forked from github/advisory-database
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
cdd9cad
commit d811a85
Showing
84 changed files
with
3,444 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
51 changes: 51 additions & 0 deletions
51
advisories/unreviewed/2024/04/GHSA-2595-73wg-wgrp/GHSA-2595-73wg-wgrp.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
{ | ||
"schema_version": "1.4.0", | ||
"id": "GHSA-2595-73wg-wgrp", | ||
"modified": "2024-04-03T15:30:42Z", | ||
"published": "2024-04-03T15:30:42Z", | ||
"aliases": [ | ||
"CVE-2023-52638" | ||
], | ||
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: prevent deadlock by changing j1939_socks_lock to rwlock\n\nThe following 3 locks would race against each other, causing the\ndeadlock situation in the Syzbot bug report:\n\n- j1939_socks_lock\n- active_session_list_lock\n- sk_session_queue_lock\n\nA reasonable fix is to change j1939_socks_lock to an rwlock, since in\nthe rare situations where a write lock is required for the linked list\nthat j1939_socks_lock is protecting, the code does not attempt to\nacquire any more locks. This would break the circular lock dependency,\nwhere, for example, the current thread already locks j1939_socks_lock\nand attempts to acquire sk_session_queue_lock, and at the same time,\nanother thread attempts to acquire j1939_socks_lock while holding\nsk_session_queue_lock.\n\nNOTE: This patch along does not fix the unregister_netdevice bug\nreported by Syzbot; instead, it solves a deadlock situation to prepare\nfor one or more further patches to actually fix the Syzbot bug, which\nappears to be a reference counting problem within the j1939 codebase.\n\n[mkl: remove unrelated newline change]", | ||
"severity": [ | ||
|
||
], | ||
"affected": [ | ||
|
||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52638" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/03358aba991668d3bb2c65b3c82aa32c36851170" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/26dfe112ec2e95fe0099681f6aec33da13c2dd8e" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/559b6322f9480bff68cfa98d108991e945a4f284" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/6cdedc18ba7b9dacc36466e27e3267d201948c8d" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/aedda066d717a0b4335d7e0a00b2e3a61e40afcf" | ||
} | ||
], | ||
"database_specific": { | ||
"cwe_ids": [ | ||
|
||
], | ||
"severity": null, | ||
"github_reviewed": false, | ||
"github_reviewed_at": null, | ||
"nvd_published_at": "2024-04-03T15:15:51Z" | ||
} | ||
} |
39 changes: 39 additions & 0 deletions
39
advisories/unreviewed/2024/04/GHSA-25pf-crf2-9cqg/GHSA-25pf-crf2-9cqg.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
{ | ||
"schema_version": "1.4.0", | ||
"id": "GHSA-25pf-crf2-9cqg", | ||
"modified": "2024-04-03T15:30:42Z", | ||
"published": "2024-04-03T15:30:42Z", | ||
"aliases": [ | ||
"CVE-2024-26699" | ||
], | ||
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr\n\n[Why]\nThere is a potential memory access violation while\niterating through array of dcn35 clks.\n\n[How]\nLimit iteration per array size.", | ||
"severity": [ | ||
|
||
], | ||
"affected": [ | ||
|
||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26699" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/46806e59a87790760870d216f54951a5b4d545bc" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb" | ||
} | ||
], | ||
"database_specific": { | ||
"cwe_ids": [ | ||
|
||
], | ||
"severity": null, | ||
"github_reviewed": false, | ||
"github_reviewed_at": null, | ||
"nvd_published_at": "2024-04-03T15:15:52Z" | ||
} | ||
} |
55 changes: 55 additions & 0 deletions
55
advisories/unreviewed/2024/04/GHSA-2mrh-g8f4-xvjv/GHSA-2mrh-g8f4-xvjv.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
{ | ||
"schema_version": "1.4.0", | ||
"id": "GHSA-2mrh-g8f4-xvjv", | ||
"modified": "2024-04-03T15:30:42Z", | ||
"published": "2024-04-03T15:30:42Z", | ||
"aliases": [ | ||
"CVE-2024-26695" | ||
], | ||
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked\n\nThe SEV platform device can be shutdown with a null psp_master,\ne.g., using DEBUG_TEST_DRIVER_REMOVE. Found using KASAN:\n\n[ 137.148210] ccp 0000:23:00.1: enabling device (0000 -> 0002)\n[ 137.162647] ccp 0000:23:00.1: no command queues available\n[ 137.170598] ccp 0000:23:00.1: sev enabled\n[ 137.174645] ccp 0000:23:00.1: psp enabled\n[ 137.178890] general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 137.182693] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7]\n[ 137.182693] CPU: 93 PID: 1 Comm: swapper/0 Not tainted 6.8.0-rc1+ #311\n[ 137.182693] RIP: 0010:__sev_platform_shutdown_locked+0x51/0x180\n[ 137.182693] Code: 08 80 3c 08 00 0f 85 0e 01 00 00 48 8b 1d 67 b6 01 08 48 b8 00 00 00 00 00 fc ff df 48 8d bb f0 00 00 00 48 89 f9 48 c1 e9 03 <80> 3c 01 00 0f 85 fe 00 00 00 48 8b 9b f0 00 00 00 48 85 db 74 2c\n[ 137.182693] RSP: 0018:ffffc900000cf9b0 EFLAGS: 00010216\n[ 137.182693] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 000000000000001e\n[ 137.182693] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00000000000000f0\n[ 137.182693] RBP: ffffc900000cf9c8 R08: 0000000000000000 R09: fffffbfff58f5a66\n[ 137.182693] R10: ffffc900000cf9c8 R11: ffffffffac7ad32f R12: ffff8881e5052c28\n[ 137.182693] R13: ffff8881e5052c28 R14: ffff8881758e43e8 R15: ffffffffac64abf8\n[ 137.182693] FS: 0000000000000000(0000) GS:ffff889de7000000(0000) knlGS:0000000000000000\n[ 137.182693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 137.182693] CR2: 0000000000000000 CR3: 0000001cf7c7e000 CR4: 0000000000350ef0\n[ 137.182693] Call Trace:\n[ 137.182693] <TASK>\n[ 137.182693] ? show_regs+0x6c/0x80\n[ 137.182693] ? __die_body+0x24/0x70\n[ 137.182693] ? die_addr+0x4b/0x80\n[ 137.182693] ? exc_general_protection+0x126/0x230\n[ 137.182693] ? asm_exc_general_protection+0x2b/0x30\n[ 137.182693] ? __sev_platform_shutdown_locked+0x51/0x180\n[ 137.182693] sev_firmware_shutdown.isra.0+0x1e/0x80\n[ 137.182693] sev_dev_destroy+0x49/0x100\n[ 137.182693] psp_dev_destroy+0x47/0xb0\n[ 137.182693] sp_destroy+0xbb/0x240\n[ 137.182693] sp_pci_remove+0x45/0x60\n[ 137.182693] pci_device_remove+0xaa/0x1d0\n[ 137.182693] device_remove+0xc7/0x170\n[ 137.182693] really_probe+0x374/0xbe0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] __driver_probe_device+0x199/0x460\n[ 137.182693] driver_probe_device+0x4e/0xd0\n[ 137.182693] __driver_attach+0x191/0x3d0\n[ 137.182693] ? __pfx___driver_attach+0x10/0x10\n[ 137.182693] bus_for_each_dev+0x100/0x190\n[ 137.182693] ? __pfx_bus_for_each_dev+0x10/0x10\n[ 137.182693] ? __kasan_check_read+0x15/0x20\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? _raw_spin_unlock+0x27/0x50\n[ 137.182693] driver_attach+0x41/0x60\n[ 137.182693] bus_add_driver+0x2a8/0x580\n[ 137.182693] driver_register+0x141/0x480\n[ 137.182693] __pci_register_driver+0x1d6/0x2a0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? esrt_sysfs_init+0x1cd/0x5d0\n[ 137.182693] ? __pfx_sp_mod_init+0x10/0x10\n[ 137.182693] sp_pci_init+0x22/0x30\n[ 137.182693] sp_mod_init+0x14/0x30\n[ 137.182693] ? __pfx_sp_mod_init+0x10/0x10\n[ 137.182693] do_one_initcall+0xd1/0x470\n[ 137.182693] ? __pfx_do_one_initcall+0x10/0x10\n[ 137.182693] ? parameq+0x80/0xf0\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] ? __kmalloc+0x3b0/0x4e0\n[ 137.182693] ? kernel_init_freeable+0x92d/0x1050\n[ 137.182693] ? kasan_populate_vmalloc_pte+0x171/0x190\n[ 137.182693] ? srso_return_thunk+0x5/0x5f\n[ 137.182693] kernel_init_freeable+0xa64/0x1050\n[ 137.182693] ? __pfx_kernel_init+0x10/0x10\n[ 137.182693] kernel_init+0x24/0x160\n[ 137.182693] ? __switch_to_asm+0x3e/0x70\n[ 137.182693] ret_from_fork+0x40/0x80\n[ 137.182693] ? __pfx_kernel_init+0x1\n---truncated---", | ||
"severity": [ | ||
|
||
], | ||
"affected": [ | ||
|
||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26695" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/58054faf3bd29cd0b949b77efcb6157f66f401ed" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/7535ec350a5f09b5756a7607f5582913f21200f4" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/8731fe001a60581794ed9cf65da8cd304846a6fb" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/88aa493f393d2ee38ac140e1f6ac1881346e85d4" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/b5909f197f3b26aebedca7d8ac7b688fd993a266" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/ccb88e9549e7cfd8bcd511c538f437e20026e983" | ||
} | ||
], | ||
"database_specific": { | ||
"cwe_ids": [ | ||
|
||
], | ||
"severity": null, | ||
"github_reviewed": false, | ||
"github_reviewed_at": null, | ||
"nvd_published_at": "2024-04-03T15:15:52Z" | ||
} | ||
} |
43 changes: 43 additions & 0 deletions
43
advisories/unreviewed/2024/04/GHSA-2vp9-gjfg-fmgw/GHSA-2vp9-gjfg-fmgw.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
{ | ||
"schema_version": "1.4.0", | ||
"id": "GHSA-2vp9-gjfg-fmgw", | ||
"modified": "2024-04-03T15:30:43Z", | ||
"published": "2024-04-03T15:30:43Z", | ||
"aliases": [ | ||
"CVE-2024-26710" | ||
], | ||
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/kasan: Limit KASAN thread size increase to 32KB\n\nKASAN is seen to increase stack usage, to the point that it was reported\nto lead to stack overflow on some 32-bit machines (see link).\n\nTo avoid overflows the stack size was doubled for KASAN builds in\ncommit 3e8635fb2e07 (\"powerpc/kasan: Force thread size increase with\nKASAN\").\n\nHowever with a 32KB stack size to begin with, the doubling leads to a\n64KB stack, which causes build errors:\n arch/powerpc/kernel/switch.S:249: Error: operand out of range (0x000000000000fe50 is not between 0xffffffffffff8000 and 0x0000000000007fff)\n\nAlthough the asm could be reworked, in practice a 32KB stack seems\nsufficient even for KASAN builds - the additional usage seems to be in\nthe 2-3KB range for a 64-bit KASAN build.\n\nSo only increase the stack for KASAN if the stack size is < 32KB.", | ||
"severity": [ | ||
|
||
], | ||
"affected": [ | ||
|
||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26710" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/4297217bcf1f0948a19c2bacc6b68d92e7778ad9" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/4cc31fa07445879a13750cb061bb8c2654975fcb" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://git.kernel.org/stable/c/b29b16bd836a838b7690f80e37f8376414c74cbe" | ||
} | ||
], | ||
"database_specific": { | ||
"cwe_ids": [ | ||
|
||
], | ||
"severity": null, | ||
"github_reviewed": false, | ||
"github_reviewed_at": null, | ||
"nvd_published_at": "2024-04-03T15:15:53Z" | ||
} | ||
} |
Oops, something went wrong.