Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5c0249fc by Salvatore Bonaccorso at 2024-12-28T16:52:34+01:00 Update Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,136 @@ +CVE-2024-56708 [EDAC/igen6: Avoid segmentation fault on module unload] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fefaae90398d38a1100ccd73b46ab55ff4610fba (6.13-rc1) +CVE-2024-56707 [octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64 (6.13-rc1) +CVE-2024-56706 [s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/f55bd479d8663a4a4e403b3d308d3d1aa33d92df (6.13-rc1) +CVE-2024-56705 [media: atomisp: Add check for rgby_data memory allocation failure] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/ed61c59139509f76d3592683c90dc3fdc6e23cd6 (6.13-rc1) +CVE-2024-56704 [9p/xen: fix release of IRQ] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/e43c608f40c065b30964f0a806348062991b802d (6.13-rc1) +CVE-2024-56703 [ipv6: Fix soft lockups in fib6_select_path under high next hop churn] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/d9ccb18f83ea2bb654289b6ecf014fd267cc988b (6.13-rc1) +CVE-2024-56702 [bpf: Mark raw_tp arguments with PTR_MAYBE_NULL] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cb4158ce8ec8a5bb528cc1693356a5eb8058094d (6.13-rc1) +CVE-2024-56701 [powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cadae3a45d23aa4f6485938a67cbc47aaaa25e38 (6.13-rc1) +CVE-2024-56700 [media: wl128x: Fix atomicity violation in fmc_send_cmd()] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/ca59f9956d4519ab18ab2270be47c6b8c6ced091 (6.13-rc1) +CVE-2024-56699 [s390/pci: Fix potential double remove of hotplug slot] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c4a585e952ca403a370586d3f16e8331a7564901 (6.13-rc1) +CVE-2024-56698 [usb: dwc3: gadget: Fix looping of queued SG entries] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/b7fc65f5141c24785dc8c19249ca4efcf71b3524 (6.13-rc1) +CVE-2024-56697 [drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info()] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a1144da794adedb9447437c57d69add56494309d (6.13-rc1) +CVE-2024-56696 [ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc()] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9ad467a2b2716d4ed12f003b041aa6c776a13ff5 (6.13-rc1) +CVE-2024-56695 [drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/922f0e00017b09d9d47e3efac008c8b20ed546a0 (6.13-rc1) +CVE-2024-56694 [bpf: fix recursive lock when verdict program return SK_PASS] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/8ca2a1eeadf09862190b2810697702d803ceef2d (6.13-rc1) +CVE-2024-56693 [brd: defer automatic disk creation until module initialization succeeds] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/826cc42adf44930a633d11a5993676d85ddb0842 (6.13-rc1) +CVE-2024-56692 [f2fs: fix to do sanity check on node blkaddr in truncate_node()] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/6babe00ccd34fc65b78ef8b99754e32b4385f23d (6.13-rc1) +CVE-2024-56691 [mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/686fb77712a4bc94b76a0c5ae74c60118b7a0d79 (6.13-rc1) +CVE-2024-56690 [crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/662f2f13e66d3883b9238b0b96b17886179e60e2 (6.13-rc1) +CVE-2024-56689 [PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5089b3d874e9933d9842e90410d3af1520494757 (6.13-rc1) +CVE-2024-56688 [sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/4db9ad82a6c823094da27de4825af693a3475d51 (6.13-rc1) +CVE-2024-56687 [usb: musb: Fix hardware lockup on first Rx endpoint request] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3fc137386c4620305bbc2a216868c53f9245670a (6.13-rc1) +CVE-2024-56686 [ext4: fix race in buffer_head read fault injection] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/2f3d93e210b9c2866c8b3662adae427d5bf511ec (6.13-rc1) +CVE-2024-56685 [ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2f2020327cc8561d7c520d2f2d9acea84fa7b3a3 (6.13-rc1) +CVE-2024-56684 [mailbox: mtk-cmdq: fix wrong use of sizeof in cmdq_get_clocks()] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/271ee263cc8771982809185007181ca10346fe73 (6.13-rc1) +CVE-2024-56683 [drm/vc4: hdmi: Avoid hang with debug registers when suspended] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/223ee2567a55e4f80315c768d2969e6a3b9fb23d (6.13-rc1) +CVE-2024-56682 [irqchip/riscv-aplic: Prevent crash when MSI domain is missing] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1f181d1cda56c2fbe379c5ace1aa1fac6306669e (6.13-rc1) +CVE-2024-56681 [crypto: bcm - add error check in the ahash_hmac_init function] + - linux 6.12.3-1 + NOTE: https://git.kernel.org/linus/19630cf57233e845b6ac57c9c969a4888925467b (6.13-rc1) +CVE-2024-56680 [media: intel/ipu6: do not handle interrupts when device is disabled] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1429826883bb18847092b2e04c6598ef34bae1d4 (6.13-rc1) +CVE-2024-56679 [octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0fbc7a5027c6f7f2c785adae3dcec22b2f2b69b3 (6.13-rc1) +CVE-2024-56678 [powerpc/mm/fault: Fix kfence page fault reporting] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/06dbbb4d5f7126b6307ab807cbf04ecfc459b933 (6.13-rc1) +CVE-2024-56677 [powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init()] + - linux 6.12.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/05b94cae1c47f94588c3e7096963c1007c4d9c1d (6.13-rc1) +CVE-2024-56676 [thermal: testing: Initialize some variables annoteded with _free()] + - linux 6.12.3-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0104dcdaad3a7afd141e79a5fb817a92ada910ac (6.13-rc1) CVE-2024-54775 (Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting ...) NOT-FOR-US: Dcat-Admin CVE-2024-54774 (Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerabi ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c0249fc188d29bbbc38ebcd4462a78f27e92e4e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c0249fc188d29bbbc38ebcd4462a78f27e92e4e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
