Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2f4a57cf by Salvatore Bonaccorso at 2024-08-17T11:22:01+02:00 Merge CVEs for Linux from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,70 @@ +CVE-2024-42275 [drm/client: Fix error code in drm_client_buffer_vmap_local()] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/b5fbf924f125ba3638cfdc21c0515eb7e76264ca (6.11-rc2) +CVE-2024-42274 [Revert "ALSA: firewire-lib: operate for period elapse event in process context"] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3dab73ab925a51ab05543b491bf17463a48ca323 (6.11-rc2) +CVE-2024-42273 [f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8cb1f4080dd91c6e6b01dbea013a3f42341cb6a1 (6.11-rc1) +CVE-2024-42272 [sched: act_ct: take care of padding in struct zones_ht_key] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/2191a54f63225b548fd8346be3611c3219a24738 (6.11-rc2) +CVE-2024-42271 [net/iucv: fix use after free in iucv_sock_close()] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/f558120cd709682b739207b48cf7479fd9568431 (6.11-rc2) +CVE-2024-42270 [netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5830aa863981d43560748aa93589c0695191d95d (6.11-rc2) +CVE-2024-42269 [netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c22921df777de5606f1047b1345b8d22ef1c0b34 (6.11-rc2) +CVE-2024-42268 [net/mlx5: Fix missing lock on sync reset reload] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/572f9caa9e7295f8c8822e4122c7ae8f1c412ff9 (6.11-rc2) +CVE-2024-42267 [riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error()] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/0c710050c47d45eb77b28c271cddefc5c785cb40 (6.11-rc2) +CVE-2024-42266 [btrfs: make cow_file_range_inline() honor locked_page on error] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/478574370bef7951fbd9ef5155537d6cbed49472 (6.11-rc2) +CVE-2024-42265 [protect the fetch of ->fd[fd] in do_dup2() from mispredictions] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/8aa37bde1a7b645816cda8b80df4753ecf172bf1 (6.11-rc2) +CVE-2024-42264 [drm/v3d: Prevent out of bounds access in performance query extensions] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6ce9efd12ae81cf46bf44eb0348594558dfbb9d2 (6.11-rc2) +CVE-2024-42263 [drm/v3d: Fix potential memory leak in the timestamp extension] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0e50fcc20bd87584840266e8004f9064a8985b4f (6.11-rc2) +CVE-2024-42262 [drm/v3d: Fix potential memory leak in the performance extension] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/32df4abc44f24dbec239d43e2b26d5768c5d1a78 (6.11-rc2) +CVE-2024-42261 [drm/v3d: Validate passed in drm syncobj handles in the timestamp extension] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/023d22e8bb0cdd6900382ad1ed06df3b6c2ea791 (6.11-rc2) +CVE-2024-42260 [drm/v3d: Validate passed in drm syncobj handles in the performance extension] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4ecc24a84d7e0254efd150ec23e0b89638386516 (6.11-rc2) CVE-2024-7886 (A vulnerability has been found in Scooter Software Beyond Compare up t ...) NOT-FOR-US: Scooter Software Beyond Compare CVE-2024-6500 (The InPost for WooCommerce plugin and InPost PL plugin for WordPress a ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f4a57cfaa91fdceb3ee63bf4d2d78660de9c0c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f4a57cfaa91fdceb3ee63bf4d2d78660de9c0c8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
