From 20306698110679a88b952212bcaef3594b3b579e Mon Sep 17 00:00:00 2001 From: Kyle Sessions Date: Tue, 5 Nov 2024 18:02:13 +0000 Subject: [PATCH] advisories: backfill kernels BRSAs for 3.1.4 Signed-off-by: Kyle Sessions --- advisories/3.1.4/BRSA-0hz1ashhuthf.toml | 25 +++++++++++++++++++++++++ advisories/3.1.4/BRSA-a8saejq9c4ul.toml | 25 +++++++++++++++++++++++++ advisories/3.1.4/BRSA-jr1scivexljd.toml | 19 +++++++++++++++++++ advisories/3.1.4/BRSA-khvn4nh2ukbb.toml | 19 +++++++++++++++++++ advisories/3.1.4/BRSA-w7yqxdlauzyr.toml | 25 +++++++++++++++++++++++++ advisories/3.1.4/BRSA-yhcguys2vixo.toml | 25 +++++++++++++++++++++++++ 6 files changed, 138 insertions(+) create mode 100644 advisories/3.1.4/BRSA-0hz1ashhuthf.toml create mode 100644 advisories/3.1.4/BRSA-a8saejq9c4ul.toml create mode 100644 advisories/3.1.4/BRSA-jr1scivexljd.toml create mode 100644 advisories/3.1.4/BRSA-khvn4nh2ukbb.toml create mode 100644 advisories/3.1.4/BRSA-w7yqxdlauzyr.toml create mode 100644 advisories/3.1.4/BRSA-yhcguys2vixo.toml diff --git a/advisories/3.1.4/BRSA-0hz1ashhuthf.toml b/advisories/3.1.4/BRSA-0hz1ashhuthf.toml new file mode 100644 index 000000000..21ac59ecb --- /dev/null +++ b/advisories/3.1.4/BRSA-0hz1ashhuthf.toml @@ -0,0 +1,25 @@ +[advisory] +id = "BRSA-0hz1ashhuthf" +title = "kernel CVE-2024-46865" +cve = "CVE-2024-46865" +severity = "high" +description = "In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc" + +[[advisory.products]] +package-name = "kernel-5.10" +patched-version = "5.10.227" +patched-release = "0" +patched-epoch = "0" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["x86_64", "aarch64"] +version = "3.1.4" + diff --git a/advisories/3.1.4/BRSA-a8saejq9c4ul.toml b/advisories/3.1.4/BRSA-a8saejq9c4ul.toml new file mode 100644 index 000000000..ba3df456d --- /dev/null +++ b/advisories/3.1.4/BRSA-a8saejq9c4ul.toml @@ -0,0 +1,25 @@ +[advisory] +id = "BRSA-a8saejq9c4ul" +title = "kernel CVE-2024-46695" +cve = "CVE-2024-46695" +severity = "moderate" +description = "In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook" + +[[advisory.products]] +package-name = "kernel-5.10" +patched-version = "5.10.227" +patched-release = "0" +patched-epoch = "0" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["x86_64", "aarch64"] +version = "3.1.4" + diff --git a/advisories/3.1.4/BRSA-jr1scivexljd.toml b/advisories/3.1.4/BRSA-jr1scivexljd.toml new file mode 100644 index 000000000..259a1d82b --- /dev/null +++ b/advisories/3.1.4/BRSA-jr1scivexljd.toml @@ -0,0 +1,19 @@ +[advisory] +id = "BRSA-jr1scivexljd" +title = "kernel CVE-2024-46855" +cve = "CVE-2024-46855" +severity = "moderate" +description = "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: fix sk refcount leaks" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["x86_64", "aarch64"] +version = "3.1.4" + diff --git a/advisories/3.1.4/BRSA-khvn4nh2ukbb.toml b/advisories/3.1.4/BRSA-khvn4nh2ukbb.toml new file mode 100644 index 000000000..b47ac0ac9 --- /dev/null +++ b/advisories/3.1.4/BRSA-khvn4nh2ukbb.toml @@ -0,0 +1,19 @@ +[advisory] +id = "BRSA-khvn4nh2ukbb" +title = "kernel CVE-2024-38632" +cve = "CVE-2024-38632" +severity = "moderate" +description = "In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable()" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["aarch64", "x86_64"] +version = "3.1.4" + diff --git a/advisories/3.1.4/BRSA-w7yqxdlauzyr.toml b/advisories/3.1.4/BRSA-w7yqxdlauzyr.toml new file mode 100644 index 000000000..f3f236dc1 --- /dev/null +++ b/advisories/3.1.4/BRSA-w7yqxdlauzyr.toml @@ -0,0 +1,25 @@ +[advisory] +id = "BRSA-w7yqxdlauzyr" +title = "kernel CVE-2024-46858" +cve = "CVE-2024-46858" +severity = "high" +description = "In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync" + +[[advisory.products]] +package-name = "kernel-5.10" +patched-version = "5.10.227" +patched-release = "0" +patched-epoch = "0" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["x86_64", "aarch64"] +version = "3.1.4" + diff --git a/advisories/3.1.4/BRSA-yhcguys2vixo.toml b/advisories/3.1.4/BRSA-yhcguys2vixo.toml new file mode 100644 index 000000000..4c607a66d --- /dev/null +++ b/advisories/3.1.4/BRSA-yhcguys2vixo.toml @@ -0,0 +1,25 @@ +[advisory] +id = "BRSA-yhcguys2vixo" +title = "kernel CVE-2024-26921" +cve = "CVE-2024-26921" +severity = "moderate" +description = "In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use" + +[[advisory.products]] +package-name = "kernel-5.10" +patched-version = "5.10.227" +patched-release = "0" +patched-epoch = "0" + +[[advisory.products]] +package-name = "kernel-5.15" +patched-version = "5.15.168" +patched-release = "0" +patched-epoch = "0" + +[updateinfo] +author = "kssessio" +issue-date = 2024-11-01T22:39:19Z +arches = ["x86_64", "aarch64"] +version = "3.1.4" +