9b8a42a2520e2255e6afe024be (6.9-rc2) +CVE-2024-35907 [mlxbf_gige: call request_irq() after NAPI initialized] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f7442a634ac06b953fc1f7418f307b25acd4cfbc (6.9-rc2) +CVE-2024-35906 [drm/amd/display: Send DTBCLK disable message on first commit] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/f341055b10bd8be55c3c995dff5f770b236b8ca9 (6.9-rc1) +CVE-2024-35905 [bpf: Protect against int overflow for stack access size] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ecc6a2101840177e57c925c102d2d29f260d37c8 (6.9-rc2) +CVE-2024-35904 [selinux: avoid dereference of garbage after mount failure] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/37801a36b4d68892ce807264f784d818f8d0d39b (6.9-rc3) +CVE-2024-35903 [x86/bpf: Fix IP after emitting call depth accounting] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9d98aa088386aee3db1b7b60b800c0fde0654a4a (6.9-rc3) +CVE-2024-35902 [net/rds: fix possible cp null dereference] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/62fc3357e079a07a22465b9b6ef71bb6ea75ee4b (6.9-rc3) +CVE-2024-35901 [net: mana: Fix Rx DMA datasize and skb_over_panic] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c0de6ab920aafb56feab56058e46b688e694a246 (6.9-rc3) +CVE-2024-35900 [netfilter: nf_tables: reject new basechain after table flag update] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/994209ddf4f430946f6247616b2e33d179243769 (6.9-rc3) +CVE-2024-35899 [netfilter: nf_tables: flush pending destroy work before exit_net release] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/24cea9677025e0de419989ecb692acd4bb34cac2 (6.9-rc3) +CVE-2024-35898 [netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/24225011d81b471acc0e1e315b7d9905459a6304 (6.9-rc3) +CVE-2024-35897 [netfilter: nf_tables: discard table flag update with pending basechain deletion] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1bc83a019bbe268be3526406245ec28c2458a518 (6.9-rc3) +CVE-2024-35896 [netfilter: validate user input for expected length] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/0c83842df40f86e529db6842231154772c20edcc (6.9-rc3) +CVE-2024-35895 [bpf, sockmap: Prevent lock inversion deadlock in map delete elem] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ff91059932401894e6c86341915615c5eb0eca48 (6.9-rc3) +CVE-2024-35894 [mptcp: prevent BPF accessing lowat from a subflow socket.] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fcf4692fa39e86a590c14a4af2de704e1d20a3b5 (6.9-rc3) +CVE-2024-35893 [net/sched: act_skbmod: prevent kernel-infoleak] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/d313eb8b77557a6d5855f42d2234bd592c7b50dd (6.9-rc3) +CVE-2024-35892 [net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/7eb322360b0266481e560d1807ee79e0cef5742b (6.9-rc3) +CVE-2024-35891 [net: phy: micrel: Fix potential null pointer dereference] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/96c155943a703f0655c0c4cab540f67055960e91 (6.9-rc3) +CVE-2024-35890 [gro: fix ownership transfer] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ed4cccef64c1d0d5b91e69f7a8a6697c3a865486 (6.9-rc3) +CVE-2024-35889 [idpf: fix kernel panic on unknown packet types] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/dd19e827d63ac60debf117676d1126bff884bdb8 (6.9-rc3) +CVE-2024-35888 [erspan: make sure erspan_base_hdr is present in skb->head] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/17af420545a750f763025149fa7b833a4fc8b8f0 (6.9-rc3) +CVE-2024-35887 [ax25: fix use-after-free bugs caused by ax25_ds_del_timer] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89 (6.9-rc3) +CVE-2024-35886 [ipv6: Fix infinite recursion in fib6_dump_done().] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/d21d40605bca7bd5fc23ef03d4c1ca1f48bc2cae (6.9-rc3) +CVE-2024-35885 [mlxbf_gige: stop interface during shutdown] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/09ba28e1cd3cf715daab1fca6e1623e22fd754a6 (6.9-rc3) +CVE-2024-35884 [udp: do not accept non-tunnel GSO skbs landing in a tunnel] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3d010c8031e39f5fa1e8b13ada77e0321091011f (6.9-rc3) +CVE-2024-35883 [spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1f886a7bfb3faf4c1021e73f045538008ce7634e (6.9-rc3) +CVE-2024-35882 [SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/05258a0a69b3c5d2c003f818702c0a52b6fea861 (6.9-rc3) +CVE-2024-35881 [Revert "drm/amd/display: Send DTBCLK disable message on first commit"] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/3a6a32b31a111f6e66526fb2d3cb13a876465076 (6.9-rc1) +CVE-2024-35880 [io_uring/kbuf: hold io_buffer_list reference over mmap] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/561e4f9451d65fc2f7eef564e0064373e3019793 (6.9-rc3) +CVE-2024-35879 [of: dynamic: Synchronize of_changeset_destroy() with the devlink removals] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8917e7385346bd6584890ed362985c219fe6ae84 (6.9-rc3) +CVE-2024-35878 [of: module: prevent NULL pointer dereference in vsnprintf()] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/a1aa5390cc912934fee76ce80af5f940452fa987 (6.9-rc3) +CVE-2024-35877 [x86/mm/pat: fix VM_PAT handling in COW mappings] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/04c35ab3bdae7fefbd7c7a7355f29fa03a035221 (6.9-rc3) +CVE-2024-35876 [x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/3ddf944b32f88741c303f0b21459dbb3872b8bc5 (6.9-rc3) +CVE-2024-35875 [x86/coco: Require seeding RNG with RDRAND on CoCo systems] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/99485c4c026f024e7cb82da84c7951dbe3deb584 (6.9-rc3) +CVE-2024-35874 [aio: Fix null ptr deref in aio_complete() wakeup] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/caeb4b0a11b3393e43f7fa8e0a5a18462acc66bd (6.9-rc3) +CVE-2024-35873 [riscv: Fix vector state restore in rt_sigreturn()] + - linux 6.8.9-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c27fa53b858b4ee6552a719aa599c250cf98a586 (6.9-rc3) +CVE-2024-35872 [mm/secretmem: fix GUP-fast succeeding on secretmem folios] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/65291dcfcf8936e1b23cfd7718fdfde7cfaf7706 (6.9-rc3) +CVE-2024-35871 [riscv: process: Fix kernel gp leakage] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/d14fa1fcf69db9d070e75f1c4425211fa619dfc8 (6.9-rc3) +CVE-2024-35870 [smb: client: fix UAF in smb2_reconnect_server()] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/24a9799aa8efecd0eb55a75e35f9d8e6400063aa (6.9-rc3) +CVE-2024-35869 [smb: client: guarantee refcounted children from parent session] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/062a7f0ff46eb57aff526897bd2bebfdb1d3046a (6.9-rc3) +CVE-2024-35868 [smb: client: fix potential UAF in cifs_stats_proc_write()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/d3da25c5ac84430f89875ca7485a3828150a7e0a (6.9-rc3) +CVE-2024-35867 [smb: client: fix potential UAF in cifs_stats_proc_show()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/0865ffefea197b437ba78b5dd8d8e256253efd65 (6.9-rc3) +CVE-2024-35866 [smb: client: fix potential UAF in cifs_dump_full_key()] + - linux 6.8.9-1 + NOTE: https://git.kernel.org/linus/58acd1f497162e7d282077f816faa519487be045 (6.9-rc3) +CVE-2024-35865 [smb: client: fix potential UAF in smb2_is_valid_oplock_break()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/22863485a4626ec6ecf297f4cc0aef709bc862e4 (6.9-rc3) +CVE-2024-35864 [smb: client: fix potential UAF in smb2_is_valid_lease_break()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/705c76fbf726c7a2f6ff9143d4013b18daaaebf1 (6.9-rc3) +CVE-2024-35863 [smb: client: fix potential UAF in is_valid_oplock_break()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29 (6.9-rc3) +CVE-2024-35862 [smb: client: fix potential UAF in smb2_is_network_name_deleted()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/63981561ffd2d4987807df4126f96a11e18b0c1d (6.9-rc3) +CVE-2024-35861 [smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()] + - linux 6.8.9-1 + [bookworm] - linux 6.1.85-1 + NOTE: https://git.kernel.org/linus/e0e50401cc3921c9eaf1b0e667db174519ea939f (6.9-rc3) +CVE-2024-35860 [bpf: support deferring bpf_link dealloc to after RCU grace period] + - linux 6.8.9-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1a80dbcb2dbaf6e4c216e62e30fa7d3daa8001ce (6.9-rc3) +CVE-2023-52699 [sysv: don't call sb_bread() with pointers_lock held] + - linux 6.8.9-1 + [bookworm] - linux 6.1.90-1 + [bullseye] - linux 5.10.216-1 + NOTE: https://git.kernel.org/linus/f123dc86388cb669c3d6322702dc441abc35c31e (6.9-rc1) CVE-2024-5099 (A vulnerability was found in SourceCodester Simple Inventory System 1. ...) NOT-FOR-US: SourceCodester Simple Inventory System CVE-2024-5098 (A vulnerability has been found in SourceCodester Simple Inventory Syst ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50b45cb143794fdf6fdc50fc96bbc078d9647bf9 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50b45cb143794fdf6fdc50fc96bbc078d9647bf9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits