Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3946c0d1 by Salvatore Bonaccorso at 2024-08-21T06:26:33+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,83 @@ +CVE-2024-43882 [exec: Fix ToCToU between perm check and set-uid/gid usage] + - linux 6.10.6-1 + NOTE: https://git.kernel.org/linus/f50733b45d865f91db90919f8311e2127ce5a0cb (6.11-rc4) +CVE-2024-43881 [wifi: ath12k: change DMA direction while mapping reinjected packets] + - linux 6.10.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/33322e3ef07409278a18c6919c448e369d66a18e (6.11-rc1) +CVE-2024-43880 [mlxsw: spectrum_acl_erp: Fix object nesting warning] + - linux 6.10.3-1 + NOTE: https://git.kernel.org/linus/97d833ceb27dc19f8777d63f90be4a27b5daeedf (6.11-rc1) +CVE-2024-43879 [wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()] + - linux 6.10.3-1 + NOTE: https://git.kernel.org/linus/bcbd771cd5d68c0c52567556097d75f9fc4e7cd6 (6.11-rc1) +CVE-2024-43878 [xfrm: Fix input error path memory access] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/54fcc6189dfb822eea984fa2b3e477a02447279d (6.11-rc1) +CVE-2024-43877 [media: pci: ivtv: Add check for DMA map result] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/629913d6d79508b166c66e07e4857e20233d85a9 (6.11-rc1) +CVE-2024-43876 [PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c93637e6a4c4e1d0e85ef7efac78d066bbb24d96 (6.11-rc1) +CVE-2024-43875 [PCI: endpoint: Clean up error handling in vpci_scan_bus()] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/8e0f5a96c534f781e8c57ca30459448b3bfe5429 (6.11-rc1) +CVE-2024-43874 [crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked] + - linux 6.10.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/468e3295774d0edce15f4ae475913b5076dd4f40 (6.11-rc1) +CVE-2024-43873 [vhost/vsock: always initialize seqpacket_allow] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1e1fdcbdde3b7663e5d8faeb2245b9b151417d22 (6.11-rc1) +CVE-2024-43872 [RDMA/hns: Fix soft lockup under heavy CEQE load] + - linux 6.10.3-1 + NOTE: https://git.kernel.org/linus/2fdf34038369c0a27811e7b4680662a14ada1d6b (6.11-rc1) +CVE-2024-43871 [devres: Fix memory leakage caused by driver API devm_free_percpu()] + - linux 6.10.3-1 + NOTE: https://git.kernel.org/linus/bd50a974097bb82d52a458bd3ee39fb723129a0c (6.11-rc1) +CVE-2024-43870 [perf: Fix event leak upon exit] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2fd5ad3f310de22836cdacae919dd99d758a1f1b (6.11-rc1) +CVE-2024-43869 [perf: Fix event leak upon exec and file release] + - linux 6.10.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3a5465418f5fd970e86a86c7f4075be262682840 (6.11-rc1) +CVE-2024-43868 [riscv/purgatory: align riscv_kernel_entry] + - linux 6.10.4-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fb197c5d2fd24b9af3d4697d0cf778645846d6d5 (6.11-rc2) +CVE-2024-43867 [drm/nouveau: prime: fix refcount underflow] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/a9bf3efc33f1fbf88787a277f7349459283c9b95 (6.11-rc2) +CVE-2024-43866 [net/mlx5: Always drain health in shutdown callback] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/1b75da22ed1e6171e261bc9265370162553d5393 (6.11-rc2) +CVE-2024-43865 [s390/fpu: Re-add exception handling in load_fpu_state()] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/4734406c39238cbeafe66f0060084caa3247ff53 (6.11-rc2) +CVE-2024-43864 [net/mlx5e: Fix CT entry update leaks of modify header context] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/025f2b85a5e5a46df14ecf162c3c80a957a36d0b (6.11-rc2) +CVE-2024-43863 [drm/vmwgfx: Fix a deadlock in dma buf fence polling] + - linux 6.10.4-1 + NOTE: https://git.kernel.org/linus/e58337100721f3cc0c7424a18730e4f39844934f (6.11-rc2) +CVE-2024-43862 [net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex] + - linux 6.10.4-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c4d6a347ba7babdf9d90a0eb24048c266cae0532 (6.11-rc2) CVE-2024-43861 [net: usb: qmi_wwan: fix memory leak for not ip packets] - linux 6.10.6-1 NOTE: https://git.kernel.org/linus/7ab107544b777c3bd7feb9fe447367d8edd5b202 (6.11-rc3) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3946c0d11df5149f0fef4ffba4ff9ac58ec8cf1b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3946c0d11df5149f0fef4ffba4ff9ac58ec8cf1b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
