Vulnerability-Lookup

CVE-2021-47297 (GCVE-0-2021-47297)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2025-05-04 07:08

Title

net: fix uninit-value in caif_seqpkt_sendmsg

Summary

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caif_seqpkt_sendmsg When nr_segs equal to zero in iovec_from_user, the object msg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg which is defined in ___sys_sendmsg. So we cann't just judge msg->msg_iter.iov->base directlly. We can use nr_segs to judge msg in caif_seqpkt_sendmsg whether has data buffers. ===================================================== BUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg net/socket.c:672 [inline] ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343 ___sys_sendmsg net/socket.c:2397 [inline] __sys_sendmmsg+0x808/0xc90 net/socket.c:2480 __compat_sys_sendmmsg net/compat.c:656 [inline]

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-noinfo Not enough information

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/d9d646acad2c3590e…
	https://git.kernel.org/stable/c/5c6d8e2f7187b8e45…
	https://git.kernel.org/stable/c/ffe31dd70b70a40cd…
	https://git.kernel.org/stable/c/452c3ed7bf63721b0…
	https://git.kernel.org/stable/c/9413c0abb57f70a95…
	https://git.kernel.org/stable/c/1582a02fecffcee30…
	https://git.kernel.org/stable/c/d4c7797ab1517515f…
	https://git.kernel.org/stable/c/991e634360f2622a6…

Impacted products

Vendor

Product

Version

Linux

Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3 (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < 5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < ffe31dd70b70a40cd6b21b78c1713a23e021843a (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < 452c3ed7bf63721b07bc2238ed1261bb26027e85 (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < 9413c0abb57f70a953b1116318d6aa478013c35d (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < 1582a02fecffcee306663035a295e28e1c4aaaff (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < d4c7797ab1517515f0d08b3bc1c6b48883889c54 (git)
Affected: bece7b2398d073d11b2e352405a3ecd3a1e39c60 , < 991e634360f2622a683b48dfe44fe6d9cb765a09 (git)

Linux

Affected: 2.6.35
Unaffected: 0 , < 2.6.35 (semver)
Unaffected: 4.4.277 , ≤ 4.4.* (semver)
Unaffected: 4.9.277 , ≤ 4.9.* (semver)
Unaffected: 4.14.241 , ≤ 4.14.* (semver)
Unaffected: 4.19.199 , ≤ 4.19.* (semver)
Unaffected: 5.4.136 , ≤ 5.4.* (semver)
Unaffected: 5.10.54 , ≤ 5.10.* (semver)
Unaffected: 5.13.6 , ≤ 5.13.* (semver)
Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47297",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:54:57.355756Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T19:35:49.436Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.483Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "ffe31dd70b70a40cd6b21b78c1713a23e021843a",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "452c3ed7bf63721b07bc2238ed1261bb26027e85",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "9413c0abb57f70a953b1116318d6aa478013c35d",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "1582a02fecffcee306663035a295e28e1c4aaaff",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "d4c7797ab1517515f0d08b3bc1c6b48883889c54",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            },
            {
              "lessThan": "991e634360f2622a683b48dfe44fe6d9cb765a09",
              "status": "affected",
              "version": "bece7b2398d073d11b2e352405a3ecd3a1e39c60",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_socket.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.277",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.277",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.199",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.136",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.54",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.277",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.277",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.241",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.199",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.136",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.54",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.6",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix uninit-value in caif_seqpkt_sendmsg\n\nWhen nr_segs equal to zero in iovec_from_user, the object\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\nmsg in caif_seqpkt_sendmsg whether has data buffers.\n\n=====================================================\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\n sock_sendmsg_nosec net/socket.c:652 [inline]\n sock_sendmsg net/socket.c:672 [inline]\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\n ___sys_sendmsg net/socket.c:2397 [inline]\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\n __compat_sys_sendmmsg net/compat.c:656 [inline]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:08:12.115Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db"
        },
        {
          "url": "https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a"
        },
        {
          "url": "https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85"
        },
        {
          "url": "https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d"
        },
        {
          "url": "https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff"
        },
        {
          "url": "https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54"
        },
        {
          "url": "https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09"
        }
      ],
      "title": "net: fix uninit-value in caif_seqpkt_sendmsg",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47297",
    "datePublished": "2024-05-21T14:35:19.982Z",
    "dateReserved": "2024-05-21T13:27:52.132Z",
    "dateUpdated": "2025-05-04T07:08:12.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:32:08.483Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47297\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-29T18:54:57.355756Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-29T18:56:30.826Z\"}}], \"cna\": {\"title\": \"net: fix uninit-value in caif_seqpkt_sendmsg\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"d9d646acad2c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"5c6d8e2f7187\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"ffe31dd70b70\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"452c3ed7bf63\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"9413c0abb57f\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"1582a02fecff\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"d4c7797ab151\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bece7b2398d0\", \"lessThan\": \"991e634360f2\", \"versionType\": \"git\"}], \"programFiles\": [\"net/caif/caif_socket.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.35\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"2.6.35\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.4.277\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.4.*\"}, {\"status\": \"unaffected\", \"version\": \"4.9.277\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.9.*\"}, {\"status\": \"unaffected\", \"version\": \"4.14.241\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.199\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.136\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.54\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.13.*\"}, {\"status\": \"unaffected\", \"version\": \"5.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/caif/caif_socket.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3\"}, {\"url\": \"https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db\"}, {\"url\": \"https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a\"}, {\"url\": \"https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85\"}, {\"url\": \"https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d\"}, {\"url\": \"https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff\"}, {\"url\": \"https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54\"}, {\"url\": \"https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09\"}], \"x_generator\": {\"engine\": \"bippy-9e1c9544281a\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: fix uninit-value in caif_seqpkt_sendmsg\\n\\nWhen nr_segs equal to zero in iovec_from_user, the object\\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\\nmsg in caif_seqpkt_sendmsg whether has data buffers.\\n\\n=====================================================\\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\\nCall Trace:\\n __dump_stack lib/dump_stack.c:77 [inline]\\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\\n sock_sendmsg_nosec net/socket.c:652 [inline]\\n sock_sendmsg net/socket.c:672 [inline]\\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\\n ___sys_sendmsg net/socket.c:2397 [inline]\\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\\n __compat_sys_sendmmsg net/compat.c:656 [inline]\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-11-04T12:03:12.512Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-47297\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-06T19:35:49.436Z\", \"dateReserved\": \"2024-05-21T13:27:52.132Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-21T14:35:19.982Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-62X6-4GMP-FG78

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-11-06 21:30

Details

In the Linux kernel, the following vulnerability has been resolved:

net: fix uninit-value in caif_seqpkt_sendmsg

When nr_segs equal to zero in iovec_from_user, the object msg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg which is defined in ___sys_sendmsg. So we cann't just judge msg->msg_iter.iov->base directlly. We can use nr_segs to judge msg in caif_seqpkt_sendmsg whether has data buffers.

===================================================== BUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg net/socket.c:672 [inline] _syssendmsg+0x12b6/0x1350 net/socket.c:2343 _sys_sendmsg net/socket.c:2397 [inline] __sys_sendmmsg+0x808/0xc90 net/socket.c:2480 __compat_sys_sendmmsg net/compat.c:656 [inline]

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-47297"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:17Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix uninit-value in caif_seqpkt_sendmsg\n\nWhen nr_segs equal to zero in iovec_from_user, the object\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\nmsg in caif_seqpkt_sendmsg whether has data buffers.\n\n=====================================================\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\n sock_sendmsg_nosec net/socket.c:652 [inline]\n sock_sendmsg net/socket.c:672 [inline]\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\n ___sys_sendmsg net/socket.c:2397 [inline]\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\n __compat_sys_sendmmsg net/compat.c:656 [inline]",
  "id": "GHSA-62x6-4gmp-fg78",
  "modified": "2024-11-06T21:30:54Z",
  "published": "2024-05-21T15:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47297"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2021-47297

Vulnerability from fstec - Published: 15.07.2021

Title

Уязвимость функции caif_seqpkt_sendmsg() модуля net/caif/caif_socket.c реализации сетевых функций ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции caif_seqpkt_sendmsg() модуля net/caif/caif_socket.c реализации сетевых функций ядра операционной системы Linux связана с неправильным контролем идентификаторов ресурсов («внедрение ресурсов»). Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 5.11 до 5.13.5 включительно (Linux), от 5.5 до 5.10.53 включительно (Linux), от 4.5 до 4.9.276 включительно (Linux), от 4.10 до 4.14.240 включительно (Linux), от 4.15 до 4.19.198 включительно (Linux), от 4.20 до 5.4.135 включительно (Linux), от 2.6.35 до 4.4.276 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3 https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85 https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54 https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09 https://lore.kernel.org/linux-cve-announce/2024052124-CVE-2021-47297-55b5@gregkh/ https://git.kernel.org/linus/991e634360f2622a683b48dfe44fe6d9cb765a09 https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=1582a02fecffcee306663035a295e28e1c4aaaff https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.277 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.277 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.241 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.136 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6

Reference

https://www.cve.org/CVERecord?id=CVE-2021-47297 https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3 https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85 https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54 https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09 https://lore.kernel.org/linux-cve-announce/2024052124-CVE-2021-47297-55b5@gregkh/ https://git.kernel.org/linus/991e634360f2622a683b48dfe44fe6d9cb765a09 https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=1582a02fecffcee306663035a295e28e1c4aaaff https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.277 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.277 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.241 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.136 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6

CWE

CWE-99

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.11 \u0434\u043e 5.13.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.53 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.5 \u0434\u043e 4.9.276 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.240 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.198 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.135 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.35 \u0434\u043e 4.4.276 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3\nhttps://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db\nhttps://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a\nhttps://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85\nhttps://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d\nhttps://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff\nhttps://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54\nhttps://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09\nhttps://lore.kernel.org/linux-cve-announce/2024052124-CVE-2021-47297-55b5@gregkh/\nhttps://git.kernel.org/linus/991e634360f2622a683b48dfe44fe6d9cb765a09\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=1582a02fecffcee306663035a295e28e1c4aaaff\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.277\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.277\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.241\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.136\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.07.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.06.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-07387",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47297",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.13.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.53 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.5 \u0434\u043e 4.9.276 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.10 \u0434\u043e 4.14.240 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.198 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.135 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.35 \u0434\u043e 4.4.276 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 caif_seqpkt_sendmsg() \u043c\u043e\u0434\u0443\u043b\u044f net/caif/caif_socket.c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430) (CWE-99)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 caif_seqpkt_sendmsg() \u043c\u043e\u0434\u0443\u043b\u044f net/caif/caif_socket.c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (\u00ab\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cve.org/CVERecord?id=CVE-2021-47297\nhttps://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3\nhttps://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db\nhttps://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a\nhttps://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85\nhttps://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d\nhttps://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff\nhttps://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54\nhttps://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09\nhttps://lore.kernel.org/linux-cve-announce/2024052124-CVE-2021-47297-55b5@gregkh/\nhttps://git.kernel.org/linus/991e634360f2622a683b48dfe44fe6d9cb765a09\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=1582a02fecffcee306663035a295e28e1c4aaaff\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.277\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.277\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.241\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.199\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.136\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-99",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

FKIE_CVE-2021-47297

Vulnerability from fkie_nvd - Published: 2024-05-21 15:15 - Updated: 2025-04-02 14:42

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	5.14
linux	linux_kernel	5.14

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB2F818-1B70-47BD-A7A3-CE857E7DD8B9",
              "versionEndExcluding": "4.4.277",
              "versionStartIncluding": "2.6.35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B543C082-5612-489A-A957-B7F2B8822025",
              "versionEndExcluding": "4.9.277",
              "versionStartIncluding": "4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A796929-CDBE-45AF-BD44-F357F64AFFCA",
              "versionEndExcluding": "4.14.241",
              "versionStartIncluding": "4.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C5B0E1-06E7-4615-AA17-02585202D86E",
              "versionEndExcluding": "4.19.199",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FCD98C-8886-4844-B7AF-C42731DF9465",
              "versionEndExcluding": "5.4.136",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD5A2EE-859F-40FC-BDAC-167AAE37C870",
              "versionEndExcluding": "5.10.54",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576",
              "versionEndExcluding": "5.13.6",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "23B9E5C6-FAB5-4A02-9E39-27C8787B0991",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix uninit-value in caif_seqpkt_sendmsg\n\nWhen nr_segs equal to zero in iovec_from_user, the object\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\nmsg in caif_seqpkt_sendmsg whether has data buffers.\n\n=====================================================\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\n sock_sendmsg_nosec net/socket.c:652 [inline]\n sock_sendmsg net/socket.c:672 [inline]\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\n ___sys_sendmsg net/socket.c:2397 [inline]\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\n __compat_sys_sendmmsg net/compat.c:656 [inline]"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: corrige el valor uninit en caif_seqpkt_sendmsg. Cuando nr_segs es igual a cero en iovec_from_user, el objeto msg-\u0026gt;msg_iter.iov es la memoria de pila uninit en caif_seqpkt_sendmsg que est\u00e1 definida en ___sys_sendmsg. Entonces no podemos simplemente juzgar msg-\u0026gt;msg_iter.iov-\u0026gt;base directamente. Podemos usar nr_segs para juzgar si msg en caif_seqpkt_sendmsg tiene buffers de datos. ==================================================== === BUG: KMSAN: valor uninit en caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:77 [en l\u00ednea] dump_stack+0x1c9/0x220 lib/dump_stack.c: 118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 sock_sendmsg_nosec net/so cket.c: 652 [en l\u00ednea] sock_sendmsg net/socket.c:672 [en l\u00ednea] ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343 ___sys_sendmsg net/socket.c:2397 [en l\u00ednea] __sys_sendmmsg+0x808/0xc90 80 __compat_sys_sendmmsg net/compat.c:656 [en l\u00ednea]"
    }
  ],
  "id": "CVE-2021-47297",
  "lastModified": "2025-04-02T14:42:58.820",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-21T15:15:17.553",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b48883889c54"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2024-AVI-0610

Vulnerability from certfr_avis - Published: 2024-07-19 - Updated: 2024-07-19

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
SUSE	N/A	SUSE Linux Enterprise Micro 5.3
SUSE	N/A	SUSE Manager Proxy 4.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP4
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP4
SUSE	N/A	SUSE Manager Retail Branch Server 4.3
SUSE	N/A	openSUSE Leap 15.4
SUSE	N/A	SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
SUSE	N/A	SUSE Linux Enterprise Real Time 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE	N/A	openSUSE Leap 15.5
SUSE	N/A	SUSE Manager Server 4.3
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 12 SP5
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12 12-SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP4
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro 5.4
SUSE	N/A	SUSE Linux Enterprise Micro 5.5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2024:2472-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2493-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2487-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2530-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2474-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2488-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2448-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2480-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2447-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2561-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2559-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2449-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2549-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2495-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2473-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2437-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2558-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2446-1	2024-07-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2021-47544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
    },
    {
      "name": "CVE-2023-52675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
    },
    {
      "name": "CVE-2023-52834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2022-48651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48651"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2022-48756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48756"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2021-47407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47407"
    },
    {
      "name": "CVE-2023-52762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762"
    },
    {
      "name": "CVE-2023-52846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2023-52818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2023-52808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52808"
    },
    {
      "name": "CVE-2024-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-35828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35828"
    },
    {
      "name": "CVE-2024-35805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35805"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2024-35886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35886"
    },
    {
      "name": "CVE-2022-48743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
    },
    {
      "name": "CVE-2024-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36479"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-35925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925"
    },
    {
      "name": "CVE-2021-47379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47379"
    },
    {
      "name": "CVE-2022-48771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48771"
    },
    {
      "name": "CVE-2022-48722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48722"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2021-47617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
    },
    {
      "name": "CVE-2022-48711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48711"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-35868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35868"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2023-52507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2023-52737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52737"
    },
    {
      "name": "CVE-2024-35962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35962"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2021-47297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47297"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-26880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26880"
    },
    {
      "name": "CVE-2024-36025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025"
    },
    {
      "name": "CVE-2022-48761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48761"
    },
    {
      "name": "CVE-2024-35956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35956"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2021-47270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47270"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2021-47498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47498"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2023-52855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52855"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2021-47603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47603"
    },
    {
      "name": "CVE-2021-47193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47193"
    },
    {
      "name": "CVE-2021-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4439"
    },
    {
      "name": "CVE-2022-48740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48740"
    },
    {
      "name": "CVE-2022-48758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48758"
    },
    {
      "name": "CVE-2021-47293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47293"
    },
    {
      "name": "CVE-2021-47602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47602"
    },
    {
      "name": "CVE-2024-35950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35950"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2023-52683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52683"
    },
    {
      "name": "CVE-2024-37354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37354"
    },
    {
      "name": "CVE-2024-26636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2021-47372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47372"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-35979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
    },
    {
      "name": "CVE-2023-52754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52754"
    },
    {
      "name": "CVE-2023-52809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809"
    },
    {
      "name": "CVE-2024-26635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
    },
    {
      "name": "CVE-2021-47589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47589"
    },
    {
      "name": "CVE-2021-46955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46955"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2021-47555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47555"
    },
    {
      "name": "CVE-2021-47103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47103"
    },
    {
      "name": "CVE-2021-47201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47201"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2021-47434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47434"
    },
    {
      "name": "CVE-2024-35896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2021-47445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47445"
    },
    {
      "name": "CVE-2023-52753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52753"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-35247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35247"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2022-48754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48754"
    },
    {
      "name": "CVE-2024-35869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35869"
    },
    {
      "name": "CVE-2023-52819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52819"
    },
    {
      "name": "CVE-2022-48759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48759"
    },
    {
      "name": "CVE-2024-35870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35870"
    },
    {
      "name": "CVE-2021-47328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47328"
    },
    {
      "name": "CVE-2021-47438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
    },
    {
      "name": "CVE-2021-47576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
    },
    {
      "name": "CVE-2021-47267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47267"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-35864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35864"
    },
    {
      "name": "CVE-2021-47383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47383"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2023-52670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52670"
    },
    {
      "name": "CVE-2023-52693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52693"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2021-47309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47309"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2021-47294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47294"
    },
    {
      "name": "CVE-2021-47587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47587"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2023-52837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
    },
    {
      "name": "CVE-2022-48760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2022-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
    },
    {
      "name": "CVE-2021-47547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47547"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2024-35862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35862"
    },
    {
      "name": "CVE-2022-48733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2021-47191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2024-26633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26633"
    },
    {
      "name": "CVE-2022-48715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48715"
    },
    {
      "name": "CVE-2022-48732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
    },
    {
      "name": "CVE-2023-24023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2021-47354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47354"
    },
    {
      "name": "CVE-2021-47566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47566"
    },
    {
      "name": "CVE-2024-26687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-35863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35863"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2021-47520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47520"
    },
    {
      "name": "CVE-2024-35930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2020-10135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10135"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2023-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
    },
    {
      "name": "CVE-2024-35960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2021-47418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47418"
    },
    {
      "name": "CVE-2024-26928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-35819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35819"
    },
    {
      "name": "CVE-2024-37021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37021"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-35861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35861"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2021-47145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47145"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2021-47518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47518"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-35958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
    },
    {
      "name": "CVE-2023-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5281"
    },
    {
      "name": "CVE-2021-47600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47600"
    },
    {
      "name": "CVE-2023-52843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52843"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2021-47609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-26745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
    },
    {
      "name": "CVE-2024-35865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35865"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2023-52817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    },
    {
      "name": "CVE-2021-47571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47571"
    },
    {
      "name": "CVE-2021-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
    },
    {
      "name": "CVE-2024-35922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35922"
    },
    {
      "name": "CVE-2021-47275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47275"
    }
  ],
  "initial_release_date": "2024-07-19T00:00:00",
  "last_revision_date": "2024-07-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0610",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2472-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242472-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2493-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242493-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2487-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242487-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2530-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242530-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2474-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242474-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2488-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242488-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2448-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242448-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2480-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242480-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2447-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242447-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2561-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242561-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2559-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242559-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2449-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242449-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2549-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242549-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2495-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242495-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2473-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242473-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2437-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242437-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2558-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242558-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2446-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242446-1"
    }
  ]
}

CERTFR-2024-AVI-0578

Vulnerability from certfr_avis - Published: 2024-07-12 - Updated: 2024-07-12

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	SUSE Manager Proxy 4.2
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE	N/A	SUSE Linux Enterprise Micro 5.3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	N/A	Public Cloud Module 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP3
SUSE	N/A	SUSE Linux Enterprise Real Time 12 SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
SUSE	N/A	openSUSE Leap 15.5
SUSE	N/A	SUSE Manager Retail Branch Server 4.1
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP5
SUSE	N/A	SUSE Manager Retail Branch Server 4.2
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3
SUSE	N/A	SUSE Manager Server 4.1
SUSE	N/A	SUSE Linux Enterprise Micro 5.2
SUSE	N/A	SUSE Enterprise Storage 7.1
SUSE	N/A	SUSE Real Time Module 15-SP5
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP2
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2
SUSE	N/A	SUSE Manager Proxy 4.1
SUSE	N/A	SUSE Manager Server 4.2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro 5.1
SUSE	N/A	SUSE Linux Enterprise Micro 5.4
SUSE	N/A	openSUSE Leap 15.3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2
SUSE	N/A	SUSE Linux Enterprise Micro 5.5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2024:2362-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2372-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2381-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2358-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2396-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2351-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2376-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2385-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2369-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2335-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2394-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2344-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2384-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2338-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2343-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2326-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2411-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2337-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2368-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2365-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2407-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2382-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2373-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2341-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2360-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2357-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2410-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2342-1	2024-07-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Public Cloud Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Real Time Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2020-10135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10135"
    },
    {
      "name": "CVE-2021-3896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3896"
    },
    {
      "name": "CVE-2021-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
    },
    {
      "name": "CVE-2022-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2938"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2022-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-24023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
    },
    {
      "name": "CVE-2023-20521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20521"
    },
    {
      "name": "CVE-2021-46774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46774"
    },
    {
      "name": "CVE-2021-46766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46766"
    },
    {
      "name": "CVE-2023-20526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20526"
    },
    {
      "name": "CVE-2023-20566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20566"
    },
    {
      "name": "CVE-2021-26345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26345"
    },
    {
      "name": "CVE-2023-20592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20592"
    },
    {
      "name": "CVE-2022-23830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23830"
    },
    {
      "name": "CVE-2023-20533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20533"
    },
    {
      "name": "CVE-2022-23820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23820"
    },
    {
      "name": "CVE-2023-20519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20519"
    },
    {
      "name": "CVE-2023-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
    },
    {
      "name": "CVE-2023-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6531"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2024-26633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26633"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2024-26687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2021-46955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46955"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-26644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26644"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2022-48651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48651"
    },
    {
      "name": "CVE-2021-47193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47193"
    },
    {
      "name": "CVE-2021-47191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2021-47267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47267"
    },
    {
      "name": "CVE-2021-47270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47270"
    },
    {
      "name": "CVE-2021-47311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47311"
    },
    {
      "name": "CVE-2021-47354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47354"
    },
    {
      "name": "CVE-2021-47368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47368"
    },
    {
      "name": "CVE-2021-47372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47372"
    },
    {
      "name": "CVE-2021-47379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47379"
    },
    {
      "name": "CVE-2021-47383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47383"
    },
    {
      "name": "CVE-2021-47407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47407"
    },
    {
      "name": "CVE-2021-47418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47418"
    },
    {
      "name": "CVE-2021-47434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47434"
    },
    {
      "name": "CVE-2021-47445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47445"
    },
    {
      "name": "CVE-2021-47518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47518"
    },
    {
      "name": "CVE-2021-47534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47534"
    },
    {
      "name": "CVE-2021-47538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
    },
    {
      "name": "CVE-2021-47544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
    },
    {
      "name": "CVE-2021-47555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47555"
    },
    {
      "name": "CVE-2023-52707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52707"
    },
    {
      "name": "CVE-2023-52754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52754"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2023-52766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52766"
    },
    {
      "name": "CVE-2023-52800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52800"
    },
    {
      "name": "CVE-2023-52808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52808"
    },
    {
      "name": "CVE-2023-52809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2023-52834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834"
    },
    {
      "name": "CVE-2023-52855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52855"
    },
    {
      "name": "CVE-2024-26822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
    },
    {
      "name": "CVE-2024-26921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26921"
    },
    {
      "name": "CVE-2024-26928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-35861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35861"
    },
    {
      "name": "CVE-2024-35862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35862"
    },
    {
      "name": "CVE-2024-35863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35863"
    },
    {
      "name": "CVE-2024-35864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35864"
    },
    {
      "name": "CVE-2024-35865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35865"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2024-35868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35868"
    },
    {
      "name": "CVE-2024-35869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35869"
    },
    {
      "name": "CVE-2024-35870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35870"
    },
    {
      "name": "CVE-2024-35878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35878"
    },
    {
      "name": "CVE-2024-35905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35905"
    },
    {
      "name": "CVE-2024-35922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35922"
    },
    {
      "name": "CVE-2024-35930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930"
    },
    {
      "name": "CVE-2024-35950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35950"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2023-52667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52667"
    },
    {
      "name": "CVE-2023-52658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
    },
    {
      "name": "CVE-2023-52670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52670"
    },
    {
      "name": "CVE-2023-52675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
    },
    {
      "name": "CVE-2024-27432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27432"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-35814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2024-35956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35956"
    },
    {
      "name": "CVE-2024-35958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
    },
    {
      "name": "CVE-2024-35960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-36020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
    },
    {
      "name": "CVE-2024-36021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
    },
    {
      "name": "CVE-2024-36025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2023-52672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52672"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2024-35884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35884"
    },
    {
      "name": "CVE-2024-35886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35886"
    },
    {
      "name": "CVE-2024-35896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896"
    },
    {
      "name": "CVE-2024-35898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
    },
    {
      "name": "CVE-2024-35900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35900"
    },
    {
      "name": "CVE-2024-35925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925"
    },
    {
      "name": "CVE-2024-35962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35962"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36008"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2021-47293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47293"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2021-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4439"
    },
    {
      "name": "CVE-2021-47089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47089"
    },
    {
      "name": "CVE-2021-47103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47103"
    },
    {
      "name": "CVE-2021-47247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47247"
    },
    {
      "name": "CVE-2021-47294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47294"
    },
    {
      "name": "CVE-2021-47297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47297"
    },
    {
      "name": "CVE-2021-47309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47309"
    },
    {
      "name": "CVE-2021-47328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47328"
    },
    {
      "name": "CVE-2021-47432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47432"
    },
    {
      "name": "CVE-2021-47515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47515"
    },
    {
      "name": "CVE-2021-47539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
    },
    {
      "name": "CVE-2021-47566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47566"
    },
    {
      "name": "CVE-2021-47571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47571"
    },
    {
      "name": "CVE-2021-47572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
    },
    {
      "name": "CVE-2021-47576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
    },
    {
      "name": "CVE-2021-47577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47577"
    },
    {
      "name": "CVE-2021-47578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
    },
    {
      "name": "CVE-2021-47580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47580"
    },
    {
      "name": "CVE-2021-47582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47582"
    },
    {
      "name": "CVE-2021-47583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47583"
    },
    {
      "name": "CVE-2021-47584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47584"
    },
    {
      "name": "CVE-2021-47585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47585"
    },
    {
      "name": "CVE-2021-47586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47586"
    },
    {
      "name": "CVE-2021-47587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47587"
    },
    {
      "name": "CVE-2021-47589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47589"
    },
    {
      "name": "CVE-2021-47592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47592"
    },
    {
      "name": "CVE-2021-47595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47595"
    },
    {
      "name": "CVE-2021-47596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47596"
    },
    {
      "name": "CVE-2021-47597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47597"
    },
    {
      "name": "CVE-2021-47600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47600"
    },
    {
      "name": "CVE-2021-47601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
    },
    {
      "name": "CVE-2021-47602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47602"
    },
    {
      "name": "CVE-2021-47603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47603"
    },
    {
      "name": "CVE-2021-47604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47604"
    },
    {
      "name": "CVE-2021-47605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47605"
    },
    {
      "name": "CVE-2021-47607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
    },
    {
      "name": "CVE-2021-47608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47608"
    },
    {
      "name": "CVE-2021-47609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
    },
    {
      "name": "CVE-2021-47610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47610"
    },
    {
      "name": "CVE-2021-47611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47611"
    },
    {
      "name": "CVE-2021-47612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47612"
    },
    {
      "name": "CVE-2021-47614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47614"
    },
    {
      "name": "CVE-2021-47615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47615"
    },
    {
      "name": "CVE-2021-47616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
    },
    {
      "name": "CVE-2021-47617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
    },
    {
      "name": "CVE-2021-47618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47618"
    },
    {
      "name": "CVE-2021-47619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47619"
    },
    {
      "name": "CVE-2021-47620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
    },
    {
      "name": "CVE-2022-48711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48711"
    },
    {
      "name": "CVE-2022-48712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
    },
    {
      "name": "CVE-2022-48713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
    },
    {
      "name": "CVE-2022-48714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
    },
    {
      "name": "CVE-2022-48715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48715"
    },
    {
      "name": "CVE-2022-48716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48716"
    },
    {
      "name": "CVE-2022-48717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48717"
    },
    {
      "name": "CVE-2022-48718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48718"
    },
    {
      "name": "CVE-2022-48720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
    },
    {
      "name": "CVE-2022-48721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48721"
    },
    {
      "name": "CVE-2022-48722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48722"
    },
    {
      "name": "CVE-2022-48723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48723"
    },
    {
      "name": "CVE-2022-48724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
    },
    {
      "name": "CVE-2022-48725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
    },
    {
      "name": "CVE-2022-48726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48726"
    },
    {
      "name": "CVE-2022-48727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
    },
    {
      "name": "CVE-2022-48728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
    },
    {
      "name": "CVE-2022-48729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
    },
    {
      "name": "CVE-2022-48730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48730"
    },
    {
      "name": "CVE-2022-48732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
    },
    {
      "name": "CVE-2022-48733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
    },
    {
      "name": "CVE-2022-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48734"
    },
    {
      "name": "CVE-2022-48735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48735"
    },
    {
      "name": "CVE-2022-48736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48736"
    },
    {
      "name": "CVE-2022-48737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48737"
    },
    {
      "name": "CVE-2022-48738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48738"
    },
    {
      "name": "CVE-2022-48739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48739"
    },
    {
      "name": "CVE-2022-48740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48740"
    },
    {
      "name": "CVE-2022-48743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
    },
    {
      "name": "CVE-2022-48744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48744"
    },
    {
      "name": "CVE-2022-48745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
    },
    {
      "name": "CVE-2022-48746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
    },
    {
      "name": "CVE-2022-48747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48747"
    },
    {
      "name": "CVE-2022-48748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48748"
    },
    {
      "name": "CVE-2022-48749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48749"
    },
    {
      "name": "CVE-2022-48751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48751"
    },
    {
      "name": "CVE-2022-48752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
    },
    {
      "name": "CVE-2022-48753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48753"
    },
    {
      "name": "CVE-2022-48754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48754"
    },
    {
      "name": "CVE-2022-48755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48755"
    },
    {
      "name": "CVE-2022-48756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48756"
    },
    {
      "name": "CVE-2022-48758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48758"
    },
    {
      "name": "CVE-2022-48759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48759"
    },
    {
      "name": "CVE-2022-48760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
    },
    {
      "name": "CVE-2022-48761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48761"
    },
    {
      "name": "CVE-2022-48763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
    },
    {
      "name": "CVE-2022-48765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48765"
    },
    {
      "name": "CVE-2022-48766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48766"
    },
    {
      "name": "CVE-2022-48767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
    },
    {
      "name": "CVE-2022-48768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
    },
    {
      "name": "CVE-2022-48769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
    },
    {
      "name": "CVE-2022-48770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
    },
    {
      "name": "CVE-2022-48771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48771"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2023-52735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52735"
    },
    {
      "name": "CVE-2023-52737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52737"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2023-52762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2023-52787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
    },
    {
      "name": "CVE-2023-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5281"
    },
    {
      "name": "CVE-2023-52837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
    },
    {
      "name": "CVE-2023-52843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52843"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2023-52846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
    },
    {
      "name": "CVE-2023-52869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52869"
    },
    {
      "name": "CVE-2023-52884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52884"
    },
    {
      "name": "CVE-2024-26842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26842"
    },
    {
      "name": "CVE-2024-33619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33619"
    },
    {
      "name": "CVE-2024-35247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35247"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-35979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
    },
    {
      "name": "CVE-2024-36477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
    },
    {
      "name": "CVE-2024-36478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36478"
    },
    {
      "name": "CVE-2024-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36479"
    },
    {
      "name": "CVE-2024-36592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36592"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-36978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
    },
    {
      "name": "CVE-2024-37021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37021"
    },
    {
      "name": "CVE-2024-37078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37078"
    },
    {
      "name": "CVE-2024-37354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37354"
    },
    {
      "name": "CVE-2024-38388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38388"
    },
    {
      "name": "CVE-2024-38390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38390"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38581"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2024-38630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38630"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-39468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39468"
    },
    {
      "name": "CVE-2024-39469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39469"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    }
  ],
  "initial_release_date": "2024-07-12T00:00:00",
  "last_revision_date": "2024-07-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0578",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2362-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242362-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2372-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242372-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2381-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242381-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2358-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242358-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2396-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242396-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2351-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242351-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2376-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2385-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242385-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2369-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242369-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2335-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242335-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2394-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242394-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2344-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242344-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2384-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242384-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2338-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242338-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2343-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242343-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2326-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242326-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2411-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242411-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2337-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242337-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2368-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242368-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2365-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242365-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2407-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242407-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2382-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242382-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2373-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242373-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2341-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242341-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2360-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242360-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2357-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242357-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2410-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242410-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2342-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242342-1"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-47297 (GCVE-0-2021-47297)

GHSA-62X6-4GMP-FG78

CVE-2021-47297

FKIE_CVE-2021-47297

CERTFR-2024-AVI-0610

Solutions

CERTFR-2024-AVI-0578

Solutions

Tags

Sightings

Nomenclature