From a93ea1c987a9a71db43b04f512a79f6993020023 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 12 Jan 2025 00:23:49 +0000 Subject: [PATCH] generated content from 2025-01-12 --- mapping.csv | 88 +++++++++++++++++++ ...-014ae561-f5d1-410a-b5cd-88443946212c.json | 22 +++++ ...-0792bbb5-a943-458f-b673-af1eb6f5be18.json | 22 +++++ ...-112897d9-c625-4341-854b-8e68457fb576.json | 22 +++++ ...-1546f206-b249-4583-8575-ad2be3951b36.json | 22 +++++ ...-1d7355a0-26a7-486c-9b70-bca40fcda56c.json | 22 +++++ ...-21941b8b-24b0-45f9-9629-084d325ac4d6.json | 22 +++++ ...-26e75131-48c8-4ed9-b393-aa41ef175c2f.json | 22 +++++ ...-28ee1e04-5586-4ded-b11e-64d9965148bb.json | 22 +++++ ...-2b31d55f-e185-4042-9179-192e24116594.json | 22 +++++ ...-2cfc634f-6324-4e44-b913-ac1ccff3b26a.json | 22 +++++ ...-2f6b61d6-cede-4408-aac4-da87857008e5.json | 22 +++++ ...-367ca5be-b6fb-4e73-8d83-143257d774a6.json | 22 +++++ ...-36965fcd-1e34-4cc7-9b05-ffea18b83cc5.json | 22 +++++ ...-388e9388-fc6d-4c42-8591-b55766f7083b.json | 22 +++++ ...-39b8e725-d99b-4e0b-816d-173ba6a78746.json | 22 +++++ ...-3de19761-8a87-4461-be09-ec351f710db7.json | 22 +++++ ...-3e97788d-3e73-4420-9e08-e37a00717c92.json | 22 +++++ ...-429e9d62-faf6-4bd8-92c8-99bbc90dce42.json | 22 +++++ ...-451106de-4ac3-4843-ba98-e912938ca653.json | 22 +++++ ...-47b1edc0-c78c-418f-b2b5-eedc64bff448.json | 22 +++++ ...-4b236d88-e7cd-4761-9504-5970de474369.json | 22 +++++ ...-508a70ae-abe9-4d9c-836f-5f4784a54eb4.json | 22 +++++ ...-51d35636-ff22-4fff-b42f-128f781cf71f.json | 22 +++++ ...-57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd.json | 22 +++++ ...-5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec.json | 22 +++++ ...-6032c00b-e8a1-48f6-8745-d6ea55cb5a1f.json | 22 +++++ ...-62b6c9da-96b6-4bf7-9521-d7b1277fb938.json | 22 +++++ ...-64af324e-5546-4b13-9a25-64b3bb2cfecb.json | 22 +++++ ...-670b0d74-493a-4799-b161-f40129ce673e.json | 22 +++++ ...-778e0443-a336-4ca0-a3ae-24052f2b086c.json | 22 +++++ ...-78b049db-3ddb-41ed-9b50-fd4b6e8d0af3.json | 22 +++++ ...-78fa1137-ef7d-4af7-a79f-5434685ceb19.json | 22 +++++ ...-7b922828-ee4c-4840-a4f9-034010fbf492.json | 22 +++++ ...-7bf30e67-77f0-4fe6-965e-ee7e23b72c9d.json | 22 +++++ ...-80544640-af23-4fb9-96cf-57cc3991fe6f.json | 22 +++++ ...-8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5.json | 22 +++++ ...-8557a0ce-c721-4a17-93d3-8f18ff94474c.json | 22 +++++ ...-886ca903-c0b9-437a-afd0-4f40bd3aedf3.json | 22 +++++ ...-893f5821-98a0-4156-8116-309222489843.json | 22 +++++ ...-8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0.json | 22 +++++ ...-8bb5e866-0f89-47bf-b7e4-866226d00e3f.json | 22 +++++ ...-8c45ec8b-c879-470c-beb8-a4ffff77d7e8.json | 22 +++++ ...-8db2b69a-7b2e-4d58-9d07-4db1284a1452.json | 22 +++++ ...-93065a56-a497-410a-a3c6-c878c73f875e.json | 22 +++++ ...-94939201-04a6-4609-ab3e-2373c0fb49fe.json | 22 +++++ ...-960fcdbe-d490-46ea-9b0b-2274b55caa8d.json | 22 +++++ ...-9a9cf425-f462-4c99-85f4-33afc71d471a.json | 22 +++++ ...-9c4e8ce1-6607-4ca3-a14d-181804800371.json | 22 +++++ ...-9c7de0df-5c15-498d-87b9-117b9c48e364.json | 22 +++++ ...-9d60cfd7-7e21-467e-aea1-057c432070ac.json | 22 +++++ ...-9f1ac88e-4721-470e-8ad9-dd75ac340b52.json | 22 +++++ ...-a2afe342-585f-4ab6-abb3-9966959525b4.json | 22 +++++ ...-a42855ef-6f7e-48ec-917f-bcdb2bfefce5.json | 22 +++++ ...-a55e4fb3-21c2-496c-8324-e0aaa86698a8.json | 22 +++++ ...-acb8cf8c-5ba0-40e4-b936-c5192df7c8bc.json | 22 +++++ ...-b023bd0e-809d-4b0b-9758-33976641b31a.json | 22 +++++ ...-b08ae1ef-ed83-4507-9a47-b8a83ee3f753.json | 22 +++++ ...-b732fb0e-4e16-48c9-b53e-b77f23927286.json | 22 +++++ ...-baf197e7-9ef5-496b-a358-fb6594c64ef3.json | 22 +++++ ...-c388cb8f-bbb5-4f49-b68a-5cafde9c5d02.json | 22 +++++ ...-c6ba7e2d-891e-4ea4-beff-c8966c5b34a5.json | 22 +++++ ...-cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0.json | 22 +++++ ...-cec1af85-b60e-4e24-a5ac-7f129be35bd7.json | 22 +++++ ...-cf4dfbd1-b5d6-48af-a144-149da9d8e3e3.json | 22 +++++ ...-d39a752c-fea1-4850-a767-6f686c2fc6a5.json | 22 +++++ ...-d47aa4bf-e369-4977-9616-0c144820c5cc.json | 22 +++++ ...-d64bfe37-d147-4942-bbfa-c2248582d3ac.json | 22 +++++ ...-d6a51e0e-b55c-4c6e-9893-067425748d40.json | 22 +++++ ...-d8256fd1-fab2-4a3c-aed9-fa1e815367a4.json | 22 +++++ ...-d9c38196-8a56-4784-8dc8-11e84974111e.json | 22 +++++ ...-df37b937-9c76-4267-9a43-9505b1564cc7.json | 22 +++++ ...-df60cb9b-0914-492f-9bff-080eafae42f6.json | 22 +++++ ...-e06b7ed8-c0a1-46ae-a639-204a96960d94.json | 22 +++++ ...-e1b8772a-f841-4882-b27f-0b2c9645bb94.json | 22 +++++ ...-e2fbdd9a-ce55-4859-9f1b-4c4a223255d9.json | 22 +++++ ...-e7a23e5a-2fbc-466d-ae9f-28680252026b.json | 22 +++++ ...-e7ea5539-7d65-4327-9a50-cc4f7b6e25a0.json | 22 +++++ ...-ea51c7f3-bce5-4305-9759-20406df5e4b0.json | 22 +++++ ...-eb04c674-dc6b-46da-a55b-3c1f4e075846.json | 22 +++++ ...-ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec.json | 22 +++++ ...-f050577f-5420-4ca7-8d35-709b86cb79f3.json | 22 +++++ ...-f269999d-83b0-4119-8608-0427970d4b52.json | 22 +++++ ...-f55aa9fc-10a2-404e-97c0-22f560d0b052.json | 22 +++++ ...-f78dd09d-2c90-4ed4-921d-014840fc56f8.json | 22 +++++ ...-fd304b88-a717-4a56-8de1-2bdc268f7868.json | 22 +++++ ...-fe719ccb-3c29-479a-968a-36aabbe16689.json | 22 +++++ ...-fea4b886-7be8-48d7-a548-8077914ee0b5.json | 22 +++++ ...-ffc9bfea-1dc9-40fc-821c-58d79802fa90.json | 22 +++++ 89 files changed, 2024 insertions(+) create mode 100644 objects/vulnerability/vulnerability--014ae561-f5d1-410a-b5cd-88443946212c.json create mode 100644 objects/vulnerability/vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18.json create mode 100644 objects/vulnerability/vulnerability--112897d9-c625-4341-854b-8e68457fb576.json create mode 100644 objects/vulnerability/vulnerability--1546f206-b249-4583-8575-ad2be3951b36.json create mode 100644 objects/vulnerability/vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c.json create mode 100644 objects/vulnerability/vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6.json create mode 100644 objects/vulnerability/vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f.json create mode 100644 objects/vulnerability/vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb.json create mode 100644 objects/vulnerability/vulnerability--2b31d55f-e185-4042-9179-192e24116594.json create mode 100644 objects/vulnerability/vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a.json create mode 100644 objects/vulnerability/vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5.json create mode 100644 objects/vulnerability/vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6.json create mode 100644 objects/vulnerability/vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5.json create mode 100644 objects/vulnerability/vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b.json create mode 100644 objects/vulnerability/vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746.json create mode 100644 objects/vulnerability/vulnerability--3de19761-8a87-4461-be09-ec351f710db7.json create mode 100644 objects/vulnerability/vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92.json create mode 100644 objects/vulnerability/vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42.json create mode 100644 objects/vulnerability/vulnerability--451106de-4ac3-4843-ba98-e912938ca653.json create mode 100644 objects/vulnerability/vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448.json create mode 100644 objects/vulnerability/vulnerability--4b236d88-e7cd-4761-9504-5970de474369.json create mode 100644 objects/vulnerability/vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4.json create mode 100644 objects/vulnerability/vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f.json create mode 100644 objects/vulnerability/vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd.json create mode 100644 objects/vulnerability/vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec.json create mode 100644 objects/vulnerability/vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f.json create mode 100644 objects/vulnerability/vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938.json create mode 100644 objects/vulnerability/vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb.json create mode 100644 objects/vulnerability/vulnerability--670b0d74-493a-4799-b161-f40129ce673e.json create mode 100644 objects/vulnerability/vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c.json create mode 100644 objects/vulnerability/vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3.json create mode 100644 objects/vulnerability/vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19.json create mode 100644 objects/vulnerability/vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492.json create mode 100644 objects/vulnerability/vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d.json create mode 100644 objects/vulnerability/vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f.json create mode 100644 objects/vulnerability/vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5.json create mode 100644 objects/vulnerability/vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c.json create mode 100644 objects/vulnerability/vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3.json create mode 100644 objects/vulnerability/vulnerability--893f5821-98a0-4156-8116-309222489843.json create mode 100644 objects/vulnerability/vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0.json create mode 100644 objects/vulnerability/vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f.json create mode 100644 objects/vulnerability/vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8.json create mode 100644 objects/vulnerability/vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452.json create mode 100644 objects/vulnerability/vulnerability--93065a56-a497-410a-a3c6-c878c73f875e.json create mode 100644 objects/vulnerability/vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe.json create mode 100644 objects/vulnerability/vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d.json create mode 100644 objects/vulnerability/vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a.json create mode 100644 objects/vulnerability/vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371.json create mode 100644 objects/vulnerability/vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364.json create mode 100644 objects/vulnerability/vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac.json create mode 100644 objects/vulnerability/vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52.json create mode 100644 objects/vulnerability/vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4.json create mode 100644 objects/vulnerability/vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5.json create mode 100644 objects/vulnerability/vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8.json create mode 100644 objects/vulnerability/vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc.json create mode 100644 objects/vulnerability/vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a.json create mode 100644 objects/vulnerability/vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753.json create mode 100644 objects/vulnerability/vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286.json create mode 100644 objects/vulnerability/vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3.json create mode 100644 objects/vulnerability/vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02.json create mode 100644 objects/vulnerability/vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5.json create mode 100644 objects/vulnerability/vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0.json create mode 100644 objects/vulnerability/vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7.json create mode 100644 objects/vulnerability/vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3.json create mode 100644 objects/vulnerability/vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5.json create mode 100644 objects/vulnerability/vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc.json create mode 100644 objects/vulnerability/vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac.json create mode 100644 objects/vulnerability/vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40.json create mode 100644 objects/vulnerability/vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4.json create mode 100644 objects/vulnerability/vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e.json create mode 100644 objects/vulnerability/vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7.json create mode 100644 objects/vulnerability/vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6.json create mode 100644 objects/vulnerability/vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94.json create mode 100644 objects/vulnerability/vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94.json create mode 100644 objects/vulnerability/vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9.json create mode 100644 objects/vulnerability/vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b.json create mode 100644 objects/vulnerability/vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0.json create mode 100644 objects/vulnerability/vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0.json create mode 100644 objects/vulnerability/vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846.json create mode 100644 objects/vulnerability/vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec.json create mode 100644 objects/vulnerability/vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3.json create mode 100644 objects/vulnerability/vulnerability--f269999d-83b0-4119-8608-0427970d4b52.json create mode 100644 objects/vulnerability/vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052.json create mode 100644 objects/vulnerability/vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8.json create mode 100644 objects/vulnerability/vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868.json create mode 100644 objects/vulnerability/vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689.json create mode 100644 objects/vulnerability/vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5.json create mode 100644 objects/vulnerability/vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90.json diff --git a/mapping.csv b/mapping.csv index 57e7cc0aaca..f1df0f6c571 100644 --- a/mapping.csv +++ b/mapping.csv @@ -262916,3 +262916,91 @@ vulnerability,CVE-2025-23078,vulnerability--4c2fae7e-fac8-4527-9d6d-198cb63dc104 vulnerability,CVE-2025-23016,vulnerability--03787242-183b-45a6-aec8-687072ab084c vulnerability,CVE-2025-23079,vulnerability--091d1c97-18a2-497b-9917-40855ce16cfb vulnerability,CVE-2025-0311,vulnerability--685024a3-d7b0-4766-b3c4-5fee0b4ecec4 +vulnerability,CVE-2024-48873,vulnerability--014ae561-f5d1-410a-b5cd-88443946212c +vulnerability,CVE-2024-48881,vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d +vulnerability,CVE-2024-48875,vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb +vulnerability,CVE-2024-48876,vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f +vulnerability,CVE-2024-52332,vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4 +vulnerability,CVE-2024-45828,vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938 +vulnerability,CVE-2024-12520,vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c +vulnerability,CVE-2024-12204,vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac +vulnerability,CVE-2024-12627,vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5 +vulnerability,CVE-2024-12472,vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c +vulnerability,CVE-2024-12304,vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a +vulnerability,CVE-2024-12116,vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364 +vulnerability,CVE-2024-12587,vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19 +vulnerability,CVE-2024-12527,vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f +vulnerability,CVE-2024-12519,vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40 +vulnerability,CVE-2024-12407,vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc +vulnerability,CVE-2024-12404,vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753 +vulnerability,CVE-2024-12412,vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b +vulnerability,CVE-2024-12505,vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3 +vulnerability,CVE-2024-12877,vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8 +vulnerability,CVE-2024-47794,vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b +vulnerability,CVE-2024-47143,vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3 +vulnerability,CVE-2024-47809,vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0 +vulnerability,CVE-2024-47408,vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868 +vulnerability,CVE-2024-47141,vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94 +vulnerability,CVE-2024-50051,vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e +vulnerability,CVE-2024-11874,vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52 +vulnerability,CVE-2024-11386,vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94 +vulnerability,CVE-2024-11327,vulnerability--2b31d55f-e185-4042-9179-192e24116594 +vulnerability,CVE-2024-11892,vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452 +vulnerability,CVE-2024-11758,vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746 +vulnerability,CVE-2024-11915,vulnerability--451106de-4ac3-4843-ba98-e912938ca653 +vulnerability,CVE-2024-53680,vulnerability--3de19761-8a87-4461-be09-ec351f710db7 +vulnerability,CVE-2024-53687,vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d +vulnerability,CVE-2024-53682,vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42 +vulnerability,CVE-2024-53689,vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052 +vulnerability,CVE-2024-41932,vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92 +vulnerability,CVE-2024-41935,vulnerability--112897d9-c625-4341-854b-8e68457fb576 +vulnerability,CVE-2024-41149,vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286 +vulnerability,CVE-2024-54683,vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3 +vulnerability,CVE-2024-54460,vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02 +vulnerability,CVE-2024-54191,vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0 +vulnerability,CVE-2024-55916,vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18 +vulnerability,CVE-2024-55881,vulnerability--4b236d88-e7cd-4761-9504-5970de474369 +vulnerability,CVE-2024-55642,vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0 +vulnerability,CVE-2024-55641,vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb +vulnerability,CVE-2024-55639,vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c +vulnerability,CVE-2024-49568,vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689 +vulnerability,CVE-2024-49569,vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90 +vulnerability,CVE-2024-57838,vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc +vulnerability,CVE-2024-57849,vulnerability--893f5821-98a0-4156-8116-309222489843 +vulnerability,CVE-2024-57877,vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6 +vulnerability,CVE-2024-57843,vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6 +vulnerability,CVE-2024-57809,vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5 +vulnerability,CVE-2024-57874,vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5 +vulnerability,CVE-2024-57881,vulnerability--1546f206-b249-4583-8575-ad2be3951b36 +vulnerability,CVE-2024-57839,vulnerability--670b0d74-493a-4799-b161-f40129ce673e +vulnerability,CVE-2024-57872,vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f +vulnerability,CVE-2024-57791,vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec +vulnerability,CVE-2024-57879,vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8 +vulnerability,CVE-2024-57880,vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3 +vulnerability,CVE-2024-57804,vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9 +vulnerability,CVE-2024-57850,vulnerability--f269999d-83b0-4119-8608-0427970d4b52 +vulnerability,CVE-2024-57876,vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3 +vulnerability,CVE-2024-57875,vulnerability--93065a56-a497-410a-a3c6-c878c73f875e +vulnerability,CVE-2024-57878,vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a +vulnerability,CVE-2024-56788,vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5 +vulnerability,CVE-2024-56368,vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac +vulnerability,CVE-2024-46896,vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd +vulnerability,CVE-2024-42173,vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5 +vulnerability,CVE-2024-42175,vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7 +vulnerability,CVE-2024-42170,vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371 +vulnerability,CVE-2024-42168,vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f +vulnerability,CVE-2024-42172,vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a +vulnerability,CVE-2024-42169,vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4 +vulnerability,CVE-2024-42174,vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448 +vulnerability,CVE-2024-42171,vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492 +vulnerability,CVE-2024-43098,vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7 +vulnerability,CVE-2025-23108,vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec +vulnerability,CVE-2025-23109,vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846 +vulnerability,CVE-2025-0106,vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8 +vulnerability,CVE-2025-0105,vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4 +vulnerability,CVE-2025-0390,vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe +vulnerability,CVE-2025-0104,vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0 +vulnerability,CVE-2025-0392,vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f +vulnerability,CVE-2025-0107,vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5 +vulnerability,CVE-2025-0391,vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5 +vulnerability,CVE-2025-0103,vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6 diff --git a/objects/vulnerability/vulnerability--014ae561-f5d1-410a-b5cd-88443946212c.json b/objects/vulnerability/vulnerability--014ae561-f5d1-410a-b5cd-88443946212c.json new file mode 100644 index 00000000000..7396caaa9c6 --- /dev/null +++ b/objects/vulnerability/vulnerability--014ae561-f5d1-410a-b5cd-88443946212c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea705c77-43f2-43f5-b306-2faca242d5ac", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--014ae561-f5d1-410a-b5cd-88443946212c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:19.833041Z", + "modified": "2025-01-12T00:23:19.833041Z", + "name": "CVE-2024-48873", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: check return value of ieee80211_probereq_get() for RNR\n\nThe return value of ieee80211_probereq_get() might be NULL, so check it\nbefore using to avoid NULL pointer access.\n\nAddresses-Coverity-ID: 1529805 (\"Dereference null return value\")", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48873" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18.json b/objects/vulnerability/vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18.json new file mode 100644 index 00000000000..bfa7ee1d975 --- /dev/null +++ b/objects/vulnerability/vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cd2b5739-318b-4a34-86ac-c7354d4f9e31", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0792bbb5-a943-458f-b673-af1eb6f5be18", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.539564Z", + "modified": "2025-01-12T00:23:21.539564Z", + "name": "CVE-2024-55916", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: util: Avoid accessing a ringbuffer not initialized yet\n\nIf the KVP (or VSS) daemon starts before the VMBus channel's ringbuffer is\nfully initialized, we can hit the panic below:\n\nhv_utils: Registering HyperV Utility Driver\nhv_vmbus: registering driver hv_utils\n...\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 44 UID: 0 PID: 2552 Comm: hv_kvp_daemon Tainted: G E 6.11.0-rc3+ #1\nRIP: 0010:hv_pkt_iter_first+0x12/0xd0\nCall Trace:\n...\n vmbus_recvpacket\n hv_kvp_onchannelcallback\n vmbus_on_event\n tasklet_action_common\n tasklet_action\n handle_softirqs\n irq_exit_rcu\n sysvec_hyperv_stimer0\n \n \n asm_sysvec_hyperv_stimer0\n...\n kvp_register_done\n hvt_op_read\n vfs_read\n ksys_read\n __x64_sys_read\n\nThis can happen because the KVP/VSS channel callback can be invoked\neven before the channel is fully opened:\n1) as soon as hv_kvp_init() -> hvutil_transport_init() creates\n/dev/vmbus/hv_kvp, the kvp daemon can open the device file immediately and\nregister itself to the driver by writing a message KVP_OP_REGISTER1 to the\nfile (which is handled by kvp_on_msg() ->kvp_handle_handshake()) and\nreading the file for the driver's response, which is handled by\nhvt_op_read(), which calls hvt->on_read(), i.e. kvp_register_done().\n\n2) the problem with kvp_register_done() is that it can cause the\nchannel callback to be called even before the channel is fully opened,\nand when the channel callback is starting to run, util_probe()->\nvmbus_open() may have not initialized the ringbuffer yet, so the\ncallback can hit the panic of NULL pointer dereference.\n\nTo reproduce the panic consistently, we can add a \"ssleep(10)\" for KVP in\n__vmbus_open(), just before the first hv_ringbuffer_init(), and then we\nunload and reload the driver hv_utils, and run the daemon manually within\nthe 10 seconds.\n\nFix the panic by reordering the steps in util_probe() so the char dev\nentry used by the KVP or VSS daemon is not created until after\nvmbus_open() has completed. This reordering prevents the race condition\nfrom happening.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55916" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--112897d9-c625-4341-854b-8e68457fb576.json b/objects/vulnerability/vulnerability--112897d9-c625-4341-854b-8e68457fb576.json new file mode 100644 index 00000000000..daf62383246 --- /dev/null +++ b/objects/vulnerability/vulnerability--112897d9-c625-4341-854b-8e68457fb576.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--77994f96-8bfd-4d5d-8f98-4edca1d3e86c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--112897d9-c625-4341-854b-8e68457fb576", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.203596Z", + "modified": "2025-01-12T00:23:21.203596Z", + "name": "CVE-2024-41935", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to shrink read extent node in batches\n\nWe use rwlock to protect core structure data of extent tree during\nits shrink, however, if there is a huge number of extent nodes in\nextent tree, during shrink of extent tree, it may hold rwlock for\na very long time, which may trigger kernel hang issue.\n\nThis patch fixes to shrink read extent node in batches, so that,\ncritical region of the rwlock can be shrunk to avoid its extreme\nlong time hold.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-41935" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1546f206-b249-4583-8575-ad2be3951b36.json b/objects/vulnerability/vulnerability--1546f206-b249-4583-8575-ad2be3951b36.json new file mode 100644 index 00000000000..dee5f7c91cb --- /dev/null +++ b/objects/vulnerability/vulnerability--1546f206-b249-4583-8575-ad2be3951b36.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8f228117-1d3b-4b77-a782-e1488effa5ac", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1546f206-b249-4583-8575-ad2be3951b36", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.786995Z", + "modified": "2025-01-12T00:23:21.786995Z", + "name": "CVE-2024-57881", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()\n\nIn split_large_buddy(), we might call pfn_to_page() on a PFN that might\nnot exist. In corner cases, such as when freeing the highest pageblock in\nthe last memory section, this could result with CONFIG_SPARSEMEM &&\n!CONFIG_SPARSEMEM_EXTREME in __pfn_to_section() returning NULL and and\n__section_mem_map_addr() dereferencing that NULL pointer.\n\nLet's fix it, and avoid doing a pfn_to_page() call for the first\niteration, where we already have the page.\n\nSo far this was found by code inspection, but let's just CC stable as the\nfix is easy.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57881" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c.json b/objects/vulnerability/vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c.json new file mode 100644 index 00000000000..c7487a87fda --- /dev/null +++ b/objects/vulnerability/vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3b8fab9c-6fb1-4b90-8c22-b15af55a3830", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1d7355a0-26a7-486c-9b70-bca40fcda56c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.106525Z", + "modified": "2025-01-12T00:23:20.106525Z", + "name": "CVE-2024-12472", + "description": "The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphr_duplicate_post() due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to by duplicating the post.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12472" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6.json b/objects/vulnerability/vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6.json new file mode 100644 index 00000000000..bae500eb7a1 --- /dev/null +++ b/objects/vulnerability/vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f580a575-584b-45da-8b13-7dadcb6d99a6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--21941b8b-24b0-45f9-9629-084d325ac4d6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.76904Z", + "modified": "2025-01-12T00:23:21.76904Z", + "name": "CVE-2024-57877", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: ptrace: fix partial SETREGSET for NT_ARM_POE\n\nCurrently poe_set() doesn't initialize the temporary 'ctrl' variable,\nand a SETREGSET call with a length of zero will leave this\nuninitialized. Consequently an arbitrary value will be written back to\ntarget->thread.por_el0, potentially leaking up to 64 bits of memory from\nthe kernel stack. The read is limited to a specific slot on the stack,\nand the issue does not provide a write mechanism.\n\nFix this by initializing the temporary value before copying the regset\nfrom userspace, as for other regsets (e.g. NT_PRSTATUS, NT_PRFPREG,\nNT_ARM_SYSTEM_CALL). In the case of a zero-length write, the existing\ncontents of POR_EL1 will be retained.\n\nBefore this patch:\n\n| # ./poe-test\n| Attempting to write NT_ARM_POE::por_el0 = 0x900d900d900d900d\n| SETREGSET(nt=0x40f, len=8) wrote 8 bytes\n|\n| Attempting to read NT_ARM_POE::por_el0\n| GETREGSET(nt=0x40f, len=8) read 8 bytes\n| Read NT_ARM_POE::por_el0 = 0x900d900d900d900d\n|\n| Attempting to write NT_ARM_POE (zero length)\n| SETREGSET(nt=0x40f, len=0) wrote 0 bytes\n|\n| Attempting to read NT_ARM_POE::por_el0\n| GETREGSET(nt=0x40f, len=8) read 8 bytes\n| Read NT_ARM_POE::por_el0 = 0xffff8000839c3d50\n\nAfter this patch:\n\n| # ./poe-test\n| Attempting to write NT_ARM_POE::por_el0 = 0x900d900d900d900d\n| SETREGSET(nt=0x40f, len=8) wrote 8 bytes\n|\n| Attempting to read NT_ARM_POE::por_el0\n| GETREGSET(nt=0x40f, len=8) read 8 bytes\n| Read NT_ARM_POE::por_el0 = 0x900d900d900d900d\n|\n| Attempting to write NT_ARM_POE (zero length)\n| SETREGSET(nt=0x40f, len=0) wrote 0 bytes\n|\n| Attempting to read NT_ARM_POE::por_el0\n| GETREGSET(nt=0x40f, len=8) read 8 bytes\n| Read NT_ARM_POE::por_el0 = 0x900d900d900d900d", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57877" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f.json b/objects/vulnerability/vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f.json new file mode 100644 index 00000000000..7e16d6d1e7a --- /dev/null +++ b/objects/vulnerability/vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6f9a8003-2b8c-4e79-987b-1288d297d05c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--26e75131-48c8-4ed9-b393-aa41ef175c2f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.954645Z", + "modified": "2025-01-12T00:23:31.954645Z", + "name": "CVE-2025-0392", + "description": "A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. Affected is the function datagridGraph of the file /graphReportController.do. The manipulation of the argument store_code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0392" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb.json b/objects/vulnerability/vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb.json new file mode 100644 index 00000000000..8533b0ad588 --- /dev/null +++ b/objects/vulnerability/vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c0580085-8928-4f68-8e24-385fb95892cd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--28ee1e04-5586-4ded-b11e-64d9965148bb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.563942Z", + "modified": "2025-01-12T00:23:21.563942Z", + "name": "CVE-2024-55641", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: unlock inodes when erroring out of xfs_trans_alloc_dir\n\nDebugging a filesystem patch with generic/475 caused the system to hang\nafter observing the following sequences in dmesg:\n\n XFS (dm-0): metadata I/O error in \"xfs_imap_to_bp+0x61/0xe0 [xfs]\" at daddr 0x491520 len 32 error 5\n XFS (dm-0): metadata I/O error in \"xfs_btree_read_buf_block+0xba/0x160 [xfs]\" at daddr 0x3445608 len 8 error 5\n XFS (dm-0): metadata I/O error in \"xfs_imap_to_bp+0x61/0xe0 [xfs]\" at daddr 0x138e1c0 len 32 error 5\n XFS (dm-0): log I/O error -5\n XFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ea/0x4b0 [xfs] (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem.\n XFS (dm-0): Please unmount the filesystem and rectify the problem(s)\n XFS (dm-0): Internal error dqp->q_ino.reserved < dqp->q_ino.count at line 869 of file fs/xfs/xfs_trans_dquot.c. Caller xfs_trans_dqresv+0x236/0x440 [xfs]\n XFS (dm-0): Corruption detected. Unmount and run xfs_repair\n XFS (dm-0): Unmounting Filesystem be6bcbcc-9921-4deb-8d16-7cc94e335fa7\n\nThe system is stuck in unmount trying to lock a couple of inodes so that\nthey can be purged. The dquot corruption notice above is a clue to what\nhappened -- a link() call tried to set up a transaction to link a child\ninto a directory. Quota reservation for the transaction failed after IO\nerrors shut down the filesystem, but then we forgot to unlock the inodes\non our way out. Fix that.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55641" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2b31d55f-e185-4042-9179-192e24116594.json b/objects/vulnerability/vulnerability--2b31d55f-e185-4042-9179-192e24116594.json new file mode 100644 index 00000000000..55d7c28c469 --- /dev/null +++ b/objects/vulnerability/vulnerability--2b31d55f-e185-4042-9179-192e24116594.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd11a0fa-b636-4d3e-9293-e42e16f1ccf3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2b31d55f-e185-4042-9179-192e24116594", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.626939Z", + "modified": "2025-01-12T00:23:20.626939Z", + "name": "CVE-2024-11327", + "description": "The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.4.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11327" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a.json b/objects/vulnerability/vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a.json new file mode 100644 index 00000000000..b077329f9af --- /dev/null +++ b/objects/vulnerability/vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1c842861-db91-4973-803d-4b73b9bf8a49", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2cfc634f-6324-4e44-b913-ac1ccff3b26a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.819837Z", + "modified": "2025-01-12T00:23:21.819837Z", + "name": "CVE-2024-57878", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: ptrace: fix partial SETREGSET for NT_ARM_FPMR\n\nCurrently fpmr_set() doesn't initialize the temporary 'fpmr' variable,\nand a SETREGSET call with a length of zero will leave this\nuninitialized. Consequently an arbitrary value will be written back to\ntarget->thread.uw.fpmr, potentially leaking up to 64 bits of memory from\nthe kernel stack. The read is limited to a specific slot on the stack,\nand the issue does not provide a write mechanism.\n\nFix this by initializing the temporary value before copying the regset\nfrom userspace, as for other regsets (e.g. NT_PRSTATUS, NT_PRFPREG,\nNT_ARM_SYSTEM_CALL). In the case of a zero-length write, the existing\ncontents of FPMR will be retained.\n\nBefore this patch:\n\n| # ./fpmr-test\n| Attempting to write NT_ARM_FPMR::fpmr = 0x900d900d900d900d\n| SETREGSET(nt=0x40e, len=8) wrote 8 bytes\n|\n| Attempting to read NT_ARM_FPMR::fpmr\n| GETREGSET(nt=0x40e, len=8) read 8 bytes\n| Read NT_ARM_FPMR::fpmr = 0x900d900d900d900d\n|\n| Attempting to write NT_ARM_FPMR (zero length)\n| SETREGSET(nt=0x40e, len=0) wrote 0 bytes\n|\n| Attempting to read NT_ARM_FPMR::fpmr\n| GETREGSET(nt=0x40e, len=8) read 8 bytes\n| Read NT_ARM_FPMR::fpmr = 0xffff800083963d50\n\nAfter this patch:\n\n| # ./fpmr-test\n| Attempting to write NT_ARM_FPMR::fpmr = 0x900d900d900d900d\n| SETREGSET(nt=0x40e, len=8) wrote 8 bytes\n|\n| Attempting to read NT_ARM_FPMR::fpmr\n| GETREGSET(nt=0x40e, len=8) read 8 bytes\n| Read NT_ARM_FPMR::fpmr = 0x900d900d900d900d\n|\n| Attempting to write NT_ARM_FPMR (zero length)\n| SETREGSET(nt=0x40e, len=0) wrote 0 bytes\n|\n| Attempting to read NT_ARM_FPMR::fpmr\n| GETREGSET(nt=0x40e, len=8) read 8 bytes\n| Read NT_ARM_FPMR::fpmr = 0x900d900d900d900d", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57878" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5.json b/objects/vulnerability/vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5.json new file mode 100644 index 00000000000..77a37506f6c --- /dev/null +++ b/objects/vulnerability/vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e2153566-d55c-4a66-b47d-5811871b2245", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2f6b61d6-cede-4408-aac4-da87857008e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.050187Z", + "modified": "2025-01-12T00:23:22.050187Z", + "name": "CVE-2024-42173", + "description": "HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42173" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6.json b/objects/vulnerability/vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6.json new file mode 100644 index 00000000000..6d5a736873a --- /dev/null +++ b/objects/vulnerability/vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d31a5ced-3f2d-4c28-bdb2-9779a6706289", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--367ca5be-b6fb-4e73-8d83-143257d774a6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.770372Z", + "modified": "2025-01-12T00:23:21.770372Z", + "name": "CVE-2024-57843", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: fix overflow inside virtnet_rq_alloc\n\nWhen the frag just got a page, then may lead to regression on VM.\nSpecially if the sysctl net.core.high_order_alloc_disable value is 1,\nthen the frag always get a page when do refill.\n\nWhich could see reliable crashes or scp failure (scp a file 100M in size\nto VM).\n\nThe issue is that the virtnet_rq_dma takes up 16 bytes at the beginning\nof a new frag. When the frag size is larger than PAGE_SIZE,\neverything is fine. However, if the frag is only one page and the\ntotal size of the buffer and virtnet_rq_dma is larger than one page, an\noverflow may occur.\n\nThe commit f9dac92ba908 (\"virtio_ring: enable premapped mode whatever\nuse_dma_api\") introduced this problem. And we reverted some commits to\nfix this in last linux version. Now we try to enable it and fix this\nbug directly.\n\nHere, when the frag size is not enough, we reduce the buffer len to fix\nthis problem.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57843" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5.json b/objects/vulnerability/vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5.json new file mode 100644 index 00000000000..03104a03c6f --- /dev/null +++ b/objects/vulnerability/vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--52892337-fb47-47f1-a09f-aad8873ebc5d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--36965fcd-1e34-4cc7-9b05-ffea18b83cc5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.780983Z", + "modified": "2025-01-12T00:23:21.780983Z", + "name": "CVE-2024-57809", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: imx6: Fix suspend/resume support on i.MX6QDL\n\nThe suspend/resume functionality is currently broken on the i.MX6QDL\nplatform, as documented in the NXP errata (ERR005723):\n\n https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf\n\nThis patch addresses the issue by sharing most of the suspend/resume\nsequences used by other i.MX devices, while avoiding modifications to\ncritical registers that disrupt the PCIe functionality. It targets the\nsame problem as the following downstream commit:\n\n https://github.com/nxp-imx/linux-imx/commit/4e92355e1f79d225ea842511fcfd42b343b32995\n\nUnlike the downstream commit, this patch also resets the connected PCIe\ndevice if possible. Without this reset, certain drivers, such as ath10k\nor iwlwifi, will crash on resume. The device reset is also done by the\ndriver on other i.MX platforms, making this patch consistent with\nexisting practices.\n\nUpon resuming, the kernel will hang and display an error. Here's an\nexample of the error encountered with the ath10k driver:\n\n ath10k_pci 0000:01:00.0: Unable to change power state from D3hot to D0, device inaccessible\n Unhandled fault: imprecise external abort (0x1406) at 0x0106f944\n\nWithout this patch, suspend/resume will fail on i.MX6QDL devices if a\nPCIe device is connected.\n\n[kwilczynski: commit log, added tag for stable releases]", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57809" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b.json b/objects/vulnerability/vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b.json new file mode 100644 index 00000000000..6324ce392f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--41939d51-2264-465a-9f32-f9078294fc88", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--388e9388-fc6d-4c42-8591-b55766f7083b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.130575Z", + "modified": "2025-01-12T00:23:20.130575Z", + "name": "CVE-2024-12412", + "description": "The Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘active_tab’ parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12412" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746.json b/objects/vulnerability/vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746.json new file mode 100644 index 00000000000..91818c9df3c --- /dev/null +++ b/objects/vulnerability/vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b890b132-43f7-4982-8ab3-bdcc47fab287", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--39b8e725-d99b-4e0b-816d-173ba6a78746", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.635703Z", + "modified": "2025-01-12T00:23:20.635703Z", + "name": "CVE-2024-11758", + "description": "The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11758" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3de19761-8a87-4461-be09-ec351f710db7.json b/objects/vulnerability/vulnerability--3de19761-8a87-4461-be09-ec351f710db7.json new file mode 100644 index 00000000000..8610fdb23d8 --- /dev/null +++ b/objects/vulnerability/vulnerability--3de19761-8a87-4461-be09-ec351f710db7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f36a4bc8-f4ac-4465-8e1d-2a55b7080994", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3de19761-8a87-4461-be09-ec351f710db7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.868203Z", + "modified": "2025-01-12T00:23:20.868203Z", + "name": "CVE-2024-53680", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53680" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92.json b/objects/vulnerability/vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92.json new file mode 100644 index 00000000000..09e35fb4e72 --- /dev/null +++ b/objects/vulnerability/vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--25c17126-3a97-475d-a10c-e2a1b7850779", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3e97788d-3e73-4420-9e08-e37a00717c92", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.184383Z", + "modified": "2025-01-12T00:23:21.184383Z", + "name": "CVE-2024-41932", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: fix warning in sched_setaffinity\n\nCommit 8f9ea86fdf99b added some logic to sched_setaffinity that included\na WARN when a per-task affinity assignment races with a cpuset update.\n\nSpecifically, we can have a race where a cpuset update results in the\ntask affinity no longer being a subset of the cpuset. That's fine; we\nhave a fallback to instead use the cpuset mask. However, we have a WARN\nset up that will trigger if the cpuset mask has no overlap at all with\nthe requested task affinity. This shouldn't be a warning condition; its\ntrivial to create this condition.\n\nReproduced the warning by the following setup:\n\n- $PID inside a cpuset cgroup\n- another thread repeatedly switching the cpuset cpus from 1-2 to just 1\n- another thread repeatedly setting the $PID affinity (via taskset) to 2", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-41932" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42.json b/objects/vulnerability/vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42.json new file mode 100644 index 00000000000..804ae6843d7 --- /dev/null +++ b/objects/vulnerability/vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--be0c7614-ca87-420e-b510-906a2c8832a7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--429e9d62-faf6-4bd8-92c8-99bbc90dce42", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.895717Z", + "modified": "2025-01-12T00:23:20.895717Z", + "name": "CVE-2024-53682", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: axp20x: AXP717: set ramp_delay\n\nAXP717 datasheet says that regulator ramp delay is 15.625 us/step,\nwhich is 10mV in our case.\n\nAdd a AXP_DESC_RANGES_DELAY macro and update AXP_DESC_RANGES macro to\nexpand to AXP_DESC_RANGES_DELAY with ramp_delay = 0\n\nFor DCDC4, steps is 100mv\n\nAdd a AXP_DESC_DELAY macro and update AXP_DESC macro to\nexpand to AXP_DESC_DELAY with ramp_delay = 0\n\nThis patch fix crashes when using CPU DVFS.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53682" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--451106de-4ac3-4843-ba98-e912938ca653.json b/objects/vulnerability/vulnerability--451106de-4ac3-4843-ba98-e912938ca653.json new file mode 100644 index 00000000000..54b428e95ae --- /dev/null +++ b/objects/vulnerability/vulnerability--451106de-4ac3-4843-ba98-e912938ca653.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--73727805-d4ba-483b-85a1-7806ac563700", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--451106de-4ac3-4843-ba98-e912938ca653", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.638723Z", + "modified": "2025-01-12T00:23:20.638723Z", + "name": "CVE-2024-11915", + "description": "The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11915" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448.json b/objects/vulnerability/vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448.json new file mode 100644 index 00000000000..a1f7b258e40 --- /dev/null +++ b/objects/vulnerability/vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--24f8806d-ea6d-4e8a-83f5-3a951c5a5c1a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--47b1edc0-c78c-418f-b2b5-eedc64bff448", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.079273Z", + "modified": "2025-01-12T00:23:22.079273Z", + "name": "CVE-2024-42174", + "description": "HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore compile a list of valid usernames.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42174" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4b236d88-e7cd-4761-9504-5970de474369.json b/objects/vulnerability/vulnerability--4b236d88-e7cd-4761-9504-5970de474369.json new file mode 100644 index 00000000000..721234889c0 --- /dev/null +++ b/objects/vulnerability/vulnerability--4b236d88-e7cd-4761-9504-5970de474369.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--eab22f78-5356-4cf6-bc64-9a33f575d646", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4b236d88-e7cd-4761-9504-5970de474369", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.542477Z", + "modified": "2025-01-12T00:23:21.542477Z", + "name": "CVE-2024-55881", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall. For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n ------------[ cut here ]------------\n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n Call Trace:\n \n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n ---[ end trace 0000000000000000 ]---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55881" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4.json b/objects/vulnerability/vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4.json new file mode 100644 index 00000000000..f03bf1bf681 --- /dev/null +++ b/objects/vulnerability/vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--de2e924e-a554-41b9-a585-b83f2d1899ba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--508a70ae-abe9-4d9c-836f-5f4784a54eb4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.074989Z", + "modified": "2025-01-12T00:23:22.074989Z", + "name": "CVE-2024-42169", + "description": "HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42169" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f.json b/objects/vulnerability/vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f.json new file mode 100644 index 00000000000..a2f31689d04 --- /dev/null +++ b/objects/vulnerability/vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--990941a1-b8ab-47f9-9648-15075e23702a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--51d35636-ff22-4fff-b42f-128f781cf71f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.79201Z", + "modified": "2025-01-12T00:23:21.79201Z", + "name": "CVE-2024-57872", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()\n\nThis will ensure that the scsi host is cleaned up properly using\nscsi_host_dev_release(). Otherwise, it may lead to memory leaks.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57872" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd.json b/objects/vulnerability/vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd.json new file mode 100644 index 00000000000..9b7839ef2f5 --- /dev/null +++ b/objects/vulnerability/vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d830e516-f2e0-4d16-8cd7-5b7618ba2669", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--57c9e3e4-1a52-4d80-99e3-7cc7a79dbadd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.024944Z", + "modified": "2025-01-12T00:23:22.024944Z", + "name": "CVE-2024-46896", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: don't access invalid sched\n\nSince 2320c9e6a768 (\"drm/sched: memset() 'job' in drm_sched_job_init()\")\naccessing job->base.sched can produce unexpected results as the initialisation\nof (*job)->base.sched done in amdgpu_job_alloc is overwritten by the\nmemset.\n\nThis commit fixes an issue when a CS would fail validation and would\nbe rejected after job->num_ibs is incremented. In this case,\namdgpu_ib_free(ring->adev, ...) will be called, which would crash the\nmachine because the ring value is bogus.\n\nTo fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this\nbecause the device is actually not used in this function.\n\nThe next commit will remove the ring argument completely.\n\n(cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-46896" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec.json b/objects/vulnerability/vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec.json new file mode 100644 index 00000000000..e81e7ec7362 --- /dev/null +++ b/objects/vulnerability/vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--816abfdf-57c3-4c95-aea5-1fe51bd0721f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5e8fcbc3-92e7-4960-a1c7-e96cca51c4ec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.79627Z", + "modified": "2025-01-12T00:23:21.79627Z", + "name": "CVE-2024-57791", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check return value of sock_recvmsg when draining clc data\n\nWhen receiving clc msg, the field length in smc_clc_msg_hdr indicates the\nlength of msg should be received from network and the value should not be\nfully trusted as it is from the network. Once the value of length exceeds\nthe value of buflen in function smc_clc_wait_msg it may run into deadloop\nwhen trying to drain the remaining data exceeding buflen.\n\nThis patch checks the return value of sock_recvmsg when draining data in\ncase of deadloop in draining.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57791" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f.json b/objects/vulnerability/vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f.json new file mode 100644 index 00000000000..1127a9ef432 --- /dev/null +++ b/objects/vulnerability/vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2d3c965f-55bd-4686-a7f4-195a5a611fde", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6032c00b-e8a1-48f6-8745-d6ea55cb5a1f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:19.873303Z", + "modified": "2025-01-12T00:23:19.873303Z", + "name": "CVE-2024-48876", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nstackdepot: fix stack_depot_save_flags() in NMI context\n\nPer documentation, stack_depot_save_flags() was meant to be usable from\nNMI context if STACK_DEPOT_FLAG_CAN_ALLOC is unset. However, it still\nwould try to take the pool_lock in an attempt to save a stack trace in the\ncurrent pool (if space is available).\n\nThis could result in deadlock if an NMI is handled while pool_lock is\nalready held. To avoid deadlock, only try to take the lock in NMI context\nand give up if unsuccessful.\n\nThe documentation is fixed to clearly convey this.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48876" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938.json b/objects/vulnerability/vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938.json new file mode 100644 index 00000000000..82c0bfd3949 --- /dev/null +++ b/objects/vulnerability/vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b73ebacb-4100-4234-b3ef-dac1331ece3a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--62b6c9da-96b6-4bf7-9521-d7b1277fb938", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.074854Z", + "modified": "2025-01-12T00:23:20.074854Z", + "name": "CVE-2024-45828", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Mask ring interrupts before ring stop request\n\nBus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when\nthe ring is being stopped. Depending on timing between ring stop request\ncompletion, interrupt handler removal and code execution this may lead\nto a NULL pointer dereference in hci_dma_irq_handler() if it gets to run\nafter the io_data pointer is set to NULL in hci_dma_cleanup().\n\nPrevent this my masking the ring interrupts before ring stop request.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-45828" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb.json b/objects/vulnerability/vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb.json new file mode 100644 index 00000000000..bd7108af2dc --- /dev/null +++ b/objects/vulnerability/vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d749b880-e7a1-4bba-8ec5-ee68614a65d0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--64af324e-5546-4b13-9a25-64b3bb2cfecb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:19.858461Z", + "modified": "2025-01-12T00:23:19.858461Z", + "name": "CVE-2024-48875", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't take dev_replace rwsem on task already holding it\n\nRunning fstests btrfs/011 with MKFS_OPTIONS=\"-O rst\" to force the usage of\nthe RAID stripe-tree, we get the following splat from lockdep:\n\n BTRFS info (device sdd): dev_replace from /dev/sdd (devid 1) to /dev/sdb started\n\n ============================================\n WARNING: possible recursive locking detected\n 6.11.0-rc3-btrfs-for-next #599 Not tainted\n --------------------------------------------\n btrfs/2326 is trying to acquire lock:\n ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n but task is already holding lock:\n ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&fs_info->dev_replace.rwsem);\n lock(&fs_info->dev_replace.rwsem);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n 1 lock held by btrfs/2326:\n #0: ffff88810f215c98 (&fs_info->dev_replace.rwsem){++++}-{3:3}, at: btrfs_map_block+0x39f/0x2250\n\n stack backtrace:\n CPU: 1 UID: 0 PID: 2326 Comm: btrfs Not tainted 6.11.0-rc3-btrfs-for-next #599\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n Call Trace:\n \n dump_stack_lvl+0x5b/0x80\n __lock_acquire+0x2798/0x69d0\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n lock_acquire+0x19d/0x4a0\n ? btrfs_map_block+0x39f/0x2250\n ? __pfx_lock_acquire+0x10/0x10\n ? find_held_lock+0x2d/0x110\n ? lock_is_held_type+0x8f/0x100\n down_read+0x8e/0x440\n ? btrfs_map_block+0x39f/0x2250\n ? __pfx_down_read+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n btrfs_map_block+0x39f/0x2250\n ? btrfs_dev_replace_by_ioctl+0xd69/0x1d00\n ? btrfs_bio_counter_inc_blocked+0xd9/0x2e0\n ? __kasan_slab_alloc+0x6e/0x70\n ? __pfx_btrfs_map_block+0x10/0x10\n ? __pfx_btrfs_bio_counter_inc_blocked+0x10/0x10\n ? kmem_cache_alloc_noprof+0x1f2/0x300\n ? mempool_alloc_noprof+0xed/0x2b0\n btrfs_submit_chunk+0x28d/0x17e0\n ? __pfx_btrfs_submit_chunk+0x10/0x10\n ? bvec_alloc+0xd7/0x1b0\n ? bio_add_folio+0x171/0x270\n ? __pfx_bio_add_folio+0x10/0x10\n ? __kasan_check_read+0x20/0x20\n btrfs_submit_bio+0x37/0x80\n read_extent_buffer_pages+0x3df/0x6c0\n btrfs_read_extent_buffer+0x13e/0x5f0\n read_tree_block+0x81/0xe0\n read_block_for_search+0x4bd/0x7a0\n ? __pfx_read_block_for_search+0x10/0x10\n btrfs_search_slot+0x78d/0x2720\n ? __pfx_btrfs_search_slot+0x10/0x10\n ? lock_is_held_type+0x8f/0x100\n ? kasan_save_track+0x14/0x30\n ? __kasan_slab_alloc+0x6e/0x70\n ? kmem_cache_alloc_noprof+0x1f2/0x300\n btrfs_get_raid_extent_offset+0x181/0x820\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_btrfs_get_raid_extent_offset+0x10/0x10\n ? down_read+0x194/0x440\n ? __pfx_down_read+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n btrfs_map_block+0x5b5/0x2250\n ? __pfx_btrfs_map_block+0x10/0x10\n scrub_submit_initial_read+0x8fe/0x11b0\n ? __pfx_scrub_submit_initial_read+0x10/0x10\n submit_initial_group_read+0x161/0x3a0\n ? lock_release+0x20e/0x710\n ? __pfx_submit_initial_group_read+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n scrub_simple_mirror.isra.0+0x3eb/0x580\n scrub_stripe+0xe4d/0x1440\n ? lock_release+0x20e/0x710\n ? __pfx_scrub_stripe+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n ? do_raw_read_unlock+0x44/0x70\n ? _raw_read_unlock+0x23/0x40\n scrub_chunk+0x257/0x4a0\n scrub_enumerate_chunks+0x64c/0xf70\n ? __mutex_unlock_slowpath+0x147/0x5f0\n ? __pfx_scrub_enumerate_chunks+0x10/0x10\n ? bit_wait_timeout+0xb0/0x170\n ? __up_read+0x189/0x700\n ? scrub_workers_get+0x231/0x300\n ? up_write+0x490/0x4f0\n btrfs_scrub_dev+0x52e/0xcd0\n ? create_pending_snapshots+0x230/0x250\n ? __pfx_btrfs_scrub_dev+0x10/0x10\n btrfs_dev_replace_by_ioctl+0xd69/0x1d00\n ? lock_acquire+0x19d/0x4a0\n ? __pfx_btrfs_dev_replace_by_ioctl+0x10/0x10\n ?\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48875" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--670b0d74-493a-4799-b161-f40129ce673e.json b/objects/vulnerability/vulnerability--670b0d74-493a-4799-b161-f40129ce673e.json new file mode 100644 index 00000000000..136eba154e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--670b0d74-493a-4799-b161-f40129ce673e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ccedf840-d348-4663-8595-5ece7126dbfd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--670b0d74-493a-4799-b161-f40129ce673e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.790682Z", + "modified": "2025-01-12T00:23:21.790682Z", + "name": "CVE-2024-57839", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"readahead: properly shorten readahead when falling back to do_page_cache_ra()\"\n\nThis reverts commit 7c877586da3178974a8a94577b6045a48377ff25.\n\nAnders and Philippe have reported that recent kernels occasionally hang\nwhen used with NFS in readahead code. The problem has been bisected to\n7c877586da3 (\"readahead: properly shorten readahead when falling back to\ndo_page_cache_ra()\"). The cause of the problem is that ra->size can be\nshrunk by read_pages() call and subsequently we end up calling\ndo_page_cache_ra() with negative (read huge positive) number of pages. \nLet's revert 7c877586da3 for now until we can find a proper way how the\nlogic in read_pages() and page_cache_ra_order() can coexist. This can\nlead to reduced readahead throughput due to readahead window confusion but\nthat's better than outright hangs.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57839" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c.json b/objects/vulnerability/vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c.json new file mode 100644 index 00000000000..435cd227a6d --- /dev/null +++ b/objects/vulnerability/vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--97bab530-1937-4948-80d4-33207da083db", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--778e0443-a336-4ca0-a3ae-24052f2b086c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.568583Z", + "modified": "2025-01-12T00:23:21.568583Z", + "name": "CVE-2024-55639", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: renesas: rswitch: avoid use-after-put for a device tree node\n\nThe device tree node saved in the rswitch_device structure is used at\nseveral driver locations. So passing this node to of_node_put() after\nthe first use is wrong.\n\nMove of_node_put() for this node to exit paths.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55639" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3.json b/objects/vulnerability/vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3.json new file mode 100644 index 00000000000..76256de053a --- /dev/null +++ b/objects/vulnerability/vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ccf6180d-5289-41b8-a326-817445e76583", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78b049db-3ddb-41ed-9b50-fd4b6e8d0af3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.812013Z", + "modified": "2025-01-12T00:23:21.812013Z", + "name": "CVE-2024-57876", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Fix resetting msg rx state after topology removal\n\nIf the MST topology is removed during the reception of an MST down reply\nor MST up request sideband message, the\ndrm_dp_mst_topology_mgr::up_req_recv/down_rep_recv states could be reset\nfrom one thread via drm_dp_mst_topology_mgr_set_mst(false), racing with\nthe reading/parsing of the message from another thread via\ndrm_dp_mst_handle_down_rep() or drm_dp_mst_handle_up_req(). The race is\npossible since the reader/parser doesn't hold any lock while accessing\nthe reception state. This in turn can lead to a memory corruption in the\nreader/parser as described by commit bd2fccac61b4 (\"drm/dp_mst: Fix MST\nsideband message body length check\").\n\nFix the above by resetting the message reception state if needed before\nreading/parsing a message. Another solution would be to hold the\ndrm_dp_mst_topology_mgr::lock for the whole duration of the message\nreception/parsing in drm_dp_mst_handle_down_rep() and\ndrm_dp_mst_handle_up_req(), however this would require a bigger change.\nSince the fix is also needed for stable, opting for the simpler solution\nin this patch.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57876" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19.json b/objects/vulnerability/vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19.json new file mode 100644 index 00000000000..126f38a920c --- /dev/null +++ b/objects/vulnerability/vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b62d3b63-234d-4cad-879d-96f7c1abc663", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78fa1137-ef7d-4af7-a79f-5434685ceb19", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.115101Z", + "modified": "2025-01-12T00:23:20.115101Z", + "name": "CVE-2024-12587", + "description": "The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12587" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492.json b/objects/vulnerability/vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492.json new file mode 100644 index 00000000000..5bf1afe780e --- /dev/null +++ b/objects/vulnerability/vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6423685c-5a8c-43fe-b04a-f03ae9cab1b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7b922828-ee4c-4840-a4f9-034010fbf492", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.090945Z", + "modified": "2025-01-12T00:23:22.090945Z", + "name": "CVE-2024-42171", + "description": "HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42171" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d.json b/objects/vulnerability/vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d.json new file mode 100644 index 00000000000..d953e712432 --- /dev/null +++ b/objects/vulnerability/vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd1c519c-7227-40a2-9f77-5b3f0bab1a5a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7bf30e67-77f0-4fe6-965e-ee7e23b72c9d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:19.842296Z", + "modified": "2025-01-12T00:23:19.842296Z", + "name": "CVE-2024-48881", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: revert replacing IS_ERR_OR_NULL with IS_ERR again\n\nCommit 028ddcac477b (\"bcache: Remove unnecessary NULL point check in\nnode allocations\") leads a NULL pointer deference in cache_set_flush().\n\n1721 if (!IS_ERR_OR_NULL(c->root))\n1722 list_add(&c->root->list, &c->btree_cache);\n\n>From the above code in cache_set_flush(), if previous registration code\nfails before allocating c->root, it is possible c->root is NULL as what\nit is initialized. __bch_btree_node_alloc() never returns NULL but\nc->root is possible to be NULL at above line 1721.\n\nThis patch replaces IS_ERR() by IS_ERR_OR_NULL() to fix this.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48881" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f.json b/objects/vulnerability/vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f.json new file mode 100644 index 00000000000..ff6ba16935b --- /dev/null +++ b/objects/vulnerability/vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d2d6bcd9-e048-4eb7-ba45-735742be6d3f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--80544640-af23-4fb9-96cf-57cc3991fe6f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.064273Z", + "modified": "2025-01-12T00:23:22.064273Z", + "name": "CVE-2024-42168", + "description": "HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42168" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5.json b/objects/vulnerability/vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5.json new file mode 100644 index 00000000000..2990828767e --- /dev/null +++ b/objects/vulnerability/vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f26a5a4e-6c96-4b72-bbde-bfc8068bf085", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8125ba2c-63a0-46f1-a98e-3c2cac9ee9e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.785214Z", + "modified": "2025-01-12T00:23:21.785214Z", + "name": "CVE-2024-57874", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL\n\nCurrently tagged_addr_ctrl_set() doesn't initialize the temporary 'ctrl'\nvariable, and a SETREGSET call with a length of zero will leave this\nuninitialized. Consequently tagged_addr_ctrl_set() will consume an\narbitrary value, potentially leaking up to 64 bits of memory from the\nkernel stack. The read is limited to a specific slot on the stack, and\nthe issue does not provide a write mechanism.\n\nAs set_tagged_addr_ctrl() only accepts values where bits [63:4] zero and\nrejects other values, a partial SETREGSET attempt will randomly succeed\nor fail depending on the value of the uninitialized value, and the\nexposure is significantly limited.\n\nFix this by initializing the temporary value before copying the regset\nfrom userspace, as for other regsets (e.g. NT_PRSTATUS, NT_PRFPREG,\nNT_ARM_SYSTEM_CALL). In the case of a zero-length write, the existing\nvalue of the tagged address ctrl will be retained.\n\nThe NT_ARM_TAGGED_ADDR_CTRL regset is only visible in the\nuser_aarch64_view used by a native AArch64 task to manipulate another\nnative AArch64 task. As get_tagged_addr_ctrl() only returns an error\nvalue when called for a compat task, tagged_addr_ctrl_get() and\ntagged_addr_ctrl_set() should never observe an error value from\nget_tagged_addr_ctrl(). Add a WARN_ON_ONCE() to both to indicate that\nsuch an error would be unexpected, and error handlnig is not missing in\neither case.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57874" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c.json b/objects/vulnerability/vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c.json new file mode 100644 index 00000000000..de0f06ecc83 --- /dev/null +++ b/objects/vulnerability/vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c51fda14-1d46-4490-943a-f09578ba96d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8557a0ce-c721-4a17-93d3-8f18ff94474c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.080433Z", + "modified": "2025-01-12T00:23:20.080433Z", + "name": "CVE-2024-12520", + "description": "The Dominion – Domain Checker for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dominion_shortcodes_domain_search_6' shortcode in all versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12520" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3.json b/objects/vulnerability/vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3.json new file mode 100644 index 00000000000..fb36ecd46f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--134a48ea-8ed9-4d8c-a4f6-189ff79e16fd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--886ca903-c0b9-437a-afd0-4f40bd3aedf3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.138715Z", + "modified": "2025-01-12T00:23:20.138715Z", + "name": "CVE-2024-12505", + "description": "The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tsmap' shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12505" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--893f5821-98a0-4156-8116-309222489843.json b/objects/vulnerability/vulnerability--893f5821-98a0-4156-8116-309222489843.json new file mode 100644 index 00000000000..72a4d687b13 --- /dev/null +++ b/objects/vulnerability/vulnerability--893f5821-98a0-4156-8116-309222489843.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d29f9709-8475-4cb6-a852-6b1730d0d393", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--893f5821-98a0-4156-8116-309222489843", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.764924Z", + "modified": "2025-01-12T00:23:21.764924Z", + "name": "CVE-2024-57849", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cpum_sf: Handle CPU hotplug remove during sampling\n\nCPU hotplug remove handling triggers the following function\ncall sequence:\n\n CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu()\n ...\n CPUHP_AP_PERF_ONLINE --> perf_event_exit_cpu()\n\nThe s390 CPUMF sampling CPU hotplug handler invokes:\n\n s390_pmu_sf_offline_cpu()\n +--> cpusf_pmu_setup()\n +--> setup_pmc_cpu()\n +--> deallocate_buffers()\n\nThis function de-allocates all sampling data buffers (SDBs) allocated\nfor that CPU at event initialization. It also clears the\nPMU_F_RESERVED bit. The CPU is gone and can not be sampled.\n\nWith the event still being active on the removed CPU, the CPU event\nhotplug support in kernel performance subsystem triggers the\nfollowing function calls on the removed CPU:\n\n perf_event_exit_cpu()\n +--> perf_event_exit_cpu_context()\n +--> __perf_event_exit_context()\n\t +--> __perf_remove_from_context()\n\t +--> event_sched_out()\n\t +--> cpumsf_pmu_del()\n\t +--> cpumsf_pmu_stop()\n +--> hw_perf_event_update()\n\nto stop and remove the event. During removal of the event, the\nsampling device driver tries to read out the remaining samples from\nthe sample data buffers (SDBs). But they have already been freed\n(and may have been re-assigned). This may lead to a use after free\nsituation in which case the samples are most likely invalid. In the\nbest case the memory has not been reassigned and still contains\nvalid data.\n\nRemedy this situation and check if the CPU is still in reserved\nstate (bit PMU_F_RESERVED set). In this case the SDBs have not been\nreleased an contain valid data. This is always the case when\nthe event is removed (and no CPU hotplug off occured).\nIf the PMU_F_RESERVED bit is not set, the SDB buffers are gone.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57849" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0.json b/objects/vulnerability/vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0.json new file mode 100644 index 00000000000..306ac56a9ff --- /dev/null +++ b/objects/vulnerability/vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bd56d5a8-5137-419d-bceb-b77370de0321", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8a0dea0e-38f8-4d3c-a1ec-42a32550b4d0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.322609Z", + "modified": "2025-01-12T00:23:20.322609Z", + "name": "CVE-2024-47809", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: fix possible lkb_resource null dereference\n\nThis patch fixes a possible null pointer dereference when this function is\ncalled from request_lock() as lkb->lkb_resource is not assigned yet,\nonly after validate_lock_args() by calling attach_lkb(). Another issue\nis that a resource name could be a non printable bytearray and we cannot\nassume to be ASCII coded.\n\nThe log functionality is probably never being hit when DLM is used in\nnormal way and no debug logging is enabled. The null pointer dereference\ncan only occur on a new created lkb that does not have the resource\nassigned yet, it probably never hits the null pointer dereference but we\nshould be sure that other changes might not change this behaviour and we\nactually can hit the mentioned null pointer dereference.\n\nIn this patch we just drop the printout of the resource name, the lkb id\nis enough to make a possible connection to a resource name if this\nexists.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47809" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f.json b/objects/vulnerability/vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f.json new file mode 100644 index 00000000000..6b2c9512731 --- /dev/null +++ b/objects/vulnerability/vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9a99ff02-9828-4d6e-b245-1f7f33d4382a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8bb5e866-0f89-47bf-b7e4-866226d00e3f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.117133Z", + "modified": "2025-01-12T00:23:20.117133Z", + "name": "CVE-2024-12527", + "description": "The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfect_portal_intake_form' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12527" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8.json b/objects/vulnerability/vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8.json new file mode 100644 index 00000000000..a3cd519778e --- /dev/null +++ b/objects/vulnerability/vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--29a2ed4d-b29b-4d06-b6c7-2b081d98dfc9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8c45ec8b-c879-470c-beb8-a4ffff77d7e8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.798643Z", + "modified": "2025-01-12T00:23:21.798643Z", + "name": "CVE-2024-57879", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Always release hdev at the end of iso_listen_bis\n\nSince hci_get_route holds the device before returning, the hdev\nshould be released with hci_dev_put at the end of iso_listen_bis\neven if the function returns with an error.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57879" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452.json b/objects/vulnerability/vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452.json new file mode 100644 index 00000000000..720dd61bc45 --- /dev/null +++ b/objects/vulnerability/vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bbbe0d4b-b3ba-40df-a127-df34b03ba272", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8db2b69a-7b2e-4d58-9d07-4db1284a1452", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.631868Z", + "modified": "2025-01-12T00:23:20.631868Z", + "name": "CVE-2024-11892", + "description": "The Accordion Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordion_slider' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11892" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--93065a56-a497-410a-a3c6-c878c73f875e.json b/objects/vulnerability/vulnerability--93065a56-a497-410a-a3c6-c878c73f875e.json new file mode 100644 index 00000000000..d218942163a --- /dev/null +++ b/objects/vulnerability/vulnerability--93065a56-a497-410a-a3c6-c878c73f875e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--76381fc7-8eee-4b6e-9328-e5e513ebbf7e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--93065a56-a497-410a-a3c6-c878c73f875e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.815801Z", + "modified": "2025-01-12T00:23:21.815801Z", + "name": "CVE-2024-57875", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: RCU protect disk->conv_zones_bitmap\n\nEnsure that a disk revalidation changing the conventional zones bitmap\nof a disk does not cause invalid memory references when using the\ndisk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap\npointer.\n\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\nthe function disk_set_conv_zones_bitmap() is added to update a disk\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\nzone_wplugs_lock spinlock held.\n\ndisk_free_zone_resources() is modified to call\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\nfree the old one.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57875" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe.json b/objects/vulnerability/vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe.json new file mode 100644 index 00000000000..af06a471f5a --- /dev/null +++ b/objects/vulnerability/vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--05455111-c72f-442b-8882-f5f35b839cba", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--94939201-04a6-4609-ab3e-2373c0fb49fe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.951211Z", + "modified": "2025-01-12T00:23:31.951211Z", + "name": "CVE-2025-0390", + "description": "A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0390" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d.json b/objects/vulnerability/vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d.json new file mode 100644 index 00000000000..80f82b4f5c6 --- /dev/null +++ b/objects/vulnerability/vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca86f0ff-a614-4bd1-8dbe-160b0cbda818", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--960fcdbe-d490-46ea-9b0b-2274b55caa8d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.878657Z", + "modified": "2025-01-12T00:23:20.878657Z", + "name": "CVE-2024-53687", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Fix IPIs usage in kfence_protect_page()\n\nflush_tlb_kernel_range() may use IPIs to flush the TLBs of all the\ncores, which triggers the following warning when the irqs are disabled:\n\n[ 3.455330] WARNING: CPU: 1 PID: 0 at kernel/smp.c:815 smp_call_function_many_cond+0x452/0x520\n[ 3.456647] Modules linked in:\n[ 3.457218] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.12.0-rc7-00010-g91d3de7240b8 #1\n[ 3.457416] Hardware name: QEMU QEMU Virtual Machine, BIOS\n[ 3.457633] epc : smp_call_function_many_cond+0x452/0x520\n[ 3.457736] ra : on_each_cpu_cond_mask+0x1e/0x30\n[ 3.457786] epc : ffffffff800b669a ra : ffffffff800b67c2 sp : ff2000000000bb50\n[ 3.457824] gp : ffffffff815212b8 tp : ff6000008014f080 t0 : 000000000000003f\n[ 3.457859] t1 : ffffffff815221e0 t2 : 000000000000000f s0 : ff2000000000bc10\n[ 3.457920] s1 : 0000000000000040 a0 : ffffffff815221e0 a1 : 0000000000000001\n[ 3.457953] a2 : 0000000000010000 a3 : 0000000000000003 a4 : 0000000000000000\n[ 3.458006] a5 : 0000000000000000 a6 : ffffffffffffffff a7 : 0000000000000000\n[ 3.458042] s2 : ffffffff815223be s3 : 00fffffffffff000 s4 : ff600001ffe38fc0\n[ 3.458076] s5 : ff600001ff950d00 s6 : 0000000200000120 s7 : 0000000000000001\n[ 3.458109] s8 : 0000000000000001 s9 : ff60000080841ef0 s10: 0000000000000001\n[ 3.458141] s11: ffffffff81524812 t3 : 0000000000000001 t4 : ff60000080092bc0\n[ 3.458172] t5 : 0000000000000000 t6 : ff200000000236d0\n[ 3.458203] status: 0000000200000100 badaddr: ffffffff800b669a cause: 0000000000000003\n[ 3.458373] [] smp_call_function_many_cond+0x452/0x520\n[ 3.458593] [] on_each_cpu_cond_mask+0x1e/0x30\n[ 3.458625] [] __flush_tlb_range+0x118/0x1ca\n[ 3.458656] [] flush_tlb_kernel_range+0x1e/0x26\n[ 3.458683] [] kfence_protect+0xc0/0xce\n[ 3.458717] [] kfence_guarded_free+0xc6/0x1c0\n[ 3.458742] [] __kfence_free+0x62/0xc6\n[ 3.458764] [] kfree+0x106/0x32c\n[ 3.458786] [] detach_buf_split+0x188/0x1a8\n[ 3.458816] [] virtqueue_get_buf_ctx+0xb6/0x1f6\n[ 3.458839] [] virtqueue_get_buf+0xe/0x16\n[ 3.458880] [] virtblk_done+0x5c/0xe2\n[ 3.458908] [] vring_interrupt+0x6a/0x74\n[ 3.458930] [] __handle_irq_event_percpu+0x7c/0xe2\n[ 3.458956] [] handle_irq_event+0x3c/0x86\n[ 3.458978] [] handle_simple_irq+0x9e/0xbe\n[ 3.459004] [] generic_handle_domain_irq+0x1c/0x2a\n[ 3.459027] [] imsic_handle_irq+0xba/0x120\n[ 3.459056] [] generic_handle_domain_irq+0x1c/0x2a\n[ 3.459080] [] riscv_intc_aia_irq+0x24/0x34\n[ 3.459103] [] handle_riscv_irq+0x2e/0x4c\n[ 3.459133] [] call_on_irq_stack+0x32/0x40\n\nSo only flush the local TLB and let the lazy kfence page fault handling\ndeal with the faults which could happen when a core has an old protected\npte version cached in its TLB. That leads to potential inaccuracies which\ncan be tolerated when using kfence.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53687" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a.json b/objects/vulnerability/vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a.json new file mode 100644 index 00000000000..ae6f21a0127 --- /dev/null +++ b/objects/vulnerability/vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4d4364d8-3e92-46b5-b612-40a373e4d0b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9a9cf425-f462-4c99-85f4-33afc71d471a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.10974Z", + "modified": "2025-01-12T00:23:20.10974Z", + "name": "CVE-2024-12304", + "description": "The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in all versions up to, and including, 3.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12304" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371.json b/objects/vulnerability/vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371.json new file mode 100644 index 00000000000..807597bf09f --- /dev/null +++ b/objects/vulnerability/vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5b9d040a-140c-4937-8ec3-3a75c1cdd138", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9c4e8ce1-6607-4ca3-a14d-181804800371", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.061057Z", + "modified": "2025-01-12T00:23:22.061057Z", + "name": "CVE-2024-42170", + "description": "HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42170" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364.json b/objects/vulnerability/vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364.json new file mode 100644 index 00000000000..0e714ca2589 --- /dev/null +++ b/objects/vulnerability/vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--580ad286-9410-4111-96be-d60b40d04f92", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9c7de0df-5c15-498d-87b9-117b9c48e364", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.112595Z", + "modified": "2025-01-12T00:23:20.112595Z", + "name": "CVE-2024-12116", + "description": "The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.1 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12116" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac.json b/objects/vulnerability/vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac.json new file mode 100644 index 00000000000..527ae926eb5 --- /dev/null +++ b/objects/vulnerability/vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7199e359-00ed-40f1-82ae-733a51bfb448", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9d60cfd7-7e21-467e-aea1-057c432070ac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.857104Z", + "modified": "2025-01-12T00:23:21.857104Z", + "name": "CVE-2024-56368", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix overflow in __rb_map_vma\n\nAn overflow occurred when performing the following calculation:\n\n nr_pages = ((nr_subbufs + 1) << subbuf_order) - pgoff;\n\nAdd a check before the calculation to avoid this problem.\n\nsyzbot reported this as a slab-out-of-bounds in __rb_map_vma:\n\nBUG: KASAN: slab-out-of-bounds in __rb_map_vma+0x9ab/0xae0 kernel/trace/ring_buffer.c:7058\nRead of size 8 at addr ffff8880767dd2b8 by task syz-executor187/5836\n\nCPU: 0 UID: 0 PID: 5836 Comm: syz-executor187 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n __rb_map_vma+0x9ab/0xae0 kernel/trace/ring_buffer.c:7058\n ring_buffer_map+0x56e/0x9b0 kernel/trace/ring_buffer.c:7138\n tracing_buffers_mmap+0xa6/0x120 kernel/trace/trace.c:8482\n call_mmap include/linux/fs.h:2183 [inline]\n mmap_file mm/internal.h:124 [inline]\n __mmap_new_file_vma mm/vma.c:2291 [inline]\n __mmap_new_vma mm/vma.c:2355 [inline]\n __mmap_region+0x1786/0x2670 mm/vma.c:2456\n mmap_region+0x127/0x320 mm/mmap.c:1348\n do_mmap+0xc00/0xfc0 mm/mmap.c:496\n vm_mmap_pgoff+0x1ba/0x360 mm/util.c:580\n ksys_mmap_pgoff+0x32c/0x5c0 mm/mmap.c:542\n __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline]\n __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline]\n __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe reproducer for this bug is:\n\n------------------------8<-------------------------\n #include \n #include \n #include \n #include \n #include \n\n int main(int argc, char **argv)\n {\n\tint page_size = getpagesize();\n\tint fd;\n\tvoid *meta;\n\n\tsystem(\"echo 1 > /sys/kernel/tracing/buffer_size_kb\");\n\tfd = open(\"/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\", O_RDONLY);\n\n\tmeta = mmap(NULL, page_size, PROT_READ, MAP_SHARED, fd, page_size * 5);\n }\n------------------------>8-------------------------", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56368" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52.json b/objects/vulnerability/vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52.json new file mode 100644 index 00000000000..67e2fee4e93 --- /dev/null +++ b/objects/vulnerability/vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2b8e7ca6-a662-4702-978a-a3090bf3ddcb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9f1ac88e-4721-470e-8ad9-dd75ac340b52", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.589143Z", + "modified": "2025-01-12T00:23:20.589143Z", + "name": "CVE-2024-11874", + "description": "The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11874" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4.json b/objects/vulnerability/vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4.json new file mode 100644 index 00000000000..5db1705e8d5 --- /dev/null +++ b/objects/vulnerability/vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--32beb438-a6db-4ba9-94d3-97591b5cfb93", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a2afe342-585f-4ab6-abb3-9966959525b4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.949742Z", + "modified": "2025-01-12T00:23:31.949742Z", + "name": "CVE-2025-0105", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0105" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5.json b/objects/vulnerability/vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5.json new file mode 100644 index 00000000000..c3ae3d981fa --- /dev/null +++ b/objects/vulnerability/vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--715dcd44-f276-46b1-9309-2983ebd7e7d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a42855ef-6f7e-48ec-917f-bcdb2bfefce5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.955623Z", + "modified": "2025-01-12T00:23:31.955623Z", + "name": "CVE-2025-0107", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0107" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8.json b/objects/vulnerability/vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8.json new file mode 100644 index 00000000000..0f83fac9f59 --- /dev/null +++ b/objects/vulnerability/vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a813f7d-bdab-4e83-a895-dd32c1ed9d1b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a55e4fb3-21c2-496c-8324-e0aaa86698a8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.939799Z", + "modified": "2025-01-12T00:23:31.939799Z", + "name": "CVE-2025-0106", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0106" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc.json b/objects/vulnerability/vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc.json new file mode 100644 index 00000000000..b0be7c70a9f --- /dev/null +++ b/objects/vulnerability/vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--84fb4c03-3799-497f-903e-dd288534bdef", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--acb8cf8c-5ba0-40e4-b936-c5192df7c8bc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.763534Z", + "modified": "2025-01-12T00:23:21.763534Z", + "name": "CVE-2024-57838", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/entry: Mark IRQ entries to fix stack depot warnings\n\nThe stack depot filters out everything outside of the top interrupt\ncontext as an uninteresting or irrelevant part of the stack traces. This\nhelps with stack trace de-duplication, avoiding an explosion of saved\nstack traces that share the same IRQ context code path but originate\nfrom different randomly interrupted points, eventually exhausting the\nstack depot.\n\nFiltering uses in_irqentry_text() to identify functions within the\n.irqentry.text and .softirqentry.text sections, which then become the\nlast stack trace entries being saved.\n\nWhile __do_softirq() is placed into the .softirqentry.text section by\ncommon code, populating .irqentry.text is architecture-specific.\n\nCurrently, the .irqentry.text section on s390 is empty, which prevents\nstack depot filtering and de-duplication and could result in warnings\nlike:\n\nStack depot reached limit capacity\nWARNING: CPU: 0 PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+0x39a/0x3c8\n\nwith PREEMPT and KASAN enabled.\n\nFix this by moving the IO/EXT interrupt handlers from .kprobes.text into\nthe .irqentry.text section and updating the kprobes blacklist to include\nthe .irqentry.text section.\n\nThis is done only for asynchronous interrupts and explicitly not for\nprogram checks, which are synchronous and where the context beyond the\nprogram check is important to preserve. Despite machine checks being\nsomewhat in between, they are extremely rare, and preserving context\nwhen possible is also of value.\n\nSVCs and Restart Interrupts are not relevant, one being always at the\nboundary to user space and the other being a one-time thing.\n\nIRQ entries filtering is also optionally used in ftrace function graph,\nwhere the same logic applies.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57838" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a.json b/objects/vulnerability/vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a.json new file mode 100644 index 00000000000..18b59f497d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--01074151-4000-4ae1-81bb-d142c1ceb323", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b023bd0e-809d-4b0b-9758-33976641b31a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.066868Z", + "modified": "2025-01-12T00:23:22.066868Z", + "name": "CVE-2024-42172", + "description": "HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logic errors, or software bugs and can affect any application with access control, including databases, network infrastructure, and web applications.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42172" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753.json b/objects/vulnerability/vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753.json new file mode 100644 index 00000000000..a97d4df4a4c --- /dev/null +++ b/objects/vulnerability/vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--95b06f10-6162-48f7-ac26-8cca3234d2ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b08ae1ef-ed83-4507-9a47-b8a83ee3f753", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.125584Z", + "modified": "2025-01-12T00:23:20.125584Z", + "name": "CVE-2024-12404", + "description": "The CF Internal Link Shortcode plugin for WordPress is vulnerable to SQL Injection via the 'post_title' parameter in all versions up to, and including, 1.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12404" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286.json b/objects/vulnerability/vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286.json new file mode 100644 index 00000000000..b6633f60256 --- /dev/null +++ b/objects/vulnerability/vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ba014f7c-4937-43e7-9cce-ddcebbe026d5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b732fb0e-4e16-48c9-b53e-b77f23927286", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.208263Z", + "modified": "2025-01-12T00:23:21.208263Z", + "name": "CVE-2024-41149", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-41149" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3.json b/objects/vulnerability/vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3.json new file mode 100644 index 00000000000..16332210c3e --- /dev/null +++ b/objects/vulnerability/vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5135d759-0aec-4324-a69e-64c1bd9e6cfd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--baf197e7-9ef5-496b-a358-fb6594c64ef3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.484093Z", + "modified": "2025-01-12T00:23:21.484093Z", + "name": "CVE-2024-54683", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done &\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme >/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-54683" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02.json b/objects/vulnerability/vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02.json new file mode 100644 index 00000000000..58b6d0a9c74 --- /dev/null +++ b/objects/vulnerability/vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fc6a6ab6-bf97-4c13-8823-23bfec29f29c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c388cb8f-bbb5-4f49-b68a-5cafde9c5d02", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.495179Z", + "modified": "2025-01-12T00:23:21.495179Z", + "name": "CVE-2024-54460", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-54460" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5.json b/objects/vulnerability/vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5.json new file mode 100644 index 00000000000..81cca742828 --- /dev/null +++ b/objects/vulnerability/vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4afdbe21-2098-4bc4-a1fd-eec62c430516", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c6ba7e2d-891e-4ea4-beff-c8966c5b34a5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.837835Z", + "modified": "2025-01-12T00:23:21.837835Z", + "name": "CVE-2024-56788", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: oa_tc6: fix tx skb race condition between reference pointers\n\nThere are two skb pointers to manage tx skb's enqueued from n/w stack.\nwaiting_tx_skb pointer points to the tx skb which needs to be processed\nand ongoing_tx_skb pointer points to the tx skb which is being processed.\n\nSPI thread prepares the tx data chunks from the tx skb pointed by the\nongoing_tx_skb pointer. When the tx skb pointed by the ongoing_tx_skb is\nprocessed, the tx skb pointed by the waiting_tx_skb is assigned to\nongoing_tx_skb and the waiting_tx_skb pointer is assigned with NULL.\nWhenever there is a new tx skb from n/w stack, it will be assigned to\nwaiting_tx_skb pointer if it is NULL. Enqueuing and processing of a tx skb\nhandled in two different threads.\n\nConsider a scenario where the SPI thread processed an ongoing_tx_skb and\nit moves next tx skb from waiting_tx_skb pointer to ongoing_tx_skb pointer\nwithout doing any NULL check. At this time, if the waiting_tx_skb pointer\nis NULL then ongoing_tx_skb pointer is also assigned with NULL. After\nthat, if a new tx skb is assigned to waiting_tx_skb pointer by the n/w\nstack and there is a chance to overwrite the tx skb pointer with NULL in\nthe SPI thread. Finally one of the tx skb will be left as unhandled,\nresulting packet missing and memory leak.\n\n- Consider the below scenario where the TXC reported from the previous\ntransfer is 10 and ongoing_tx_skb holds an tx ethernet frame which can be\ntransported in 20 TXCs and waiting_tx_skb is still NULL.\n\ttx_credits = 10; /* 21 are filled in the previous transfer */\n\tongoing_tx_skb = 20;\n\twaiting_tx_skb = NULL; /* Still NULL */\n- So, (tc6->ongoing_tx_skb || tc6->waiting_tx_skb) becomes true.\n- After oa_tc6_prepare_spi_tx_buf_for_tx_skbs()\n\tongoing_tx_skb = 10;\n\twaiting_tx_skb = NULL; /* Still NULL */\n- Perform SPI transfer.\n- Process SPI rx buffer to get the TXC from footers.\n- Now let's assume previously filled 21 TXCs are freed so we are good to\ntransport the next remaining 10 tx chunks from ongoing_tx_skb.\n\ttx_credits = 21;\n\tongoing_tx_skb = 10;\n\twaiting_tx_skb = NULL;\n- So, (tc6->ongoing_tx_skb || tc6->waiting_tx_skb) becomes true again.\n- In the oa_tc6_prepare_spi_tx_buf_for_tx_skbs()\n\tongoing_tx_skb = NULL;\n\twaiting_tx_skb = NULL;\n\n- Now the below bad case might happen,\n\nThread1 (oa_tc6_start_xmit)\tThread2 (oa_tc6_spi_thread_handler)\n---------------------------\t-----------------------------------\n- if waiting_tx_skb is NULL\n\t\t\t\t- if ongoing_tx_skb is NULL\n\t\t\t\t- ongoing_tx_skb = waiting_tx_skb\n- waiting_tx_skb = skb\n\t\t\t\t- waiting_tx_skb = NULL\n\t\t\t\t...\n\t\t\t\t- ongoing_tx_skb = NULL\n- if waiting_tx_skb is NULL\n- waiting_tx_skb = skb\n\nTo overcome the above issue, protect the moving of tx skb reference from\nwaiting_tx_skb pointer to ongoing_tx_skb pointer and assigning new tx skb\nto waiting_tx_skb pointer, so that the other thread can't access the\nwaiting_tx_skb pointer until the current thread completes moving the tx\nskb reference safely.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-56788" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0.json b/objects/vulnerability/vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0.json new file mode 100644 index 00000000000..7ae2111b1bc --- /dev/null +++ b/objects/vulnerability/vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5c1988e7-ea8f-4fd0-9273-b1f0f6a04664", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cdb7be5e-b4a8-4f0b-9cba-52c29ff6c4c0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.549427Z", + "modified": "2025-01-12T00:23:21.549427Z", + "name": "CVE-2024-55642", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Prevent potential deadlocks in zone write plug error recovery\n\nZone write plugging for handling writes to zones of a zoned block\ndevice always execute a zone report whenever a write BIO to a zone\nfails. The intent of this is to ensure that the tracking of a zone write\npointer is always correct to ensure that the alignment to a zone write\npointer of write BIOs can be checked on submission and that we can\nalways correctly emulate zone append operations using regular write\nBIOs.\n\nHowever, this error recovery scheme introduces a potential deadlock if a\ndevice queue freeze is initiated while BIOs are still plugged in a zone\nwrite plug and one of these write operation fails. In such case, the\ndisk zone write plug error recovery work is scheduled and executes a\nreport zone. This in turn can result in a request allocation in the\nunderlying driver to issue the report zones command to the device. But\nwith the device queue freeze already started, this allocation will\nblock, preventing the report zone execution and the continuation of the\nprocessing of the plugged BIOs. As plugged BIOs hold a queue usage\nreference, the queue freeze itself will never complete, resulting in a\ndeadlock.\n\nAvoid this problem by completely removing from the zone write plugging\ncode the use of report zones operations after a failed write operation,\ninstead relying on the device user to either execute a report zones,\nreset the zone, finish the zone, or give up writing to the device (which\nis a fairly common pattern for file systems which degrade to read-only\nafter write failures). This is not an unreasonnable requirement as all\nwell-behaved applications, FSes and device mapper already use report\nzones to recover from write errors whenever possible by comparing the\ncurrent position of a zone write pointer with what their assumption\nabout the position is.\n\nThe changes to remove the automatic error recovery are as follows:\n - Completely remove the error recovery work and its associated\n resources (zone write plug list head, disk error list, and disk\n zone_wplugs_work work struct). This also removes the functions\n disk_zone_wplug_set_error() and disk_zone_wplug_clear_error().\n\n - Change the BLK_ZONE_WPLUG_ERROR zone write plug flag into\n BLK_ZONE_WPLUG_NEED_WP_UPDATE. This new flag is set for a zone write\n plug whenever a write opration targetting the zone of the zone write\n plug fails. This flag indicates that the zone write pointer offset is\n not reliable and that it must be updated when the next report zone,\n reset zone, finish zone or disk revalidation is executed.\n\n - Modify blk_zone_write_plug_bio_endio() to set the\n BLK_ZONE_WPLUG_NEED_WP_UPDATE flag for the target zone of a failed\n write BIO.\n\n - Modify the function disk_zone_wplug_set_wp_offset() to clear this\n new flag, thus implementing recovery of a correct write pointer\n offset with the reset (all) zone and finish zone operations.\n\n - Modify blkdev_report_zones() to always use the disk_report_zones_cb()\n callback so that disk_zone_wplug_sync_wp_offset() can be called for\n any zone marked with the BLK_ZONE_WPLUG_NEED_WP_UPDATE flag.\n This implements recovery of a correct write pointer offset for zone\n write plugs marked with BLK_ZONE_WPLUG_NEED_WP_UPDATE and within\n the range of the report zones operation executed by the user.\n\n - Modify blk_revalidate_seq_zone() to call\n disk_zone_wplug_sync_wp_offset() for all sequential write required\n zones when a zoned block device is revalidated, thus always resolving\n any inconsistency between the write pointer offset of zone write\n plugs and the actual write pointer position of sequential zones.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-55642" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7.json b/objects/vulnerability/vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7.json new file mode 100644 index 00000000000..0ab7c8d8c64 --- /dev/null +++ b/objects/vulnerability/vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8c43d4aa-2102-4f70-90a7-dfcdebe5b1e7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cec1af85-b60e-4e24-a5ac-7f129be35bd7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.051439Z", + "modified": "2025-01-12T00:23:22.051439Z", + "name": "CVE-2024-42175", + "description": "HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there is no length validation. This can lead to security vulnerabilities like SQL injection, XSS, and buffer overflow.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42175" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3.json b/objects/vulnerability/vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3.json new file mode 100644 index 00000000000..05b8ec85baa --- /dev/null +++ b/objects/vulnerability/vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a44cf4ae-84b8-4c76-9191-236679eb3f34", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cf4dfbd1-b5d6-48af-a144-149da9d8e3e3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.79984Z", + "modified": "2025-01-12T00:23:21.79984Z", + "name": "CVE-2024-57880", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw: Add space for a terminator into DAIs array\n\nThe code uses the initialised member of the asoc_sdw_dailink struct to\ndetermine if a member of the array is in use. However in the case the\narray is completely full this will lead to an access 1 past the end of\nthe array, expand the array by one entry to include a space for a\nterminator.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57880" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5.json b/objects/vulnerability/vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5.json new file mode 100644 index 00000000000..03b436cc757 --- /dev/null +++ b/objects/vulnerability/vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b760fd77-d7f0-4ac2-8d50-42abc97f9c19", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d39a752c-fea1-4850-a767-6f686c2fc6a5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.960809Z", + "modified": "2025-01-12T00:23:31.960809Z", + "name": "CVE-2025-0391", + "description": "A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildController. java. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0391" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc.json b/objects/vulnerability/vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc.json new file mode 100644 index 00000000000..c6cb780e161 --- /dev/null +++ b/objects/vulnerability/vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b466b738-9628-44fc-bd3d-d1d553701f31", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d47aa4bf-e369-4977-9616-0c144820c5cc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.123979Z", + "modified": "2025-01-12T00:23:20.123979Z", + "name": "CVE-2024-12407", + "description": "The Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pushnotificationid' parameter in all versions up to, and including, 2.06 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12407" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac.json b/objects/vulnerability/vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac.json new file mode 100644 index 00000000000..eff34e7e8eb --- /dev/null +++ b/objects/vulnerability/vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--95659da6-9b92-488b-af97-47d69f3bfe63", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d64bfe37-d147-4942-bbfa-c2248582d3ac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.089124Z", + "modified": "2025-01-12T00:23:20.089124Z", + "name": "CVE-2024-12204", + "description": "The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in the class-cx-rest.php file in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create 100% off coupons, delete posts, delete leads, and update coupon statuses.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12204" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40.json b/objects/vulnerability/vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40.json new file mode 100644 index 00000000000..7f48781870c --- /dev/null +++ b/objects/vulnerability/vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fe5e9a5f-1d87-4d69-90c7-a98e13369172", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d6a51e0e-b55c-4c6e-9893-067425748d40", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.12283Z", + "modified": "2025-01-12T00:23:20.12283Z", + "name": "CVE-2024-12519", + "description": "The TCBD Auto Refresher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd_auto_refresh' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12519" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4.json b/objects/vulnerability/vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4.json new file mode 100644 index 00000000000..a05305ab071 --- /dev/null +++ b/objects/vulnerability/vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--589fdf9b-de5c-464e-aa38-0e076e2845d3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d8256fd1-fab2-4a3c-aed9-fa1e815367a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:19.960208Z", + "modified": "2025-01-12T00:23:19.960208Z", + "name": "CVE-2024-52332", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix potential invalid memory access in igb_init_module()\n\nThe pci_register_driver() can fail and when this happened, the dca_notifier\nneeds to be unregistered, otherwise the dca_notifier can be called when\nigb fails to install, resulting to invalid memory access.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-52332" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e.json b/objects/vulnerability/vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e.json new file mode 100644 index 00000000000..e9d3ede7e1b --- /dev/null +++ b/objects/vulnerability/vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--30145a4a-905f-4652-b4f6-45285da3dcfb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d9c38196-8a56-4784-8dc8-11e84974111e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.389326Z", + "modified": "2025-01-12T00:23:20.389326Z", + "name": "CVE-2024-50051", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mpc52xx: Add cancel_work_sync before module remove\n\nIf we remove the module which will call mpc52xx_spi_remove\nit will free 'ms' through spi_unregister_controller.\nwhile the work ms->work will be used. The sequence of operations\nthat may lead to a UAF bug.\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in mpc52xx_spi_remove.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-50051" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7.json b/objects/vulnerability/vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7.json new file mode 100644 index 00000000000..ced91b2baa3 --- /dev/null +++ b/objects/vulnerability/vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6d037a6f-d1fb-46a7-aac1-299d2403bd51", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--df37b937-9c76-4267-9a43-9505b1564cc7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:22.608877Z", + "modified": "2025-01-12T00:23:22.608877Z", + "name": "CVE-2024-43098", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock\n\nA deadlock may happen since the i3c_master_register() acquires\n&i3cbus->lock twice. See the log below.\nUse i3cdev->desc->info instead of calling i3c_device_info() to\navoid acquiring the lock twice.\n\nv2:\n - Modified the title and commit message\n\n============================================\nWARNING: possible recursive locking detected\n6.11.0-mainline\n--------------------------------------------\ninit/1 is trying to acquire lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_bus_normaluse_lock\n\nbut task is already holding lock:\nf1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&i3cbus->lock);\n lock(&i3cbus->lock);\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n2 locks held by init/1:\n #0: fcffff809b6798f8 (&dev->mutex){....}-{3:3}, at: __driver_attach\n #1: f1ffff80a6a40dc0 (&i3cbus->lock){++++}-{3:3}, at: i3c_master_register\n\nstack backtrace:\nCPU: 6 UID: 0 PID: 1 Comm: init\nCall trace:\n dump_backtrace+0xfc/0x17c\n show_stack+0x18/0x28\n dump_stack_lvl+0x40/0xc0\n dump_stack+0x18/0x24\n print_deadlock_bug+0x388/0x390\n __lock_acquire+0x18bc/0x32ec\n lock_acquire+0x134/0x2b0\n down_read+0x50/0x19c\n i3c_bus_normaluse_lock+0x14/0x24\n i3c_device_get_info+0x24/0x58\n i3c_device_uevent+0x34/0xa4\n dev_uevent+0x310/0x384\n kobject_uevent_env+0x244/0x414\n kobject_uevent+0x14/0x20\n device_add+0x278/0x460\n device_register+0x20/0x34\n i3c_master_register_new_i3c_devs+0x78/0x154\n i3c_master_register+0x6a0/0x6d4\n mtk_i3c_master_probe+0x3b8/0x4d8\n platform_probe+0xa0/0xe0\n really_probe+0x114/0x454\n __driver_probe_device+0xa0/0x15c\n driver_probe_device+0x3c/0x1ac\n __driver_attach+0xc4/0x1f0\n bus_for_each_dev+0x104/0x160\n driver_attach+0x24/0x34\n bus_add_driver+0x14c/0x294\n driver_register+0x68/0x104\n __platform_driver_register+0x20/0x30\n init_module+0x20/0xfe4\n do_one_initcall+0x184/0x464\n do_init_module+0x58/0x1ec\n load_module+0xefc/0x10c8\n __arm64_sys_finit_module+0x238/0x33c\n invoke_syscall+0x58/0x10c\n el0_svc_common+0xa8/0xdc\n do_el0_svc+0x1c/0x28\n el0_svc+0x50/0xac\n el0t_64_sync_handler+0x70/0xbc\n el0t_64_sync+0x1a8/0x1ac", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-43098" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6.json b/objects/vulnerability/vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6.json new file mode 100644 index 00000000000..d183f8969ba --- /dev/null +++ b/objects/vulnerability/vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--86c5e8dc-21cc-4f9c-ac83-696b1149d0ec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--df60cb9b-0914-492f-9bff-080eafae42f6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.969738Z", + "modified": "2025-01-12T00:23:31.969738Z", + "name": "CVE-2025-0103", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0103" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94.json b/objects/vulnerability/vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94.json new file mode 100644 index 00000000000..86f272755fd --- /dev/null +++ b/objects/vulnerability/vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--da2952b6-7c24-4f9d-be95-8792dc8f299b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e06b7ed8-c0a1-46ae-a639-204a96960d94", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.350288Z", + "modified": "2025-01-12T00:23:20.350288Z", + "name": "CVE-2024-47141", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: Use sequential access to access desc->pinmux data\n\nWhen two client of the same gpio call pinctrl_select_state() for the\nsame functionality, we are seeing NULL pointer issue while accessing\ndesc->mux_owner.\n\nLet's say two processes A, B executing in pin_request() for the same pin\nand process A updates the desc->mux_usecount but not yet updated the\ndesc->mux_owner while process B see the desc->mux_usecount which got\nupdated by A path and further executes strcmp and while accessing\ndesc->mux_owner it crashes with NULL pointer.\n\nSerialize the access to mux related setting with a mutex lock.\n\n\tcpu0 (process A)\t\t\tcpu1(process B)\n\npinctrl_select_state() {\t\t pinctrl_select_state() {\n pin_request() {\t\t\t\tpin_request() {\n ...\n\t\t\t\t\t\t ....\n } else {\n desc->mux_usecount++;\n \t\t\t\t\t\tdesc->mux_usecount && strcmp(desc->mux_owner, owner)) {\n\n if (desc->mux_usecount > 1)\n return 0;\n desc->mux_owner = owner;\n\n }\t\t\t\t\t\t}", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47141" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94.json b/objects/vulnerability/vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94.json new file mode 100644 index 00000000000..07dd218f9f1 --- /dev/null +++ b/objects/vulnerability/vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e9f7f1c-a9e1-4ddf-bca9-027ee1f8fe16", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1b8772a-f841-4882-b27f-0b2c9645bb94", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.619937Z", + "modified": "2025-01-12T00:23:20.619937Z", + "name": "CVE-2024-11386", + "description": "The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-11386" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9.json b/objects/vulnerability/vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9.json new file mode 100644 index 00000000000..b9a38d66e64 --- /dev/null +++ b/objects/vulnerability/vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5be887b1-e376-4791-b8af-7231a730b134", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e2fbdd9a-ce55-4859-9f1b-4c4a223255d9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.801137Z", + "modified": "2025-01-12T00:23:21.801137Z", + "name": "CVE-2024-57804", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs\n\nThe driver, through the SAS transport, exposes a sysfs interface to\nenable/disable PHYs in a controller/expander setup. When multiple PHYs\nare disabled and enabled in rapid succession, the persistent and current\nconfig pages related to SAS IO unit/SAS Expander pages could get\ncorrupted.\n\nUse separate memory for each config request.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57804" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b.json b/objects/vulnerability/vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b.json new file mode 100644 index 00000000000..a6cc00e265c --- /dev/null +++ b/objects/vulnerability/vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--608c24a7-affe-4fbc-bd4c-40f6ba9ced64", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e7a23e5a-2fbc-466d-ae9f-28680252026b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.311476Z", + "modified": "2025-01-12T00:23:20.311476Z", + "name": "CVE-2024-47794", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -> subprog_tc -> entry_freplace --tailcall-> entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47794" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0.json b/objects/vulnerability/vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0.json new file mode 100644 index 00000000000..2766dd4ccc2 --- /dev/null +++ b/objects/vulnerability/vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--126429c6-8094-46f0-ba1d-9995d99dc839", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e7ea5539-7d65-4327-9a50-cc4f7b6e25a0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.519159Z", + "modified": "2025-01-12T00:23:21.519159Z", + "name": "CVE-2024-54191", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_conn_big_sync\n\nThis fixes the circular locking dependency warning below, by reworking\niso_sock_recvmsg, to ensure that the socket lock is always released\nbefore calling a function that locks hdev.\n\n[ 561.670344] ======================================================\n[ 561.670346] WARNING: possible circular locking dependency detected\n[ 561.670349] 6.12.0-rc6+ #26 Not tainted\n[ 561.670351] ------------------------------------------------------\n[ 561.670353] iso-tester/3289 is trying to acquire lock:\n[ 561.670355] ffff88811f600078 (&hdev->lock){+.+.}-{3:3},\n at: iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670405]\n but task is already holding lock:\n[ 561.670407] ffff88815af58258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0},\n at: iso_sock_recvmsg+0xbf/0x500 [bluetooth]\n[ 561.670450]\n which lock already depends on the new lock.\n\n[ 561.670452]\n the existing dependency chain (in reverse order) is:\n[ 561.670453]\n -> #2 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}:\n[ 561.670458] lock_acquire+0x7c/0xc0\n[ 561.670463] lock_sock_nested+0x3b/0xf0\n[ 561.670467] bt_accept_dequeue+0x1a5/0x4d0 [bluetooth]\n[ 561.670510] iso_sock_accept+0x271/0x830 [bluetooth]\n[ 561.670547] do_accept+0x3dd/0x610\n[ 561.670550] __sys_accept4+0xd8/0x170\n[ 561.670553] __x64_sys_accept+0x74/0xc0\n[ 561.670556] x64_sys_call+0x17d6/0x25f0\n[ 561.670559] do_syscall_64+0x87/0x150\n[ 561.670563] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670567]\n -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 561.670571] lock_acquire+0x7c/0xc0\n[ 561.670574] lock_sock_nested+0x3b/0xf0\n[ 561.670577] iso_sock_listen+0x2de/0xf30 [bluetooth]\n[ 561.670617] __sys_listen_socket+0xef/0x130\n[ 561.670620] __x64_sys_listen+0xe1/0x190\n[ 561.670623] x64_sys_call+0x2517/0x25f0\n[ 561.670626] do_syscall_64+0x87/0x150\n[ 561.670629] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670632]\n -> #0 (&hdev->lock){+.+.}-{3:3}:\n[ 561.670636] __lock_acquire+0x32ad/0x6ab0\n[ 561.670639] lock_acquire.part.0+0x118/0x360\n[ 561.670642] lock_acquire+0x7c/0xc0\n[ 561.670644] __mutex_lock+0x18d/0x12f0\n[ 561.670647] mutex_lock_nested+0x1b/0x30\n[ 561.670651] iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670687] iso_sock_recvmsg+0x3e9/0x500 [bluetooth]\n[ 561.670722] sock_recvmsg+0x1d5/0x240\n[ 561.670725] sock_read_iter+0x27d/0x470\n[ 561.670727] vfs_read+0x9a0/0xd30\n[ 561.670731] ksys_read+0x1a8/0x250\n[ 561.670733] __x64_sys_read+0x72/0xc0\n[ 561.670736] x64_sys_call+0x1b12/0x25f0\n[ 561.670738] do_syscall_64+0x87/0x150\n[ 561.670741] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670744]\n other info that might help us debug this:\n\n[ 561.670745] Chain exists of:\n&hdev->lock --> sk_lock-AF_BLUETOOTH-BTPROTO_ISO --> sk_lock-AF_BLUETOOTH\n\n[ 561.670751] Possible unsafe locking scenario:\n\n[ 561.670753] CPU0 CPU1\n[ 561.670754] ---- ----\n[ 561.670756] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670758] lock(sk_lock\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 561.670761] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670764] lock(&hdev->lock);\n[ 561.670767]\n *** DEADLOCK ***", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-54191" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0.json b/objects/vulnerability/vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0.json new file mode 100644 index 00000000000..d30114ce35d --- /dev/null +++ b/objects/vulnerability/vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c2035c7e-6f6e-41e5-8caf-8c38d778318b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea51c7f3-bce5-4305-9759-20406df5e4b0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.952218Z", + "modified": "2025-01-12T00:23:31.952218Z", + "name": "CVE-2025-0104", + "description": "** UNSUPPPORTED WHEN ASSIGNED ** A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0104" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846.json b/objects/vulnerability/vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846.json new file mode 100644 index 00000000000..7c6b6545f5a --- /dev/null +++ b/objects/vulnerability/vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fb2158ec-7537-4489-b569-1acde3365934", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--eb04c674-dc6b-46da-a55b-3c1f4e075846", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.935296Z", + "modified": "2025-01-12T00:23:31.935296Z", + "name": "CVE-2025-23109", + "description": "Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-23109" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec.json b/objects/vulnerability/vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec.json new file mode 100644 index 00000000000..6b0576f48be --- /dev/null +++ b/objects/vulnerability/vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ef1e342e-1662-4f0d-ad8e-65451a2e8bf1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ee2e8f9a-ed8d-49cf-8974-b5969ccb47ec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:31.93281Z", + "modified": "2025-01-12T00:23:31.93281Z", + "name": "CVE-2025-23108", + "description": "Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-23108" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3.json b/objects/vulnerability/vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3.json new file mode 100644 index 00000000000..d36d452ea9c --- /dev/null +++ b/objects/vulnerability/vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0a30484c-cf01-47b0-86b3-73aed6a7dce7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f050577f-5420-4ca7-8d35-709b86cb79f3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.315108Z", + "modified": "2025-01-12T00:23:20.315108Z", + "name": "CVE-2024-47143", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-debug: fix a possible deadlock on radix_lock\n\nradix_lock() shouldn't be held while holding dma_hash_entry[idx].lock\notherwise, there's a possible deadlock scenario when\ndma debug API is called holding rq_lock():\n\nCPU0 CPU1 CPU2\ndma_free_attrs()\ncheck_unmap() add_dma_entry() __schedule() //out\n (A) rq_lock()\nget_hash_bucket()\n(A) dma_entry_hash\n check_sync()\n (A) radix_lock() (W) dma_entry_hash\ndma_entry_free()\n(W) radix_lock()\n // CPU2's one\n (W) rq_lock()\n\nCPU1 situation can happen when it extending radix tree and\nit tries to wake up kswapd via wake_all_kswapd().\n\nCPU2 situation can happen while perf_event_task_sched_out()\n(i.e. dma sync operation is called while deleting perf_event using\n etm and etr tmc which are Arm Coresight hwtracing driver backends).\n\nTo remove this possible situation, call dma_entry_free() after\nput_hash_bucket() in check_unmap().", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47143" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f269999d-83b0-4119-8608-0427970d4b52.json b/objects/vulnerability/vulnerability--f269999d-83b0-4119-8608-0427970d4b52.json new file mode 100644 index 00000000000..1f9c545702b --- /dev/null +++ b/objects/vulnerability/vulnerability--f269999d-83b0-4119-8608-0427970d4b52.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--313843c9-9ea5-446d-86f7-8fc874b3382d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f269999d-83b0-4119-8608-0427970d4b52", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.803957Z", + "modified": "2025-01-12T00:23:21.803957Z", + "name": "CVE-2024-57850", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: Prevent rtime decompress memory corruption\n\nThe rtime decompression routine does not fully check bounds during the\nentirety of the decompression pass and can corrupt memory outside the\ndecompression buffer if the compressed data is corrupted. This adds the\nrequired check to prevent this failure mode.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-57850" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052.json b/objects/vulnerability/vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052.json new file mode 100644 index 00000000000..b2bfa9ef86f --- /dev/null +++ b/objects/vulnerability/vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--27f9c377-9f6b-4f18-83e6-19dc699771e8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f55aa9fc-10a2-404e-97c0-22f560d0b052", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.904109Z", + "modified": "2025-01-12T00:23:20.904109Z", + "name": "CVE-2024-53689", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix potential deadlock while freezing queue and acquiring sysfs_lock\n\nFor storing a value to a queue attribute, the queue_attr_store function\nfirst freezes the queue (->q_usage_counter(io)) and then acquire\n->sysfs_lock. This seems not correct as the usual ordering should be to\nacquire ->sysfs_lock before freezing the queue. This incorrect ordering\ncauses the following lockdep splat which we are able to reproduce always\nsimply by accessing /sys/kernel/debug file using ls command:\n\n[ 57.597146] WARNING: possible circular locking dependency detected\n[ 57.597154] 6.12.0-10553-gb86545e02e8c #20 Tainted: G W\n[ 57.597162] ------------------------------------------------------\n[ 57.597168] ls/4605 is trying to acquire lock:\n[ 57.597176] c00000003eb56710 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x58/0xc0\n[ 57.597200]\n but task is already holding lock:\n[ 57.597207] c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: iterate_dir+0x94/0x1d4\n[ 57.597226]\n which lock already depends on the new lock.\n\n[ 57.597233]\n the existing dependency chain (in reverse order) is:\n[ 57.597241]\n -> #5 (&sb->s_type->i_mutex_key#3){++++}-{4:4}:\n[ 57.597255] down_write+0x6c/0x18c\n[ 57.597264] start_creating+0xb4/0x24c\n[ 57.597274] debugfs_create_dir+0x2c/0x1e8\n[ 57.597283] blk_register_queue+0xec/0x294\n[ 57.597292] add_disk_fwnode+0x2e4/0x548\n[ 57.597302] brd_alloc+0x2c8/0x338\n[ 57.597309] brd_init+0x100/0x178\n[ 57.597317] do_one_initcall+0x88/0x3e4\n[ 57.597326] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597334] kernel_init+0x34/0x1cc\n[ 57.597342] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597350]\n -> #4 (&q->debugfs_mutex){+.+.}-{4:4}:\n[ 57.597362] __mutex_lock+0xfc/0x12a0\n[ 57.597370] blk_register_queue+0xd4/0x294\n[ 57.597379] add_disk_fwnode+0x2e4/0x548\n[ 57.597388] brd_alloc+0x2c8/0x338\n[ 57.597395] brd_init+0x100/0x178\n[ 57.597402] do_one_initcall+0x88/0x3e4\n[ 57.597410] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597418] kernel_init+0x34/0x1cc\n[ 57.597426] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597434]\n -> #3 (&q->sysfs_lock){+.+.}-{4:4}:\n[ 57.597446] __mutex_lock+0xfc/0x12a0\n[ 57.597454] queue_attr_store+0x9c/0x110\n[ 57.597462] sysfs_kf_write+0x70/0xb0\n[ 57.597471] kernfs_fop_write_iter+0x1b0/0x2ac\n[ 57.597480] vfs_write+0x3dc/0x6e8\n[ 57.597488] ksys_write+0x84/0x140\n[ 57.597495] system_call_exception+0x130/0x360\n[ 57.597504] system_call_common+0x160/0x2c4\n[ 57.597516]\n -> #2 (&q->q_usage_counter(io)#21){++++}-{0:0}:\n[ 57.597530] __submit_bio+0x5ec/0x828\n[ 57.597538] submit_bio_noacct_nocheck+0x1e4/0x4f0\n[ 57.597547] iomap_readahead+0x2a0/0x448\n[ 57.597556] xfs_vm_readahead+0x28/0x3c\n[ 57.597564] read_pages+0x88/0x41c\n[ 57.597571] page_cache_ra_unbounded+0x1ac/0x2d8\n[ 57.597580] filemap_get_pages+0x188/0x984\n[ 57.597588] filemap_read+0x13c/0x4bc\n[ 57.597596] xfs_file_buffered_read+0x88/0x17c\n[ 57.597605] xfs_file_read_iter+0xac/0x158\n[ 57.597614] vfs_read+0x2d4/0x3b4\n[ 57.597622] ksys_read+0x84/0x144\n[ 57.597629] system_call_exception+0x130/0x360\n[ 57.597637] system_call_common+0x160/0x2c4\n[ 57.597647]\n -> #1 (mapping.invalidate_lock#2){++++}-{4:4}:\n[ 57.597661] down_read+0x6c/0x220\n[ 57.597669] filemap_fault+0x870/0x100c\n[ 57.597677] xfs_filemap_fault+0xc4/0x18c\n[ 57.597684] __do_fault+0x64/0x164\n[ 57.597693] __handle_mm_fault+0x1274/0x1dac\n[ 57.597702] handle_mm_fault+0x248/0x48\n---truncated---", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-53689" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8.json b/objects/vulnerability/vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8.json new file mode 100644 index 00000000000..139444d454e --- /dev/null +++ b/objects/vulnerability/vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d28aedd0-742c-469f-911f-d233d74a66ab", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f78dd09d-2c90-4ed4-921d-014840fc56f8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.141975Z", + "modified": "2025-01-12T00:23:20.141975Z", + "name": "CVE-2024-12877", + "description": "The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server that makes remote code execution possible. Please note this was only partially patched in 3.19.3, a fully sufficient patch was not released until 3.19.4. However, another CVE was assigned by another CNA for version 3.19.3 so we will leave this as affecting 3.19.2 and before. We have recommended the vendor use JSON encoding to prevent any further deserialization vulnerabilities from being present.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12877" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868.json b/objects/vulnerability/vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868.json new file mode 100644 index 00000000000..62af124e163 --- /dev/null +++ b/objects/vulnerability/vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fe6c6aff-60b9-4933-904a-a80279ecb3da", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fd304b88-a717-4a56-8de1-2bdc268f7868", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.339794Z", + "modified": "2025-01-12T00:23:20.339794Z", + "name": "CVE-2024-47408", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-47408" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689.json b/objects/vulnerability/vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689.json new file mode 100644 index 00000000000..19a64280d36 --- /dev/null +++ b/objects/vulnerability/vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--65fd1e1c-d5d4-46aa-a27c-41b73d8a47db", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fe719ccb-3c29-479a-968a-36aabbe16689", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.592802Z", + "modified": "2025-01-12T00:23:21.592802Z", + "name": "CVE-2024-49568", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49568" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5.json b/objects/vulnerability/vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5.json new file mode 100644 index 00000000000..f502af486bc --- /dev/null +++ b/objects/vulnerability/vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--510ea40b-53e1-4293-b9a3-eb2d17c3f85e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fea4b886-7be8-48d7-a548-8077914ee0b5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:20.099536Z", + "modified": "2025-01-12T00:23:20.099536Z", + "name": "CVE-2024-12627", + "description": "The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.5 via deserialization of untrusted input from post content passed to the capture_email AJAX action. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12627" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90.json b/objects/vulnerability/vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90.json new file mode 100644 index 00000000000..665589ffd85 --- /dev/null +++ b/objects/vulnerability/vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8d467c95-548c-41cd-8759-3373de4d0ffa", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ffc9bfea-1dc9-40fc-821c-58d79802fa90", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-12T00:23:21.597229Z", + "modified": "2025-01-12T00:23:21.597229Z", + "name": "CVE-2024-49569", + "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: unquiesce admin_q before destroy it\n\nKernel will hang on destroy admin_q while we create ctrl failed, such\nas following calltrace:\n\nPID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: \"nvme\"\n #0 [ff61d23de260fb78] __schedule at ffffffff8323bc15\n #1 [ff61d23de260fc08] schedule at ffffffff8323c014\n #2 [ff61d23de260fc28] blk_mq_freeze_queue_wait at ffffffff82a3dba1\n #3 [ff61d23de260fc78] blk_freeze_queue at ffffffff82a4113a\n #4 [ff61d23de260fc90] blk_cleanup_queue at ffffffff82a33006\n #5 [ff61d23de260fcb0] nvme_rdma_destroy_admin_queue at ffffffffc12686ce\n #6 [ff61d23de260fcc8] nvme_rdma_setup_ctrl at ffffffffc1268ced\n #7 [ff61d23de260fd28] nvme_rdma_create_ctrl at ffffffffc126919b\n #8 [ff61d23de260fd68] nvmf_dev_write at ffffffffc024f362\n #9 [ff61d23de260fe38] vfs_write at ffffffff827d5f25\n RIP: 00007fda7891d574 RSP: 00007ffe2ef06958 RFLAGS: 00000202\n RAX: ffffffffffffffda RBX: 000055e8122a4d90 RCX: 00007fda7891d574\n RDX: 000000000000012b RSI: 000055e8122a4d90 RDI: 0000000000000004\n RBP: 00007ffe2ef079c0 R8: 000000000000012b R9: 000055e8122a4d90\n R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004\n R13: 000055e8122923c0 R14: 000000000000012b R15: 00007fda78a54500\n ORIG_RAX: 0000000000000001 CS: 0033 SS: 002b\n\nThis due to we have quiesced admi_q before cancel requests, but forgot\nto unquiesce before destroy it, as a result we fail to drain the\npending requests, and hang on blk_mq_freeze_queue_wait() forever. Here\ntry to reuse nvme_rdma_teardown_admin_queue() to fix this issue and\nsimplify the code.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-49569" + } + ] + } + ] +} \ No newline at end of file