[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Mon, 29 Jul 2024 00:34:42 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2e658aa8 by Salvatore Bonaccorso at 2024-07-29T09:33:43+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,26 @@
+CVE-2024-41019 [fs/ntfs3: Validate ff offset]
+       - linux 6.9.12-1
+       NOTE: 
https://git.kernel.org/linus/50c47879650b4c97836a0086632b3a2e300b0f06 (6.11-rc1)
+CVE-2024-41018 [fs/ntfs3: Add a check for attr_names and oatbl]
+       - linux 6.9.12-1
+       [bookworm] - linux <not-affected> (Vulnerable code not present)
+       [bullseye] - linux <not-affected> (Vulnerable code not present)
+       NOTE: 
https://git.kernel.org/linus/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 (6.11-rc1)
+CVE-2024-41017 [jfs: don't walk off the end of ealist]
+       - linux 6.9.12-1
+       NOTE: 
https://git.kernel.org/linus/d0fa70aca54c8643248e89061da23752506ec0d4 (6.11-rc1)
+CVE-2024-41016 [ocfs2: strict bound check before memcmp in 
ocfs2_xattr_find_entry()]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/af77c4fc1871847b528d58b7fdafb4aa1f6a9262 (6.11-rc1)
+CVE-2024-41015 [ocfs2: add bounds checking to ocfs2_check_dir_entry()]
+       - linux 6.9.12-1
+       NOTE: 
https://git.kernel.org/linus/255547c6bb8940a97eea94ef9d464ea5967763fb (6.11-rc1)
+CVE-2024-41014 [xfs: add bounds checking to xlog_recover_process_data]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/fb63435b7c7dc112b1ae1baea5486e0a6e27b196 (6.11-rc1)
+CVE-2024-41013 [xfs: don't walk off the end of a directory data block]
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/0c7fcdb6d06cdf8b19b57c17605215b06afa864a (6.11-rc1)
 CVE-2024-7169 (A vulnerability classified as problematic has been found in 
SourceCode ...)
        NOT-FOR-US: SourceCodester School Fees Payment System
 CVE-2024-7168 (A vulnerability was found in SourceCodester School Fees Payment 
System ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e658aa80f517dc0d54eae919292c701a623ae40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e658aa80f517dc0d54eae919292c701a623ae40
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to