-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-12-06T21:00:29.499285+00:00
- Loading branch information
1 parent
2e7194f
commit c8c9260
Showing
74 changed files
with
4,807 additions
and
570 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2021-47024", | ||
| "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "published": "2024-02-28T09:15:39.243", | ||
| "lastModified": "2024-02-28T14:06:45.783", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-06T20:53:23.077", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -15,23 +15,131 @@ | |
| "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: vsock/virtio: paquetes libres en cola al cerrar el socket Seg\u00fan lo informado por syzbot [1], hay una p\u00e9rdida de memoria al cerrar el socket. Resolvimos parcialmente este problema con el compromiso ac03046ece2b (\"vsock/virtio: paquetes libres durante el lanzamiento del socket\"), pero nos olvidamos de vaciar la cola RX cuando el trabajo programado cierra definitivamente el socket. Para evitar problemas futuros, usemos el nuevo virtio_transport_remove_sock() para drenar la cola RX antes de eliminar el socket de las listas af_vsock llamando a vsock_remove_sock(). [1] https://syzkaller.appspot.com/bug?extid=24452624fc4c571eedd9" | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", | ||
| "baseScore": 5.5, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 3.6 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-401" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.2", | ||
| "versionEndExcluding": "5.10.37", | ||
| "matchCriteriaId": "CAD59DAB-9845-41C5-9D7A-EB9C40A85BE5" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.11", | ||
| "versionEndExcluding": "5.11.21", | ||
| "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.12", | ||
| "versionEndExcluding": "5.12.4", | ||
| "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/27691665145e74a45034a9dccf1150cf1894763a", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/37c38674ef2f8d7e8629e5d433c37d6c1273d16b", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/8432b8114957235f42e070a16118a7f750de9d39", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/b605673b523fe33abeafb2136759bcbc9c1e6ebf", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/27691665145e74a45034a9dccf1150cf1894763a", | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/37c38674ef2f8d7e8629e5d433c37d6c1273d16b", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/8432b8114957235f42e070a16118a7f750de9d39", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/b605673b523fe33abeafb2136759bcbc9c1e6ebf", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2021-47028", | ||
| "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "published": "2024-02-28T09:15:39.430", | ||
| "lastModified": "2024-02-28T14:06:45.783", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-06T20:53:43.170", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -15,19 +15,110 @@ | |
| "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mt76: mt7915: corrige informes txrate Verifique correctamente rate_info para corregir informes inesperados. [ 1215.161863] Rastreo de llamadas: [ 1215.164307] cfg80211_calculate_bitrate+0x124/0x200 [cfg80211] [ 1215.170139] ieee80211s_update_metric+0x80/0xc0 [mac80211] [ 1215.17562 4] ieee80211_tx_status_ext+0x508/0x838 [mac80211] [1215.181190] mt7915_mcu_get_rx_rate+0x28c/0x8d0 [mt7915e] [ 1215.186580] mt7915_mac_tx_free+0x324/0x7c0 [mt7915e] [ 1215.191623] mt7915_queue_rx_skb+0xa8/0xd0 [mt7915e] [ 1215.196582] mt76_dma_cleanup+0x7b 0/0x11d0 [mt76] [ 1215.201276] __napi_poll+0x38/0xf8 [ 1215.204668] napi_workfn+0x40/0x80 [ 1215.208062] proceso_one_work+0x1fc/0x390 [ 1215.212062] hilo_trabajador+0x48/0x4d0 [ 1215.215715] kthread+0x120/0x128 [ 1215.218935] ret_from_fork+0x10/0x1c" | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", | ||
| "baseScore": 7.8, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "NVD-CWE-noinfo" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.8", | ||
| "versionEndExcluding": "5.11.21", | ||
| "matchCriteriaId": "C929D54B-4901-4DE8-B5BD-53E25B3FCFB8" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.12", | ||
| "versionEndExcluding": "5.12.4", | ||
| "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/4bd926e5ca88eac4d95eacb806b229f8729bc62e", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/dfc8a71448c7d4fec38fb22bdc8a76d79c14b6da", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/f43b941fd61003659a3f0e039595e5e525917aa8", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/4bd926e5ca88eac4d95eacb806b229f8729bc62e", | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/dfc8a71448c7d4fec38fb22bdc8a76d79c14b6da", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/f43b941fd61003659a3f0e039595e5e525917aa8", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2021-47030", | ||
| "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "published": "2024-02-28T09:15:39.530", | ||
| "lastModified": "2024-02-28T14:06:45.783", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-12-06T20:54:28.907", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -15,15 +15,89 @@ | |
| "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mt76: mt7615: corrige la p\u00e9rdida de memoria en mt7615_coredump_work. Similar al problema solucionado en mt7921_coredump_work, soluciona una posible p\u00e9rdida de memoria en la rutina mt7615_coredump_work." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", | ||
| "baseScore": 5.5, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 1.8, | ||
| "impactScore": 3.6 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-401" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", | ||
| "versionStartIncluding": "5.12", | ||
| "versionEndExcluding": "5.12.4", | ||
| "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/49cc85059a2cb656f96ff3693f891e8fe8f669a9", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/54b989653c5531bc4416ced33f146b9cb633d978", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/49cc85059a2cb656f96ff3693f891e8fe8f669a9", | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://git.kernel.org/stable/c/54b989653c5531bc4416ced33f146b9cb633d978", | ||
| "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" | ||
| "source": "af854a3a-2127-422b-91ae-364da2661108", | ||
| "tags": [ | ||
| "Patch" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
Oops, something went wrong.