Auto-Update: 2024-12-07T09:00:19.918550+00:00

fkie-cad · Dec 7, 2024 · 740f7e1 · 740f7e1
1 parent 6819171
commit 740f7e1
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 5 deletions.
diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53143.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53143.json
@@ -0,0 +1,29 @@
+{
+  "id": "CVE-2024-53143",
+  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+  "published": "2024-12-07T07:15:03.780",
+  "lastModified": "2024-12-07T07:15:03.780",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: Fix ordering of iput() and watched_objects decrement\n\nEnsure the superblock is kept alive until we're done with iput().\nHolding a reference to an inode is not allowed unless we ensure the\nsuperblock stays alive, which fsnotify does by keeping the\nwatched_objects count elevated, so iput() must happen before the\nwatched_objects decrement.\nThis can lead to a UAF of something like sb->s_fs_info in tmpfs, but the\nUAF is hard to hit because race orderings that oops are more likely, thanks\nto the CHECK_DATA_CORRUPTION() block in generic_shutdown_super().\n\nAlso, ensure that fsnotify_put_sb_watched_objects() doesn't call\nfsnotify_sb_watched_objects() on a superblock that may have already been\nfreed, which would cause a UAF read of sb->s_fsnotify_info."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://git.kernel.org/stable/c/21d1b618b6b9da46c5116c640ac4b1cc8d40d63a",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    },
+    {
+      "url": "https://git.kernel.org/stable/c/45a8f8232a495221ed058191629f5c628f21601a",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    },
+    {
+      "url": "https://git.kernel.org/stable/c/83af1cfa10d9aafdabd06b3655e07727f373b434",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    }
+  ]
+}
diff --git a/README.md b/README.md
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-07T07:00:19.319460+00:00
+2024-12-07T09:00:19.918550+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-07T06:15:17.760000+00:00
+2024-12-07T07:15:03.780000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-272467
+272468
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `1`
 
-- [CVE-2024-11183](CVE-2024/CVE-2024-111xx/CVE-2024-11183.json) (`2024-12-07T06:15:17.760`)
+- [CVE-2024-53143](CVE-2024/CVE-2024-531xx/CVE-2024-53143.json) (`2024-12-07T07:15:03.780`)
 
 
 ### CVEs modified in the last Commit

diff --git a/_state.csv b/_state.csv
@@ -243589,7 +243589,7 @@ CVE-2024-11178,0,0,88fd37ec83f58799851dee6171e6aa96459a237aab617357fda7452771f05
 CVE-2024-11179,0,0,38e54346776befead02bb0d90bed5d6fc177bf14c23bd48810b55bacf50173db,2024-11-22T16:55:03.947000
 CVE-2024-1118,0,0,6c399aaded9e96cfac900ecbd30e202d5a6a42d5625667c3de9725b65dc62fc3,2024-02-10T04:13:01.030000
 CVE-2024-11182,0,0,550276b9543adbab2608aeeaeb156b493c7ea7fcd794d8e2722b73a2104ac612,2024-11-19T19:08:15.657000
-CVE-2024-11183,1,1,187fbdbb4171509d71ccef34c529fe0d8935deb2251a1314959bc55e2e7386cc,2024-12-07T06:15:17.760000
+CVE-2024-11183,0,0,187fbdbb4171509d71ccef34c529fe0d8935deb2251a1314959bc55e2e7386cc,2024-12-07T06:15:17.760000
 CVE-2024-11188,0,0,3d2e4d2dec7cd3cc94060cc2808eb6bec0162c5aa4b5fe4b6246065e84f2f8e8,2024-11-23T06:15:17.570000
 CVE-2024-1119,0,0,5426bc48e63724893c52e881a8535fb7954cf4e6383fc287bdb9896410f7d3a0,2024-03-20T13:00:16.367000
 CVE-2024-11192,0,0,6459d53f4b13b67cafe19770c37c9f2208043c5b0b1fa605bd9e7fc206926de6,2024-11-26T09:15:05.563000
@@ -268268,6 +268268,7 @@ CVE-2024-5314,0,0,a7cdac28c15b59d972bbd1ad7f63aae58232f4c63fcf8544d4cfc91c709ee3
 CVE-2024-53140,0,0,1e305e6de8211be0acb862b44bf00edd966f43bd03f0e8788aef5f08b97bf852,2024-12-05T12:15:19.703000
 CVE-2024-53141,0,0,8dcf63cfdc9cf4d0527b568647b1a6489fcae499da26312159d8d87ad0e79349,2024-12-06T10:15:06.050000
 CVE-2024-53142,0,0,50b6b64348c1d5bb40e5d9bac14bede9a65147157b83dfb4254c83dd923b1b4a,2024-12-06T10:15:06.203000
+CVE-2024-53143,1,1,58aea596a92f51ecb8e396a2e6f1085ce03cd820c5355e9f3433d5e31dfbde48,2024-12-07T07:15:03.780000
 CVE-2024-5315,0,0,8579169b825e98cf3238daa1adb0a4d2ea9e4baf40a7a9906b16d52fd8bd309a,2024-05-24T13:03:05.093000
 CVE-2024-5317,0,0,ca9413f34c0b442e0ebe516eaf4713c47241a346ee54ab90be673b58c28dbb75,2024-06-11T17:22:08.007000
 CVE-2024-5318,0,0,837e96b053ddf8bba826c345247317ae9421322227a87d1660e3de27e2bfd29a,2024-10-03T07:15:31.463000