Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f604af03 by Salvatore Bonaccorso at 2024-12-04T18:00:38+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,69 @@ +CVE-2024-53140 [netlink: terminate outstanding dump on socket close] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/1904fb9ebf911441f90a68e96b22aa73e4410505 (6.12) +CVE-2024-53139 [sctp: fix possible UAF in sctp_v6_available()] + - linux 6.11.10-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/eb72e7fcc83987d5d5595b43222f23b295d5de7f (6.12) +CVE-2024-53138 [net/mlx5e: kTLS, Fix incorrect page refcounting] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/dd6e972cc5890d91d6749bb48e3912721c4e4b25 (6.12) +CVE-2024-53137 [ARM: fix cacheflush with PAN] + - linux 6.11.10-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ca29cfcc4a21083d671522ad384532e28a43f033 (6.12) +CVE-2024-53136 [mm: revert "mm: shmem: fix data-race in shmem_getattr()"] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/d1aa0c04294e29883d65eac6c2f72fe95cc7c049 (6.12) +CVE-2024-53135 [KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/aa0d42cacf093a6fcca872edc954f6f812926a17 (6.12) +CVE-2024-53134 [pmdomain: imx93-blk-ctrl: correct remove path] + - linux 6.11.10-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f7c7c5aa556378a2c8da72c1f7f238b6648f95fb (6.12) +CVE-2024-53133 [drm/amd/display: Handle dml allocation failure to avoid crash] + - linux 6.11.10-1 + NOTE: https://git.kernel.org/linus/6825cb07b79ffeb1d90ffaa7a1227462cdca34ae (6.12) +CVE-2024-53132 [drm/xe/oa: Fix "Missing outer runtime PM protection" warning] + - linux 6.11.10-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c0403e4ceecaefbeaf78263dffcd3e3f06a19f6b (6.12) +CVE-2024-53131 [nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471 (6.12) +CVE-2024-53130 [nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/2026559a6c4ce34db117d2db8f710fe2a9420d5a (6.12) +CVE-2024-53129 [drm/rockchip: vop: Fix a dereferenced before check warning] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ab1c793f457f740ab7108cc0b1340a402dbf484d (6.12) +CVE-2024-53128 [sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers] + - linux 6.11.10-1 + NOTE: https://git.kernel.org/linus/fd7b4f9f46d46acbc7af3a439bb0d869efdc5c58 (6.12) +CVE-2024-53127 [Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"] + - linux 6.11.10-1 + [bookworm] - linux 6.1.119-1 + NOTE: https://git.kernel.org/linus/1635e407a4a64d08a8517ac59ca14ad4fc785e75 (6.12) +CVE-2024-53126 [vdpa: solidrun: Fix UB bug with devres] + - linux 6.11.10-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0b364cf53b20204e92bac7c6ebd1ee7d3ec62931 (6.12) +CVE-2024-53125 [bpf: sync_linked_regs() must preserve subreg_def] + - linux 6.11.6-1 + NOTE: https://git.kernel.org/linus/e9bd9c498cb0f5843996dbe5cbce7a1836a83c70 (6.12-rc4) CVE-2024-9404 (Moxa\u2019s IP Cameras are affected by a medium-severity vulnerability ...) NOT-FOR-US: Moxa CVE-2024-54664 (An issue was discovered in Veritas NetBackup before 10.5. This only ap ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f604af0331867fe102a0d16c7a54823213c96a5d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f604af0331867fe102a0d16c7a54823213c96a5d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
