-
Notifications
You must be signed in to change notification settings - Fork 39
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
43ca867
commit 864c86c
Showing
266 changed files
with
6,095 additions
and
0 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0023a041-cc69-434a-9fb9-c8c0527dc4e7.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--240dcd10-d149-41ae-8efa-e9b888e57037", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0023a041-cc69-434a-9fb9-c8c0527dc4e7", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:26.831745Z", | ||
| "modified": "2024-11-06T00:20:26.831745Z", | ||
| "name": "CVE-2024-51516", | ||
| "description": "Permission control vulnerability in the ability module\nImpact: Successful exploitation of this vulnerability may cause features to function abnormally.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-51516" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0292f0b8-c325-434a-844e-80d9bb1fa3c0.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--2c3979cc-1604-4b3b-a6f4-1738809741a4", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0292f0b8-c325-434a-844e-80d9bb1fa3c0", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.716914Z", | ||
| "modified": "2024-11-06T00:20:28.716914Z", | ||
| "name": "CVE-2024-36890", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab: make __free(kfree) accept error pointers\n\nCurrently, if an automatically freed allocation is an error pointer that\nwill lead to a crash. An example of this is in wm831x_gpio_dbg_show().\n\n 171\tchar *label __free(kfree) = gpiochip_dup_line_label(chip, i);\n 172\tif (IS_ERR(label)) {\n 173\t\tdev_err(wm831x->dev, \"Failed to duplicate label\\n\");\n 174\t\tcontinue;\n 175 }\n\nThe auto clean up function should check for error pointers as well,\notherwise we're going to keep hitting issues like this.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36890" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0300fc7b-6a83-495e-bfbf-4567607d5af3.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--4aee8bd0-8e07-43f2-b983-020f4d27a59b", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0300fc7b-6a83-495e-bfbf-4567607d5af3", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:27.16796Z", | ||
| "modified": "2024-11-06T00:20:27.16796Z", | ||
| "name": "CVE-2024-9667", | ||
| "description": "The Seriously Simple Podcasting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.5.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9667" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--033a7b4c-7707-470a-b307-76d18823fb34.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--3fdc99dd-4512-4808-af76-8a3cc7f743d6", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--033a7b4c-7707-470a-b307-76d18823fb34", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:27.148037Z", | ||
| "modified": "2024-11-06T00:20:27.148037Z", | ||
| "name": "CVE-2024-9178", | ||
| "description": "The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-9178" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0420f189-14c6-4eb8-9b26-2d49600ecb20.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--5c136eaa-a45b-4c35-9ddd-9530ddf61fd3", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0420f189-14c6-4eb8-9b26-2d49600ecb20", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.728426Z", | ||
| "modified": "2024-11-06T00:20:28.728426Z", | ||
| "name": "CVE-2024-36911", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Don't free decrypted memory\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nThe netvsc driver could free decrypted/shared pages if\nset_memory_decrypted() fails. Check the decrypted field in the gpadl\nto decide whether to free the memory.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36911" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--05b8ce9f-1a67-43ab-aa4b-855c8b3bb03a.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--1863eec2-5f76-4d8f-bfe8-03d23a34d235", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--05b8ce9f-1a67-43ab-aa4b-855c8b3bb03a", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:38.822642Z", | ||
| "modified": "2024-11-06T00:20:38.822642Z", | ||
| "name": "CVE-2023-29122", | ||
| "description": "Under certain conditions, access to service libraries is granted to account they should not have access to.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2023-29122" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--05d69627-d71e-490e-9610-77c9ce147141.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--7f56a041-05f9-454b-8a2d-e79d3f1ca069", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--05d69627-d71e-490e-9610-77c9ce147141", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.684143Z", | ||
| "modified": "2024-11-06T00:20:28.684143Z", | ||
| "name": "CVE-2024-36887", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ne1000e: change usleep_range to udelay in PHY mdic access\n\nThis is a partial revert of commit 6dbdd4de0362 (\"e1000e: Workaround\nfor sporadic MDI error on Meteor Lake systems\"). The referenced commit\nused usleep_range inside the PHY access routines, which are sometimes\ncalled from an atomic context. This can lead to a kernel panic in some\nscenarios, such as cable disconnection and reconnection on vPro systems.\n\nSolve this by changing the usleep_range calls back to udelay.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36887" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--07ca7a72-5dd3-4939-a292-9ba561592abd.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--16387858-193d-4b20-87b2-04a56d804ac1", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--07ca7a72-5dd3-4939-a292-9ba561592abd", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:27.309638Z", | ||
| "modified": "2024-11-06T00:20:27.309638Z", | ||
| "name": "CVE-2024-50108", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable PSR-SU on Parade 08-01 TCON too\n\nStuart Hayhurst has found that both at bootup and fullscreen VA-API video\nis leading to black screens for around 1 second and kernel WARNING [1] traces\nwhen calling dmub_psr_enable() with Parade 08-01 TCON.\n\nThese symptoms all go away with PSR-SU disabled for this TCON, so disable\nit for now while DMUB traces [2] from the failure can be analyzed and the failure\nstate properly root caused.\n\n(cherry picked from commit afb634a6823d8d9db23c5fb04f79c5549349628b)", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-50108" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0871b1f3-30b6-477c-9778-d29470a9be49.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--bac77dc8-dbce-47ec-a8de-44fbbc7c4d9f", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0871b1f3-30b6-477c-9778-d29470a9be49", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.680715Z", | ||
| "modified": "2024-11-06T00:20:28.680715Z", | ||
| "name": "CVE-2024-36900", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash.\n\nThis patch fixes this by registering the devlink after\nhardware initialization.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36900" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--0d0ad4ab-f636-448c-baa4-7af8d537af09.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--11a7a992-e953-4697-a602-33eb41167f41", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--0d0ad4ab-f636-448c-baa4-7af8d537af09", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:26.988311Z", | ||
| "modified": "2024-11-06T00:20:26.988311Z", | ||
| "name": "CVE-2024-52016", | ||
| "description": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-52016" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--1028e8c1-0f23-4c2c-a157-8dddbe44b5ed.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--cb16c40e-f1f2-4267-aebd-9c243ad6ab60", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--1028e8c1-0f23-4c2c-a157-8dddbe44b5ed", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:27.314423Z", | ||
| "modified": "2024-11-06T00:20:27.314423Z", | ||
| "name": "CVE-2024-50100", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: dummy-hcd: Fix \"task hung\" problem\n\nThe syzbot fuzzer has been encountering \"task hung\" problems ever\nsince the dummy-hcd driver was changed to use hrtimers instead of\nregular timers. It turns out that the problems are caused by a subtle\ndifference between the timer_pending() and hrtimer_active() APIs.\n\nThe changeover blindly replaced the first by the second. However,\ntimer_pending() returns True when the timer is queued but not when its\ncallback is running, whereas hrtimer_active() returns True when the\nhrtimer is queued _or_ its callback is running. This difference\noccasionally caused dummy_urb_enqueue() to think that the callback\nroutine had not yet started when in fact it was almost finished. As a\nresult the hrtimer was not restarted, which made it impossible for the\ndriver to dequeue later the URB that was just enqueued. This caused\nusb_kill_urb() to hang, and things got worse from there.\n\nSince hrtimers have no API for telling when they are queued and the\ncallback isn't running, the driver must keep track of this for itself.\nThat's what this patch does, adding a new \"timer_pending\" flag and\nsetting or clearing it at the appropriate times.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-50100" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--112db2f6-5d7c-4e72-a9ce-29e73afa97d0.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--b9e8d017-429a-4978-91a7-c38a145ab8f6", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--112db2f6-5d7c-4e72-a9ce-29e73afa97d0", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.424091Z", | ||
| "modified": "2024-11-06T00:20:28.424091Z", | ||
| "name": "CVE-2024-49861", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix helper writes to read-only maps\n\nLonial found an issue that despite user- and BPF-side frozen BPF map\n(like in case of .rodata), it was still possible to write into it from\na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT}\nas arguments.\n\nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode\nis never set. Later, check_helper_mem_access(), under the case of\nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the\nsubsequent call to check_map_access_type() and given the BPF map is\nread-only it succeeds.\n\nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT\nwhen results are written into them as opposed to read out of them. The\nlatter indicates that it's okay to pass a pointer to uninitialized memory\nas the memory is written to anyway.\n\nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM\njust with additional alignment requirement. So it is better to just get\nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the\nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure\nalignment given these helpers write directly into the args via *<ptr> = val.\nThe .arg*_size has been initialized reflecting the actual sizeof(*<ptr>).\n\nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated\nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know\nthe buffer size a priori and therefore cannot blindly write *<ptr> = val.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-49861" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--118ff8de-3602-4b67-bebb-8ab0b0196339.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--213845a3-921b-4985-a94f-125b9fe5e790", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--118ff8de-3602-4b67-bebb-8ab0b0196339", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.657524Z", | ||
| "modified": "2024-11-06T00:20:28.657524Z", | ||
| "name": "CVE-2024-36921", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: guard against invalid STA ID on removal\n\nGuard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would\nresult in out-of-bounds array accesses. This prevents issues should the\ndriver get into a bad state during error handling.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36921" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--11cb8980-03cf-404c-a39a-96503560d74e.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--43c00d1d-a57d-4c27-abed-41d231974199", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--11cb8980-03cf-404c-a39a-96503560d74e", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:28.661369Z", | ||
| "modified": "2024-11-06T00:20:28.661369Z", | ||
| "name": "CVE-2024-36947", | ||
| "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix dentry leak\n\nsimple_recursive_removal() drops the pinning references to all positives\nin subtree. For the cases when its argument has been kept alive by\nthe pinning alone that's exactly the right thing to do, but here\nthe argument comes from dcache lookup, that needs to be balanced by\nexplicit dput().\n\nFucked-up-by: Al Viro <[email protected]>", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-36947" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
22 changes: 22 additions & 0 deletions
22
objects/vulnerability/vulnerability--121fed59-ddce-4fd8-b0a7-0642338593d4.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| { | ||
| "type": "bundle", | ||
| "id": "bundle--7f7b1b90-964e-49c0-9da6-e3f1dc2cc29c", | ||
| "objects": [ | ||
| { | ||
| "type": "vulnerability", | ||
| "spec_version": "2.1", | ||
| "id": "vulnerability--121fed59-ddce-4fd8-b0a7-0642338593d4", | ||
| "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", | ||
| "created": "2024-11-06T00:20:26.850443Z", | ||
| "modified": "2024-11-06T00:20:26.850443Z", | ||
| "name": "CVE-2024-51514", | ||
| "description": "Vulnerability of pop-up windows belonging to no app in the VPN module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality.", | ||
| "external_references": [ | ||
| { | ||
| "source_name": "cve", | ||
| "external_id": "CVE-2024-51514" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.