Skip to content

Commit

Permalink
generated content from 2024-08-22
Browse files Browse the repository at this point in the history
  • Loading branch information
@github-actions
github-actions[bot] committed Aug 22, 2024
1 parent 835c056 commit 51cba79
Show file tree
Hide file tree
Showing 163 changed files with 3,726 additions and 0 deletions.
162 changes: 162 additions & 0 deletions mapping.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247065,3 +247065,165 @@ vulnerability,CVE-2024-6800,vulnerability--63a9b7aa-5d6b-4bbc-873c-c34d2acb733c
vulnerability,CVE-2024-6337,vulnerability--966d13bb-25d8-4872-8966-2e2f434615a5
vulnerability,CVE-2024-35540,vulnerability--f4f5c988-fe41-4729-9bdd-a65d5e8bb14f
vulnerability,CVE-2024-35214,vulnerability--84de9917-ac87-4176-99d0-131f7f892629
vulnerability,CVE-2022-48880,vulnerability--01542348-65dc-4f92-a8b5-715f5ee589ed
vulnerability,CVE-2022-48872,vulnerability--02a6b6e1-8cda-4ca9-96d9-00c02354c520
vulnerability,CVE-2022-48867,vulnerability--d89eca83-1ad4-4926-af93-d8c5a0b3178d
vulnerability,CVE-2022-48874,vulnerability--6b55c081-d18f-4bf0-9d91-17e270bfbf79
vulnerability,CVE-2022-48877,vulnerability--ba483b54-9327-4885-8965-e8f6d26ebada
vulnerability,CVE-2022-48873,vulnerability--b396ffba-5752-4cc0-83c1-0432350a9a18
vulnerability,CVE-2022-48884,vulnerability--0f720007-2583-4964-bff4-f4a24d00d07c
vulnerability,CVE-2022-48875,vulnerability--e955271c-00aa-4870-a7bc-26d3971bb8f7
vulnerability,CVE-2022-48878,vulnerability--01667210-6b5c-43ee-aa75-2636b2bbfb12
vulnerability,CVE-2022-48868,vulnerability--5521fe30-4bed-493f-99fe-a38da8f35119
vulnerability,CVE-2022-48869,vulnerability--49e50737-b876-4f22-afcd-a4604782140e
vulnerability,CVE-2022-48879,vulnerability--8195fbd9-cfcd-4518-b86e-2213dedf5567
vulnerability,CVE-2022-48881,vulnerability--012fead3-b0fe-4eda-a304-8e6bf8d8bacb
vulnerability,CVE-2022-48870,vulnerability--832130a5-760d-49f8-97c6-09d1671cc56d
vulnerability,CVE-2022-48883,vulnerability--dfe44b48-a280-4532-a50f-95861260b181
vulnerability,CVE-2022-48882,vulnerability--9e5edc45-0233-4685-b612-31c49d2a9ca8
vulnerability,CVE-2022-48871,vulnerability--821f2165-6251-4566-91c6-39558e19a984
vulnerability,CVE-2022-48876,vulnerability--add28160-4645-4cf5-81b8-417ae5fe7807
vulnerability,CVE-2022-48885,vulnerability--eab0b2c0-e0b2-4295-868a-3ba909d4ff85
vulnerability,CVE-2022-26328,vulnerability--9914c9c2-698e-43eb-8459-ed08c330cd51
vulnerability,CVE-2022-26327,vulnerability--f70c8a4b-ca42-49a7-b15c-ec1cac31c625
vulnerability,CVE-2020-11847,vulnerability--ca198aa7-6c2f-425b-9df5-0d773e46b809
vulnerability,CVE-2020-11850,vulnerability--680fcf3e-769e-4a90-ae79-115f0af97802
vulnerability,CVE-2020-11846,vulnerability--964b1b75-c7e0-4e6d-9696-0e09ba0d4392
vulnerability,CVE-2024-41674,vulnerability--5d30c340-19c3-4da2-af7c-90835f889e56
vulnerability,CVE-2024-41937,vulnerability--08e4713a-60a5-48cf-8342-fa1e351c1523
vulnerability,CVE-2024-41572,vulnerability--9f2d0c6e-7e12-4065-a905-3bc79545bafc
vulnerability,CVE-2024-41675,vulnerability--ec46072c-eb8e-4758-82ae-ce202af68aca
vulnerability,CVE-2024-40453,vulnerability--90de7d8d-9983-486f-9d26-d90e28a66b21
vulnerability,CVE-2024-42782,vulnerability--e48cdfaa-a58f-450d-94d1-5bca07fbbac0
vulnerability,CVE-2024-42939,vulnerability--c897a99c-5356-49fa-b884-efed867b3644
vulnerability,CVE-2024-42783,vulnerability--20114bfc-a2a5-4e5a-8865-4abaa1cb783d
vulnerability,CVE-2024-42780,vulnerability--58174ed1-f9b0-4305-9aeb-88cd113a8735
vulnerability,CVE-2024-42550,vulnerability--6d91e300-23b2-42d5-8510-d77ae7013714
vulnerability,CVE-2024-42784,vulnerability--fcec04b1-5286-462a-8873-e2090010a85c
vulnerability,CVE-2024-42781,vulnerability--5bd925eb-da8b-4d79-8006-a38f4573a551
vulnerability,CVE-2024-42779,vulnerability--395f05c1-f742-4baf-913b-9b688ded0296
vulnerability,CVE-2024-42786,vulnerability--3ae5ddbd-4fc2-4443-ab02-80dc4ee3643b
vulnerability,CVE-2024-42785,vulnerability--b90bfe7b-55ec-4a60-ad7a-bc57399443d1
vulnerability,CVE-2024-42777,vulnerability--b936386f-0fd9-44ca-b27f-a59b7233bc08
vulnerability,CVE-2024-42778,vulnerability--c5f1c390-2836-4980-badd-ed1ed2f775cb
vulnerability,CVE-2024-38305,vulnerability--3ff9ed36-704f-4350-997b-60983741b251
vulnerability,CVE-2024-33656,vulnerability--4b689657-e0fd-4b6f-8849-206e5ef689a3
vulnerability,CVE-2024-33657,vulnerability--fd4d870b-fa14-4722-8601-b9ffa5c7a8c2
vulnerability,CVE-2024-28987,vulnerability--e2011cf2-6a71-4665-af7a-caae843248fd
vulnerability,CVE-2024-28000,vulnerability--7eab1813-5c10-47d5-8a30-924a44456922
vulnerability,CVE-2024-7980,vulnerability--4a221a53-f75e-415e-821c-274204c364fb
vulnerability,CVE-2024-7448,vulnerability--da0239e0-c382-4f5d-93d1-a089729fd38e
vulnerability,CVE-2024-7967,vulnerability--32f98996-5d8d-437b-859f-9ef3f0a7a265
vulnerability,CVE-2024-7090,vulnerability--4dea071c-9082-4c6c-b36f-a1a6ba2ec80b
vulnerability,CVE-2024-7724,vulnerability--22ea6c46-4c31-4aaa-904f-b09953aef333
vulnerability,CVE-2024-7885,vulnerability--070118d3-c230-431f-bd62-611675fbbf9e
vulnerability,CVE-2024-7600,vulnerability--d99afffd-0274-4812-8d62-cdfbb047ccff
vulnerability,CVE-2024-7601,vulnerability--db778ee7-84a1-4f2f-a989-0a5ee2dc1b95
vulnerability,CVE-2024-7979,vulnerability--27b08b9d-583e-4e02-b258-4155359eda49
vulnerability,CVE-2024-7975,vulnerability--bcc830d8-ed3c-4000-acd9-c308b6d1cb2f
vulnerability,CVE-2024-7604,vulnerability--af9b4412-1d31-4746-8d25-e8fd9f0683da
vulnerability,CVE-2024-7854,vulnerability--aef46275-fe78-40d7-a76d-4d1ddc9aca6b
vulnerability,CVE-2024-7030,vulnerability--ad4432e0-c6ea-4862-8826-b049d43fa03b
vulnerability,CVE-2024-7603,vulnerability--896864bd-dc3e-4034-b353-d3a713378e6a
vulnerability,CVE-2024-7964,vulnerability--a8938ec6-df50-4d06-92f6-05900869f83d
vulnerability,CVE-2024-7977,vulnerability--0052bd39-d8a7-4741-a3a9-65ed7b0321d5
vulnerability,CVE-2024-7969,vulnerability--c3f000fe-b0ca-4012-b8cc-c608e131f319
vulnerability,CVE-2024-7973,vulnerability--4eda936a-9e86-4d97-8128-35752a3c468a
vulnerability,CVE-2024-7390,vulnerability--bd88b499-18c7-4465-8c4c-94cf196cb6f8
vulnerability,CVE-2024-7647,vulnerability--a68cfa6d-acaf-40f6-a23e-80e1b9bd92de
vulnerability,CVE-2024-7976,vulnerability--5d0d217b-1da9-4e5a-ba4e-0a951fad2680
vulnerability,CVE-2024-7032,vulnerability--3d62c87b-21bd-4779-9792-1e8446669783
vulnerability,CVE-2024-7978,vulnerability--2ea12775-2566-489b-a22f-e4ab9a4fd99b
vulnerability,CVE-2024-7134,vulnerability--989e57bf-1af5-4e38-a4f6-95fb0f1d9a3d
vulnerability,CVE-2024-7725,vulnerability--f6cbac38-9f76-4d1d-abec-ca79241e46a0
vulnerability,CVE-2024-7968,vulnerability--6a351ee7-443b-4217-af70-d3ac1f0589ca
vulnerability,CVE-2024-7971,vulnerability--6fe68d6b-3db5-4087-9a17-567a90d4c4f3
vulnerability,CVE-2024-7723,vulnerability--8470d267-410c-472a-8bc1-2d33f3fdd0dd
vulnerability,CVE-2024-7998,vulnerability--85618269-2750-4f0c-bebc-20f1401d7529
vulnerability,CVE-2024-7981,vulnerability--9b958137-bd69-4a65-ad43-8baa3f2a0203
vulnerability,CVE-2024-7965,vulnerability--9d337fc0-8e63-4f0d-b461-8a8c73e71ffe
vulnerability,CVE-2024-7974,vulnerability--1bd16af5-3c24-4e90-88cc-16e88c838ae7
vulnerability,CVE-2024-7722,vulnerability--5d5861bf-020c-4271-8012-c40a3da6293d
vulnerability,CVE-2024-7972,vulnerability--f7b8d25c-66a2-4f21-bfc2-8320585249d2
vulnerability,CVE-2024-7651,vulnerability--6719ed73-8d3f-4437-87ac-233cc57f199a
vulnerability,CVE-2024-7602,vulnerability--cb82c7c5-a230-478d-9709-fd87b5304f91
vulnerability,CVE-2024-7629,vulnerability--be321c21-1dc3-4092-a69b-039fb8d750b2
vulnerability,CVE-2024-7013,vulnerability--345e0472-e5b1-4755-80a5-9c0bb119b2af
vulnerability,CVE-2024-7795,vulnerability--695a7ca9-15eb-4f1d-a9c8-30858aaaa583
vulnerability,CVE-2024-7966,vulnerability--065cd0ad-ff5d-4fe8-8047-83c60d303737
vulnerability,CVE-2024-39344,vulnerability--d624ecd4-57df-4dfc-b173-8a1df27bb1f5
vulnerability,CVE-2024-20466,vulnerability--79e2111c-ac36-4a64-8735-03659f5c5734
vulnerability,CVE-2024-20486,vulnerability--045702df-3d14-4677-82e9-c950cc2d93e6
vulnerability,CVE-2024-20488,vulnerability--9e14385a-a44b-432d-940a-a1da396d5ede
vulnerability,CVE-2024-20375,vulnerability--40183da1-2b90-44db-b1df-0e9e577b7d52
vulnerability,CVE-2024-20417,vulnerability--e6801d6e-4731-4453-a70d-1a65655510c0
vulnerability,CVE-2024-43872,vulnerability--64de3480-23e1-4c9c-ac33-6f3dd4f3ed7c
vulnerability,CVE-2024-43878,vulnerability--710bdaef-c0ea-45b0-81ce-fc5139a3fbc9
vulnerability,CVE-2024-43879,vulnerability--0ad1d648-cff5-4269-988f-95bfb6619bb7
vulnerability,CVE-2024-43410,vulnerability--03e018fa-0743-4ee3-95f8-9e440611127d
vulnerability,CVE-2024-43411,vulnerability--f606a4d0-a7fa-427a-81b1-a45ea1e8a018
vulnerability,CVE-2024-43880,vulnerability--9acb48dd-c6b4-47e0-b3ce-f4b11bf6c055
vulnerability,CVE-2024-43877,vulnerability--2d68539e-41e4-4df6-a5df-4f2da0f4e7de
vulnerability,CVE-2024-43882,vulnerability--57d95d32-c652-4660-acd6-c02a2dbcedf9
vulnerability,CVE-2024-43371,vulnerability--38c363f6-6bcc-482b-8639-e313963f9151
vulnerability,CVE-2024-43871,vulnerability--3b245abc-c8a4-44a9-9101-091f41ce4366
vulnerability,CVE-2024-43876,vulnerability--d6f063d1-5481-4c0e-951d-396c6c032871
vulnerability,CVE-2024-43869,vulnerability--c8bb8832-0f66-45cc-845f-6474938123e2
vulnerability,CVE-2024-43870,vulnerability--e487a274-4353-44c9-95f3-f7fd4aaef12f
vulnerability,CVE-2024-43881,vulnerability--9c83a34b-b385-4de2-9601-8118f7f741e3
vulnerability,CVE-2024-43873,vulnerability--6b4fd347-ccac-4833-9c9c-c9691082a480
vulnerability,CVE-2024-43407,vulnerability--743f2018-b17d-4f04-8d80-c70d0d742d78
vulnerability,CVE-2024-43027,vulnerability--440b63fe-dcb1-4840-af9c-a3f0af5135b9
vulnerability,CVE-2024-43874,vulnerability--31281aca-4ef2-4269-8144-e4575443674f
vulnerability,CVE-2024-43875,vulnerability--e65f9909-5eb2-4f17-a41b-c40b0914d72f
vulnerability,CVE-2024-43022,vulnerability--f0f1b348-9bcb-4337-96bd-c2ceea20ab06
vulnerability,CVE-2024-5762,vulnerability--b398398a-942d-4ca7-8c24-f907270324ce
vulnerability,CVE-2024-5930,vulnerability--387cd38a-078c-48d8-b443-3dd2b630cbe7
vulnerability,CVE-2024-5929,vulnerability--5432d40c-7377-4eb8-a92d-94bb2bdec41a
vulnerability,CVE-2024-5723,vulnerability--d41010e5-6d7c-468d-8960-0235319f2d9a
vulnerability,CVE-2024-5725,vulnerability--169e5844-4a65-4843-8d16-ce8322d8b38d
vulnerability,CVE-2024-5880,vulnerability--6f2bf920-5389-48aa-9a7f-5d80b22e3fa2
vulnerability,CVE-2024-5928,vulnerability--f154b968-0874-4b45-8114-7d04c43f8632
vulnerability,CVE-2024-5335,vulnerability--5da70743-bc4f-4b8a-b358-a0cb05bd33e4
vulnerability,CVE-2024-21690,vulnerability--074b74b9-bd7e-4ed8-a5ce-6caa5b66f136
vulnerability,CVE-2024-37008,vulnerability--5267c4d5-36d7-4f16-b74e-0b73824b418f
vulnerability,CVE-2024-8034,vulnerability--f607625b-d490-4b9e-89d9-fe88f1fb3199
vulnerability,CVE-2024-8033,vulnerability--a5f4b7b7-87d5-48b2-aeb9-a3f08af32b40
vulnerability,CVE-2024-8007,vulnerability--14e97c7f-2f74-4008-b171-d18673556c29
vulnerability,CVE-2024-8035,vulnerability--7b21f9f5-82b1-44f0-8db0-556f24af96d0
vulnerability,CVE-2024-6339,vulnerability--32e7ec52-6aac-428c-b76b-0a6b36092773
vulnerability,CVE-2024-6568,vulnerability--1f8b278f-a151-4ba7-887b-d41b1be47247
vulnerability,CVE-2024-6814,vulnerability--17e62792-6f81-4f69-a511-2e186fc6fe3d
vulnerability,CVE-2024-6811,vulnerability--6e944515-d361-4643-981a-e5e62c01068b
vulnerability,CVE-2024-6508,vulnerability--86dbc803-7c95-4932-8b21-6f852946a48c
vulnerability,CVE-2024-6883,vulnerability--582aa970-590c-411f-8ada-4582a5259636
vulnerability,CVE-2024-6813,vulnerability--a01982e2-6413-4db7-bd83-98a876f4538e
vulnerability,CVE-2024-6767,vulnerability--0e0f91a0-f7d1-43f7-a9d7-e3386378d18a
vulnerability,CVE-2024-6812,vulnerability--79685090-4612-4f68-b827-05a51b52f206
vulnerability,CVE-2024-6386,vulnerability--3f1a4ff2-cd0c-4e13-a2ec-893e820e9f74
vulnerability,CVE-2024-6141,vulnerability--7bc94e70-1924-400e-9149-f69e0ebd3740
vulnerability,CVE-2023-29929,vulnerability--6c7e0571-2add-4396-9287-283e3055c86c
vulnerability,CVE-2023-52900,vulnerability--46cb0a89-104a-4f4a-9633-2e302cd43a01
vulnerability,CVE-2023-52903,vulnerability--785acff9-7186-49ea-ba37-56471b7091b1
vulnerability,CVE-2023-52905,vulnerability--248c0ff0-f9dd-4129-bd9a-de91c46e8575
vulnerability,CVE-2023-52908,vulnerability--ae488561-b80c-453a-ae36-fdb823b65268
vulnerability,CVE-2023-52912,vulnerability--964a276f-ab34-4362-b6b4-ee4899e1317e
vulnerability,CVE-2023-52911,vulnerability--d2c3dcb8-c53a-4f8f-97e6-ad0f05d0aa67
vulnerability,CVE-2023-52899,vulnerability--4531e58c-5834-4676-b2b7-0b81c7b4aa37
vulnerability,CVE-2023-52914,vulnerability--767b94a0-6038-4ab8-929e-fe095f5d42b8
vulnerability,CVE-2023-52898,vulnerability--678a393b-dfd0-4939-a4ab-9e00c2c93a3d
vulnerability,CVE-2023-52906,vulnerability--7052a979-dd90-4b9a-b013-c9efe544bf9d
vulnerability,CVE-2023-52896,vulnerability--930ea3dd-5ebb-4575-9f0d-d8d376ef36fa
vulnerability,CVE-2023-52910,vulnerability--5bc25266-34f0-4296-8a5a-87920ea14b9b
vulnerability,CVE-2023-52902,vulnerability--33c8a848-f422-49f6-b4b6-0256f64ec023
vulnerability,CVE-2023-52893,vulnerability--e18aaa2c-204c-461f-86e4-ed1bdcbbcd1d
vulnerability,CVE-2023-52897,vulnerability--942b5342-15bd-4eb6-9563-476ee1e16fb7
vulnerability,CVE-2023-52901,vulnerability--d4a3453c-ea2a-4207-b9d7-a9af27f61265
vulnerability,CVE-2023-52904,vulnerability--a78142e8-9ce6-4552-9c80-015ac3a8bbd4
vulnerability,CVE-2023-52907,vulnerability--302553ed-d6d1-4632-8929-3f7ba5d2a921
vulnerability,CVE-2023-52895,vulnerability--44dde42b-7db1-45f2-a1da-a31f6f135b10
vulnerability,CVE-2023-52909,vulnerability--89aa1775-83f7-4fc5-82c5-ebead7f64427
vulnerability,CVE-2023-52913,vulnerability--89741f0d-d7ab-45a3-ba03-722f137a638c
vulnerability,CVE-2023-52894,vulnerability--41720441-19b9-44d2-ad52-c2f0cf81ec5b
vulnerability,CVE-2023-22576,vulnerability--271303b0-0890-48e2-b12f-45295d638f92
vulnerability,CVE-2023-49198,vulnerability--7d4a68a2-fcbf-4511-a2ff-a1f72a271c43
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--0052bd39-d8a7-4741-a3a9-65ed7b0321d5.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--bbbc88d9-24c5-4c4b-a7bf-6060cc2e108e",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--0052bd39-d8a7-4741-a3a9-65ed7b0321d5",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-08-22T00:18:37.362843Z",
"modified": "2024-08-22T00:18:37.362843Z",
"name": "CVE-2024-7977",
"description": "Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-7977"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--012fead3-b0fe-4eda-a304-8e6bf8d8bacb.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--ac0a8960-4d49-4ede-bc67-a9655e8dda4e",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--012fead3-b0fe-4eda-a304-8e6bf8d8bacb",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-08-22T00:18:24.427467Z",
"modified": "2024-08-22T00:18:24.427467Z",
"name": "CVE-2022-48881",
"description": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd: Fix refcount leak in amd_pmc_probe\n\npci_get_domain_bus_and_slot() takes reference, the caller should release\nthe reference by calling pci_dev_put() after use. Call pci_dev_put() in\nthe error path to fix this.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2022-48881"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--01542348-65dc-4f92-a8b5-715f5ee589ed.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--d40c2ce1-48a3-4e59-9fdc-0823f86ba5d6",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--01542348-65dc-4f92-a8b5-715f5ee589ed",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-08-22T00:18:24.374519Z",
"modified": "2024-08-22T00:18:24.374519Z",
"name": "CVE-2022-48880",
"description": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/surface: aggregator: Add missing call to ssam_request_sync_free()\n\nAlthough rare, ssam_request_sync_init() can fail. In that case, the\nrequest should be freed via ssam_request_sync_free(). Currently it is\nleaked instead. Fix this.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2022-48880"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--01667210-6b5c-43ee-aa75-2636b2bbfb12.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--3553c735-1f89-47f3-89ad-4d6710404c1a",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--01667210-6b5c-43ee-aa75-2636b2bbfb12",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-08-22T00:18:24.412333Z",
"modified": "2024-08-22T00:18:24.412333Z",
"name": "CVE-2022-48878",
"description": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_qca: Fix driver shutdown on closed serdev\n\nThe driver shutdown callback (which sends EDL_SOC_RESET to the device\nover serdev) should not be invoked when HCI device is not open (e.g. if\nhci_dev_open_sync() failed), because the serdev and its TTY are not open\neither. Also skip this step if device is powered off\n(qca_power_shutdown()).\n\nThe shutdown callback causes use-after-free during system reboot with\nQualcomm Atheros Bluetooth:\n\n Unable to handle kernel paging request at virtual address\n 0072662f67726fd7\n ...\n CPU: 6 PID: 1 Comm: systemd-shutdow Tainted: G W\n 6.1.0-rt5-00325-g8a5f56bcfcca #8\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n Call trace:\n tty_driver_flush_buffer+0x4/0x30\n serdev_device_write_flush+0x24/0x34\n qca_serdev_shutdown+0x80/0x130 [hci_uart]\n device_shutdown+0x15c/0x260\n kernel_restart+0x48/0xac\n\nKASAN report:\n\n BUG: KASAN: use-after-free in tty_driver_flush_buffer+0x1c/0x50\n Read of size 8 at addr ffff16270c2e0018 by task systemd-shutdow/1\n\n CPU: 7 PID: 1 Comm: systemd-shutdow Not tainted\n 6.1.0-next-20221220-00014-gb85aaf97fb01-dirty #28\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n Call trace:\n dump_backtrace.part.0+0xdc/0xf0\n show_stack+0x18/0x30\n dump_stack_lvl+0x68/0x84\n print_report+0x188/0x488\n kasan_report+0xa4/0xf0\n __asan_load8+0x80/0xac\n tty_driver_flush_buffer+0x1c/0x50\n ttyport_write_flush+0x34/0x44\n serdev_device_write_flush+0x48/0x60\n qca_serdev_shutdown+0x124/0x274\n device_shutdown+0x1e8/0x350\n kernel_restart+0x48/0xb0\n __do_sys_reboot+0x244/0x2d0\n __arm64_sys_reboot+0x54/0x70\n invoke_syscall+0x60/0x190\n el0_svc_common.constprop.0+0x7c/0x160\n do_el0_svc+0x44/0xf0\n el0_svc+0x2c/0x6c\n el0t_64_sync_handler+0xbc/0x140\n el0t_64_sync+0x190/0x194",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2022-48878"
}
]
}
]
}
Loading

0 comments on commit 51cba79

Please sign in to comment.