Vulnerability-Lookup

CVE-2021-47328 (GCVE-0-2021-47328)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2025-12-18 11:36

Title

scsi: iscsi: Fix conn use after free during resets

Summary

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait. We can only do one TMF per session so this just moves the TMF fields from the conn to the session. We can then rely on the iscsi_session_teardown->iscsi_remove_session->__iscsi_unbind_session call to remove the target and it's devices, and know after that point there is no device or scsi-ml callout trying to access the session.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/bf20d85a88384574f…
	https://git.kernel.org/stable/c/d04958a348e560938…
	https://git.kernel.org/stable/c/89812e7957ab0746e…
	https://git.kernel.org/stable/c/f0a031f7c55ffd944…
	https://git.kernel.org/stable/c/fa9542b35ceb4202e…
	https://git.kernel.org/stable/c/ec29d0ac29be36645…

Impacted products

Vendor

Product

Version

Linux

Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < bf20d85a88384574fabb3d53ad62a8af57e7ab11 (git)
Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < d04958a348e560938410e04a12fb99da9c7e6a00 (git)
Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < 89812e7957ab0746eab66ed6fc49d52bb4dca250 (git)
Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < f0a031f7c55ffd944fead1ddaf2aa94df9a158c1 (git)
Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < fa9542b35ceb4202e8f8d65f440529a63524dca9 (git)
Affected: 660d0831d1494a6837b2f810d08b5be092c1f31d , < ec29d0ac29be366450a7faffbcf8cba3a6a3b506 (git)
Affected: 861a9633c22ee8b484e1b4054995f7e1b94a3834 (git)
Affected: 0adcec66bce9b7e84847da09ae3f8bc36e753312 (git)
Affected: 20b38ab5b687df3dbb873cfb0efa946a021f890a (git)
Affected: 71b6a23ea944c6a30958bd15a69211e1fd521e1e (git)

Linux

Affected: 4.2
Unaffected: 0 , < 4.2 (semver)
Unaffected: 4.19.198 , ≤ 4.19.* (semver)
Unaffected: 5.4.134 , ≤ 5.4.* (semver)
Unaffected: 5.10.52 , ≤ 5.10.* (semver)
Unaffected: 5.12.19 , ≤ 5.12.* (semver)
Unaffected: 5.13.4 , ≤ 5.13.* (semver)
Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47328",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T19:06:33.421642Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:48.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libiscsi.c",
            "include/scsi/libiscsi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bf20d85a88384574fabb3d53ad62a8af57e7ab11",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "lessThan": "d04958a348e560938410e04a12fb99da9c7e6a00",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "lessThan": "89812e7957ab0746eab66ed6fc49d52bb4dca250",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "lessThan": "f0a031f7c55ffd944fead1ddaf2aa94df9a158c1",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "lessThan": "fa9542b35ceb4202e8f8d65f440529a63524dca9",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "lessThan": "ec29d0ac29be366450a7faffbcf8cba3a6a3b506",
              "status": "affected",
              "version": "660d0831d1494a6837b2f810d08b5be092c1f31d",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "861a9633c22ee8b484e1b4054995f7e1b94a3834",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "0adcec66bce9b7e84847da09ae3f8bc36e753312",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "20b38ab5b687df3dbb873cfb0efa946a021f890a",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "71b6a23ea944c6a30958bd15a69211e1fd521e1e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/libiscsi.c",
            "include/scsi/libiscsi.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.2"
            },
            {
              "lessThan": "4.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.52",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.198",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.134",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.52",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.19",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.4",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.2.72",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.4.111",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.18.22",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.1.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix conn use after free during resets\n\nIf we haven\u0027t done a unbind target call we can race where\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\nthose threads are still accessing the conn ehwait.\n\nWe can only do one TMF per session so this just moves the TMF fields from\nthe conn to the session. We can then rely on the\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\nto remove the target and it\u0027s devices, and know after that point there is\nno device or scsi-ml callout trying to access the session."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T11:36:48.521Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11"
        },
        {
          "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00"
        },
        {
          "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250"
        },
        {
          "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506"
        }
      ],
      "title": "scsi: iscsi: Fix conn use after free during resets",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47328",
    "datePublished": "2024-05-21T14:35:40.479Z",
    "dateReserved": "2024-05-21T14:28:16.975Z",
    "dateUpdated": "2025-12-18T11:36:48.521Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:32:08.445Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47328\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-23T19:06:33.421642Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:43.975Z\"}}], \"cna\": {\"title\": \"scsi: iscsi: Fix conn use after free during resets\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"bf20d85a88384574fabb3d53ad62a8af57e7ab11\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"d04958a348e560938410e04a12fb99da9c7e6a00\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"89812e7957ab0746eab66ed6fc49d52bb4dca250\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"f0a031f7c55ffd944fead1ddaf2aa94df9a158c1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"fa9542b35ceb4202e8f8d65f440529a63524dca9\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"660d0831d1494a6837b2f810d08b5be092c1f31d\", \"lessThan\": \"ec29d0ac29be366450a7faffbcf8cba3a6a3b506\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"861a9633c22ee8b484e1b4054995f7e1b94a3834\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"0adcec66bce9b7e84847da09ae3f8bc36e753312\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"20b38ab5b687df3dbb873cfb0efa946a021f890a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"71b6a23ea944c6a30958bd15a69211e1fd521e1e\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/scsi/libiscsi.c\", \"include/scsi/libiscsi.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.2\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.2\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.198\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.134\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.52\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.13.*\"}, {\"status\": \"unaffected\", \"version\": \"5.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/scsi/libiscsi.c\", \"include/scsi/libiscsi.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11\"}, {\"url\": \"https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00\"}, {\"url\": \"https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250\"}, {\"url\": \"https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1\"}, {\"url\": \"https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9\"}, {\"url\": \"https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: iscsi: Fix conn use after free during resets\\n\\nIf we haven\u0027t done a unbind target call we can race where\\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\\nthose threads are still accessing the conn ehwait.\\n\\nWe can only do one TMF per session so this just moves the TMF fields from\\nthe conn to the session. We can then rely on the\\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\\nto remove the target and it\u0027s devices, and know after that point there is\\nno device or scsi-ml callout trying to access the session.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.198\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.134\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.52\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.19\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13.4\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.14\", \"versionStartIncluding\": \"4.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"3.2.72\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"3.4.111\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"3.18.22\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.1.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-12-18T11:36:48.521Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-47328\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-18T11:36:48.521Z\", \"dateReserved\": \"2024-05-21T14:28:16.975Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-21T14:35:40.479Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2021-47328

Vulnerability from fkie_nvd - Published: 2024-05-21 15:15 - Updated: 2024-12-26 19:52

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB3D1A5-433D-41F0-95A6-97558C0ECCAA",
              "versionEndExcluding": "4.19.198",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "508D9771-335F-44A6-9F2F-880DF1267A1F",
              "versionEndExcluding": "5.4.134",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62",
              "versionEndExcluding": "5.10.52",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E",
              "versionEndExcluding": "5.12.19",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A",
              "versionEndExcluding": "5.13.4",
              "versionStartIncluding": "5.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix conn use after free during resets\n\nIf we haven\u0027t done a unbind target call we can race where\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\nthose threads are still accessing the conn ehwait.\n\nWe can only do one TMF per session so this just moves the TMF fields from\nthe conn to the session. We can then rely on the\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\nto remove the target and it\u0027s devices, and know after that point there is\nno device or scsi-ml callout trying to access the session."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: iscsi: corrige el uso de la conexi\u00f3n despu\u00e9s de liberarla durante los reinicios. Si no hemos realizado una llamada de destino de desvinculaci\u00f3n, podemos correr donde iscsi_conn_teardown activa el subproceso EH y luego libera la conexi\u00f3n mientras esos Los hilos todav\u00eda est\u00e1n accediendo a la conexi\u00f3n ehwait. Solo podemos hacer un TMF por sesi\u00f3n, por lo que esto simplemente mueve los campos TMF de la conexi\u00f3n a la sesi\u00f3n. Luego podemos confiar en la llamada iscsi_session_teardown-\u0026gt;iscsi_remove_session-\u0026gt;__iscsi_unbind_session para eliminar el objetivo y sus dispositivos, y saber despu\u00e9s de ese punto que no hay ning\u00fan dispositivo o llamada scsi-ml intentando acceder a la sesi\u00f3n."
    }
  ],
  "id": "CVE-2021-47328",
  "lastModified": "2024-12-26T19:52:18.833",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-21T15:15:19.823",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2024-AVI-0610

Vulnerability from certfr_avis - Published: 2024-07-19 - Updated: 2024-07-19

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
SUSE	N/A	SUSE Linux Enterprise Micro 5.3
SUSE	N/A	SUSE Manager Proxy 4.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP4
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP4
SUSE	N/A	SUSE Manager Retail Branch Server 4.3
SUSE	N/A	openSUSE Leap 15.4
SUSE	N/A	SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
SUSE	N/A	SUSE Linux Enterprise Real Time 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE	N/A	openSUSE Leap 15.5
SUSE	N/A	SUSE Manager Server 4.3
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 12 SP5
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12 12-SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP4
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro 5.4
SUSE	N/A	SUSE Linux Enterprise Micro 5.5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2024:2472-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2493-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2487-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2530-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2474-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2488-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2448-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2480-1	2024-07-15	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2447-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2561-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2559-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2449-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2549-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2495-1	2024-07-16	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2473-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2437-1	2024-07-12	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2558-1	2024-07-18	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2446-1	2024-07-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2021-47544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
    },
    {
      "name": "CVE-2023-52675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
    },
    {
      "name": "CVE-2023-52834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2022-48651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48651"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2022-48756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48756"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2021-47407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47407"
    },
    {
      "name": "CVE-2023-52762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762"
    },
    {
      "name": "CVE-2023-52846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2023-52818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2023-52808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52808"
    },
    {
      "name": "CVE-2024-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-35828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35828"
    },
    {
      "name": "CVE-2024-35805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35805"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2024-35886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35886"
    },
    {
      "name": "CVE-2022-48743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
    },
    {
      "name": "CVE-2024-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36479"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-35925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925"
    },
    {
      "name": "CVE-2021-47379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47379"
    },
    {
      "name": "CVE-2022-48771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48771"
    },
    {
      "name": "CVE-2022-48722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48722"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2021-47617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
    },
    {
      "name": "CVE-2022-48711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48711"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-35868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35868"
    },
    {
      "name": "CVE-2023-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
    },
    {
      "name": "CVE-2023-52507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52507"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2023-52737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52737"
    },
    {
      "name": "CVE-2024-35962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35962"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2021-47297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47297"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2024-36952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-26880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26880"
    },
    {
      "name": "CVE-2024-36025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025"
    },
    {
      "name": "CVE-2022-48761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48761"
    },
    {
      "name": "CVE-2024-35956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35956"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2021-47270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47270"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2021-47498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47498"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2023-52855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52855"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2021-47603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47603"
    },
    {
      "name": "CVE-2021-47193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47193"
    },
    {
      "name": "CVE-2021-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4439"
    },
    {
      "name": "CVE-2022-48740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48740"
    },
    {
      "name": "CVE-2022-48758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48758"
    },
    {
      "name": "CVE-2021-47293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47293"
    },
    {
      "name": "CVE-2021-47602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47602"
    },
    {
      "name": "CVE-2024-35950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35950"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2023-52683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52683"
    },
    {
      "name": "CVE-2024-37354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37354"
    },
    {
      "name": "CVE-2024-26636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26636"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2021-47372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47372"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-35979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
    },
    {
      "name": "CVE-2023-52754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52754"
    },
    {
      "name": "CVE-2023-52809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809"
    },
    {
      "name": "CVE-2024-26635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26635"
    },
    {
      "name": "CVE-2021-47589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47589"
    },
    {
      "name": "CVE-2021-46955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46955"
    },
    {
      "name": "CVE-2024-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
    },
    {
      "name": "CVE-2021-47555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47555"
    },
    {
      "name": "CVE-2021-47103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47103"
    },
    {
      "name": "CVE-2021-47201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47201"
    },
    {
      "name": "CVE-2024-39475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
    },
    {
      "name": "CVE-2021-47434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47434"
    },
    {
      "name": "CVE-2024-35896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896"
    },
    {
      "name": "CVE-2024-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38610"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2021-47445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47445"
    },
    {
      "name": "CVE-2023-52753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52753"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-35247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35247"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2022-48754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48754"
    },
    {
      "name": "CVE-2024-35869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35869"
    },
    {
      "name": "CVE-2023-52819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52819"
    },
    {
      "name": "CVE-2022-48759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48759"
    },
    {
      "name": "CVE-2024-35870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35870"
    },
    {
      "name": "CVE-2021-47328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47328"
    },
    {
      "name": "CVE-2021-47438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
    },
    {
      "name": "CVE-2021-47576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
    },
    {
      "name": "CVE-2021-47267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47267"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-35864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35864"
    },
    {
      "name": "CVE-2021-47383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47383"
    },
    {
      "name": "CVE-2024-36014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2023-52670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52670"
    },
    {
      "name": "CVE-2023-52693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52693"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2021-47309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47309"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2021-47294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47294"
    },
    {
      "name": "CVE-2021-47587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47587"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2023-52837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
    },
    {
      "name": "CVE-2022-48760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2022-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
    },
    {
      "name": "CVE-2021-47547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47547"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2024-35862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35862"
    },
    {
      "name": "CVE-2022-48733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2021-47191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2024-26633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26633"
    },
    {
      "name": "CVE-2022-48715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48715"
    },
    {
      "name": "CVE-2022-48732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
    },
    {
      "name": "CVE-2023-24023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2021-47354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47354"
    },
    {
      "name": "CVE-2021-47566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47566"
    },
    {
      "name": "CVE-2024-26687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-35863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35863"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2021-47520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47520"
    },
    {
      "name": "CVE-2024-35930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930"
    },
    {
      "name": "CVE-2024-38598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
    },
    {
      "name": "CVE-2020-10135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10135"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2023-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
    },
    {
      "name": "CVE-2024-35960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2021-47418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47418"
    },
    {
      "name": "CVE-2024-26928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-35819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35819"
    },
    {
      "name": "CVE-2024-37021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37021"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-35861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35861"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2021-47145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47145"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2021-47518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47518"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-35958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
    },
    {
      "name": "CVE-2023-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5281"
    },
    {
      "name": "CVE-2021-47600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47600"
    },
    {
      "name": "CVE-2023-52843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52843"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2021-47609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-26745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
    },
    {
      "name": "CVE-2024-35865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35865"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2023-52817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    },
    {
      "name": "CVE-2021-47571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47571"
    },
    {
      "name": "CVE-2021-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
    },
    {
      "name": "CVE-2024-35922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35922"
    },
    {
      "name": "CVE-2021-47275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47275"
    }
  ],
  "initial_release_date": "2024-07-19T00:00:00",
  "last_revision_date": "2024-07-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0610",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2472-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242472-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2493-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242493-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2487-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242487-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2530-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242530-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2474-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242474-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2488-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242488-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2448-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242448-1"
    },
    {
      "published_at": "2024-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2480-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242480-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2447-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242447-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2561-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242561-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2559-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242559-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2449-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242449-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2549-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242549-1"
    },
    {
      "published_at": "2024-07-16",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2495-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242495-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2473-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242473-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2437-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242437-1"
    },
    {
      "published_at": "2024-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2558-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242558-1"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2446-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242446-1"
    }
  ]
}

CERTFR-2024-AVI-0578

Vulnerability from certfr_avis - Published: 2024-07-12 - Updated: 2024-07-12

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.3
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE	N/A	SUSE Manager Proxy 4.2
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE	N/A	SUSE Linux Enterprise Micro 5.3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE	N/A	Public Cloud Module 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro for Rancher 5.4
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP3
SUSE	N/A	SUSE Linux Enterprise Real Time 12 SP5
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
SUSE	N/A	openSUSE Leap 15.5
SUSE	N/A	SUSE Manager Retail Branch Server 4.1
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE	N/A	SUSE Linux Enterprise Real Time 15 SP5
SUSE	N/A	SUSE Manager Retail Branch Server 4.2
SUSE	N/A	SUSE Linux Enterprise Live Patching 15-SP5
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3
SUSE	N/A	SUSE Manager Server 4.1
SUSE	N/A	SUSE Linux Enterprise Micro 5.2
SUSE	N/A	SUSE Enterprise Storage 7.1
SUSE	N/A	SUSE Real Time Module 15-SP5
SUSE	N/A	SUSE Linux Enterprise High Availability Extension 15 SP2
SUSE	N/A	SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2
SUSE	N/A	SUSE Manager Proxy 4.1
SUSE	N/A	SUSE Manager Server 4.2
SUSE	N/A	SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE	N/A	SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE	N/A	SUSE Linux Enterprise Micro 5.1
SUSE	N/A	SUSE Linux Enterprise Micro 5.4
SUSE	N/A	openSUSE Leap 15.3
SUSE	N/A	SUSE Linux Enterprise Server 15 SP2
SUSE	N/A	SUSE Linux Enterprise Micro 5.5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2024:2362-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2372-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2381-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2358-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2396-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2351-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2376-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2385-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2369-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2335-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2394-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2344-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2384-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2338-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2343-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2326-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2411-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2337-1	2024-07-08	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2368-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2365-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2407-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2382-1	2024-07-10	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2373-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2341-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2360-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2357-1	2024-07-09	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2410-1	2024-07-11	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2024:2342-1	2024-07-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "Public Cloud Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro for Rancher 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Real Time Module 15-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability Extension 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap 15.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15 SP2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2020-10135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10135"
    },
    {
      "name": "CVE-2021-3896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3896"
    },
    {
      "name": "CVE-2021-43389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
    },
    {
      "name": "CVE-2022-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2938"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2022-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0435"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-24023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
    },
    {
      "name": "CVE-2023-20521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20521"
    },
    {
      "name": "CVE-2021-46774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46774"
    },
    {
      "name": "CVE-2021-46766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46766"
    },
    {
      "name": "CVE-2023-20526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20526"
    },
    {
      "name": "CVE-2023-20566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20566"
    },
    {
      "name": "CVE-2021-26345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26345"
    },
    {
      "name": "CVE-2023-20592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20592"
    },
    {
      "name": "CVE-2022-23830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23830"
    },
    {
      "name": "CVE-2023-20533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20533"
    },
    {
      "name": "CVE-2022-23820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23820"
    },
    {
      "name": "CVE-2023-20519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20519"
    },
    {
      "name": "CVE-2023-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
    },
    {
      "name": "CVE-2023-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6531"
    },
    {
      "name": "CVE-2024-26625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26625"
    },
    {
      "name": "CVE-2023-52340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
    },
    {
      "name": "CVE-2024-26622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26622"
    },
    {
      "name": "CVE-2023-52502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52502"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2024-26633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26633"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2023-52622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622"
    },
    {
      "name": "CVE-2024-26745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26745"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2024-26813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26813"
    },
    {
      "name": "CVE-2024-26679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
    },
    {
      "name": "CVE-2024-26687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2021-46955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46955"
    },
    {
      "name": "CVE-2024-26863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26863"
    },
    {
      "name": "CVE-2024-26845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26845"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-26644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26644"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-26894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26894"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2024-26923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26923"
    },
    {
      "name": "CVE-2022-48651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48651"
    },
    {
      "name": "CVE-2021-47193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47193"
    },
    {
      "name": "CVE-2021-47191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
    },
    {
      "name": "CVE-2024-26930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2023-52882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
    },
    {
      "name": "CVE-2024-27399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-36904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
    },
    {
      "name": "CVE-2024-36916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
    },
    {
      "name": "CVE-2024-36919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
    },
    {
      "name": "CVE-2024-36934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
    },
    {
      "name": "CVE-2024-36940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
    },
    {
      "name": "CVE-2024-36950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
    },
    {
      "name": "CVE-2021-47267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47267"
    },
    {
      "name": "CVE-2021-47270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47270"
    },
    {
      "name": "CVE-2021-47311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47311"
    },
    {
      "name": "CVE-2021-47354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47354"
    },
    {
      "name": "CVE-2021-47368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47368"
    },
    {
      "name": "CVE-2021-47372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47372"
    },
    {
      "name": "CVE-2021-47379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47379"
    },
    {
      "name": "CVE-2021-47383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47383"
    },
    {
      "name": "CVE-2021-47407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47407"
    },
    {
      "name": "CVE-2021-47418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47418"
    },
    {
      "name": "CVE-2021-47434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47434"
    },
    {
      "name": "CVE-2021-47445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47445"
    },
    {
      "name": "CVE-2021-47518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47518"
    },
    {
      "name": "CVE-2021-47534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47534"
    },
    {
      "name": "CVE-2021-47538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
    },
    {
      "name": "CVE-2021-47544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
    },
    {
      "name": "CVE-2021-47555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47555"
    },
    {
      "name": "CVE-2023-52707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52707"
    },
    {
      "name": "CVE-2023-52754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52754"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2023-52764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
    },
    {
      "name": "CVE-2023-52766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52766"
    },
    {
      "name": "CVE-2023-52800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52800"
    },
    {
      "name": "CVE-2023-52808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52808"
    },
    {
      "name": "CVE-2023-52809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2023-52834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834"
    },
    {
      "name": "CVE-2023-52855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52855"
    },
    {
      "name": "CVE-2024-26822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26822"
    },
    {
      "name": "CVE-2024-26921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26921"
    },
    {
      "name": "CVE-2024-26928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2024-35822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35822"
    },
    {
      "name": "CVE-2024-35861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35861"
    },
    {
      "name": "CVE-2024-35862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35862"
    },
    {
      "name": "CVE-2024-35863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35863"
    },
    {
      "name": "CVE-2024-35864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35864"
    },
    {
      "name": "CVE-2024-35865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35865"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2024-35868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35868"
    },
    {
      "name": "CVE-2024-35869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35869"
    },
    {
      "name": "CVE-2024-35870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35870"
    },
    {
      "name": "CVE-2024-35878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35878"
    },
    {
      "name": "CVE-2024-35905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35905"
    },
    {
      "name": "CVE-2024-35922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35922"
    },
    {
      "name": "CVE-2024-35930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930"
    },
    {
      "name": "CVE-2024-35950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35950"
    },
    {
      "name": "CVE-2024-35976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
    },
    {
      "name": "CVE-2024-35998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35998"
    },
    {
      "name": "CVE-2024-36016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
    },
    {
      "name": "CVE-2024-36880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
    },
    {
      "name": "CVE-2024-36938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
    },
    {
      "name": "CVE-2023-52667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52667"
    },
    {
      "name": "CVE-2023-52658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52658"
    },
    {
      "name": "CVE-2023-52670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52670"
    },
    {
      "name": "CVE-2023-52675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
    },
    {
      "name": "CVE-2024-27432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27432"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-35814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2024-35956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35956"
    },
    {
      "name": "CVE-2024-35958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
    },
    {
      "name": "CVE-2024-35960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
    },
    {
      "name": "CVE-2024-35997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35997"
    },
    {
      "name": "CVE-2024-36020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
    },
    {
      "name": "CVE-2024-36021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
    },
    {
      "name": "CVE-2024-36025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025"
    },
    {
      "name": "CVE-2024-36890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36890"
    },
    {
      "name": "CVE-2024-36894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
    },
    {
      "name": "CVE-2024-36949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36949"
    },
    {
      "name": "CVE-2023-52672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52672"
    },
    {
      "name": "CVE-2024-35807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807"
    },
    {
      "name": "CVE-2024-35884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35884"
    },
    {
      "name": "CVE-2024-35886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35886"
    },
    {
      "name": "CVE-2024-35896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896"
    },
    {
      "name": "CVE-2024-35898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
    },
    {
      "name": "CVE-2024-35900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35900"
    },
    {
      "name": "CVE-2024-35925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925"
    },
    {
      "name": "CVE-2024-35962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35962"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2024-36008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36008"
    },
    {
      "name": "CVE-2024-36960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
    },
    {
      "name": "CVE-2024-36964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-38381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
    },
    {
      "name": "CVE-2024-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
    },
    {
      "name": "CVE-2024-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
    },
    {
      "name": "CVE-2024-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
    },
    {
      "name": "CVE-2024-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
    },
    {
      "name": "CVE-2024-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
    },
    {
      "name": "CVE-2024-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
    },
    {
      "name": "CVE-2024-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
    },
    {
      "name": "CVE-2024-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
    },
    {
      "name": "CVE-2024-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
    },
    {
      "name": "CVE-2024-38599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
    },
    {
      "name": "CVE-2024-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
    },
    {
      "name": "CVE-2024-38618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
    },
    {
      "name": "CVE-2024-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
    },
    {
      "name": "CVE-2024-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
    },
    {
      "name": "CVE-2024-38780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
    },
    {
      "name": "CVE-2021-47293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47293"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2021-4439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4439"
    },
    {
      "name": "CVE-2021-47089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47089"
    },
    {
      "name": "CVE-2021-47103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47103"
    },
    {
      "name": "CVE-2021-47247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47247"
    },
    {
      "name": "CVE-2021-47294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47294"
    },
    {
      "name": "CVE-2021-47297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47297"
    },
    {
      "name": "CVE-2021-47309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47309"
    },
    {
      "name": "CVE-2021-47328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47328"
    },
    {
      "name": "CVE-2021-47432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47432"
    },
    {
      "name": "CVE-2021-47515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47515"
    },
    {
      "name": "CVE-2021-47539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
    },
    {
      "name": "CVE-2021-47566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47566"
    },
    {
      "name": "CVE-2021-47571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47571"
    },
    {
      "name": "CVE-2021-47572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
    },
    {
      "name": "CVE-2021-47576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
    },
    {
      "name": "CVE-2021-47577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47577"
    },
    {
      "name": "CVE-2021-47578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
    },
    {
      "name": "CVE-2021-47580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47580"
    },
    {
      "name": "CVE-2021-47582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47582"
    },
    {
      "name": "CVE-2021-47583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47583"
    },
    {
      "name": "CVE-2021-47584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47584"
    },
    {
      "name": "CVE-2021-47585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47585"
    },
    {
      "name": "CVE-2021-47586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47586"
    },
    {
      "name": "CVE-2021-47587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47587"
    },
    {
      "name": "CVE-2021-47589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47589"
    },
    {
      "name": "CVE-2021-47592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47592"
    },
    {
      "name": "CVE-2021-47595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47595"
    },
    {
      "name": "CVE-2021-47596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47596"
    },
    {
      "name": "CVE-2021-47597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47597"
    },
    {
      "name": "CVE-2021-47600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47600"
    },
    {
      "name": "CVE-2021-47601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
    },
    {
      "name": "CVE-2021-47602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47602"
    },
    {
      "name": "CVE-2021-47603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47603"
    },
    {
      "name": "CVE-2021-47604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47604"
    },
    {
      "name": "CVE-2021-47605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47605"
    },
    {
      "name": "CVE-2021-47607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
    },
    {
      "name": "CVE-2021-47608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47608"
    },
    {
      "name": "CVE-2021-47609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
    },
    {
      "name": "CVE-2021-47610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47610"
    },
    {
      "name": "CVE-2021-47611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47611"
    },
    {
      "name": "CVE-2021-47612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47612"
    },
    {
      "name": "CVE-2021-47614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47614"
    },
    {
      "name": "CVE-2021-47615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47615"
    },
    {
      "name": "CVE-2021-47616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
    },
    {
      "name": "CVE-2021-47617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
    },
    {
      "name": "CVE-2021-47618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47618"
    },
    {
      "name": "CVE-2021-47619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47619"
    },
    {
      "name": "CVE-2021-47620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
    },
    {
      "name": "CVE-2022-48711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48711"
    },
    {
      "name": "CVE-2022-48712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
    },
    {
      "name": "CVE-2022-48713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
    },
    {
      "name": "CVE-2022-48714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
    },
    {
      "name": "CVE-2022-48715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48715"
    },
    {
      "name": "CVE-2022-48716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48716"
    },
    {
      "name": "CVE-2022-48717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48717"
    },
    {
      "name": "CVE-2022-48718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48718"
    },
    {
      "name": "CVE-2022-48720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
    },
    {
      "name": "CVE-2022-48721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48721"
    },
    {
      "name": "CVE-2022-48722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48722"
    },
    {
      "name": "CVE-2022-48723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48723"
    },
    {
      "name": "CVE-2022-48724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
    },
    {
      "name": "CVE-2022-48725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
    },
    {
      "name": "CVE-2022-48726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48726"
    },
    {
      "name": "CVE-2022-48727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
    },
    {
      "name": "CVE-2022-48728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
    },
    {
      "name": "CVE-2022-48729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
    },
    {
      "name": "CVE-2022-48730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48730"
    },
    {
      "name": "CVE-2022-48732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
    },
    {
      "name": "CVE-2022-48733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48733"
    },
    {
      "name": "CVE-2022-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48734"
    },
    {
      "name": "CVE-2022-48735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48735"
    },
    {
      "name": "CVE-2022-48736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48736"
    },
    {
      "name": "CVE-2022-48737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48737"
    },
    {
      "name": "CVE-2022-48738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48738"
    },
    {
      "name": "CVE-2022-48739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48739"
    },
    {
      "name": "CVE-2022-48740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48740"
    },
    {
      "name": "CVE-2022-48743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
    },
    {
      "name": "CVE-2022-48744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48744"
    },
    {
      "name": "CVE-2022-48745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
    },
    {
      "name": "CVE-2022-48746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
    },
    {
      "name": "CVE-2022-48747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48747"
    },
    {
      "name": "CVE-2022-48748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48748"
    },
    {
      "name": "CVE-2022-48749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48749"
    },
    {
      "name": "CVE-2022-48751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48751"
    },
    {
      "name": "CVE-2022-48752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
    },
    {
      "name": "CVE-2022-48753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48753"
    },
    {
      "name": "CVE-2022-48754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48754"
    },
    {
      "name": "CVE-2022-48755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48755"
    },
    {
      "name": "CVE-2022-48756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48756"
    },
    {
      "name": "CVE-2022-48758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48758"
    },
    {
      "name": "CVE-2022-48759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48759"
    },
    {
      "name": "CVE-2022-48760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
    },
    {
      "name": "CVE-2022-48761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48761"
    },
    {
      "name": "CVE-2022-48763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
    },
    {
      "name": "CVE-2022-48765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48765"
    },
    {
      "name": "CVE-2022-48766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48766"
    },
    {
      "name": "CVE-2022-48767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
    },
    {
      "name": "CVE-2022-48768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
    },
    {
      "name": "CVE-2022-48769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
    },
    {
      "name": "CVE-2022-48770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
    },
    {
      "name": "CVE-2022-48771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48771"
    },
    {
      "name": "CVE-2022-48772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
    },
    {
      "name": "CVE-2023-52735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52735"
    },
    {
      "name": "CVE-2023-52737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52737"
    },
    {
      "name": "CVE-2023-52752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
    },
    {
      "name": "CVE-2023-52762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762"
    },
    {
      "name": "CVE-2023-52784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784"
    },
    {
      "name": "CVE-2023-52787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
    },
    {
      "name": "CVE-2023-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5281"
    },
    {
      "name": "CVE-2023-52837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
    },
    {
      "name": "CVE-2023-52843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52843"
    },
    {
      "name": "CVE-2023-52845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
    },
    {
      "name": "CVE-2023-52846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
    },
    {
      "name": "CVE-2023-52869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52869"
    },
    {
      "name": "CVE-2023-52884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52884"
    },
    {
      "name": "CVE-2024-26842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26842"
    },
    {
      "name": "CVE-2024-33619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33619"
    },
    {
      "name": "CVE-2024-35247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35247"
    },
    {
      "name": "CVE-2024-35857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35857"
    },
    {
      "name": "CVE-2024-35979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
    },
    {
      "name": "CVE-2024-36477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
    },
    {
      "name": "CVE-2024-36478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36478"
    },
    {
      "name": "CVE-2024-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36479"
    },
    {
      "name": "CVE-2024-36592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36592"
    },
    {
      "name": "CVE-2024-36899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899"
    },
    {
      "name": "CVE-2024-36900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36900"
    },
    {
      "name": "CVE-2024-36915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
    },
    {
      "name": "CVE-2024-36917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917"
    },
    {
      "name": "CVE-2024-36923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
    },
    {
      "name": "CVE-2024-36937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-36965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
    },
    {
      "name": "CVE-2024-36967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
    },
    {
      "name": "CVE-2024-36969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
    },
    {
      "name": "CVE-2024-36975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
    },
    {
      "name": "CVE-2024-36978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
    },
    {
      "name": "CVE-2024-37021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37021"
    },
    {
      "name": "CVE-2024-37078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37078"
    },
    {
      "name": "CVE-2024-37354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37354"
    },
    {
      "name": "CVE-2024-38388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38388"
    },
    {
      "name": "CVE-2024-38390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38390"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38544"
    },
    {
      "name": "CVE-2024-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38545"
    },
    {
      "name": "CVE-2024-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
    },
    {
      "name": "CVE-2024-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
    },
    {
      "name": "CVE-2024-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
    },
    {
      "name": "CVE-2024-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38550"
    },
    {
      "name": "CVE-2024-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
    },
    {
      "name": "CVE-2024-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
    },
    {
      "name": "CVE-2024-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38556"
    },
    {
      "name": "CVE-2024-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38557"
    },
    {
      "name": "CVE-2024-38564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38564"
    },
    {
      "name": "CVE-2024-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38568"
    },
    {
      "name": "CVE-2024-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38571"
    },
    {
      "name": "CVE-2024-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573"
    },
    {
      "name": "CVE-2024-38580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38580"
    },
    {
      "name": "CVE-2024-38581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38581"
    },
    {
      "name": "CVE-2024-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
    },
    {
      "name": "CVE-2024-38591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38591"
    },
    {
      "name": "CVE-2024-38594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38594"
    },
    {
      "name": "CVE-2024-38597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
    },
    {
      "name": "CVE-2024-38600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
    },
    {
      "name": "CVE-2024-38603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38603"
    },
    {
      "name": "CVE-2024-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
    },
    {
      "name": "CVE-2024-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
    },
    {
      "name": "CVE-2024-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38616"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2024-38630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38630"
    },
    {
      "name": "CVE-2024-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
    },
    {
      "name": "CVE-2024-38661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
    },
    {
      "name": "CVE-2024-39301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
    },
    {
      "name": "CVE-2024-39468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39468"
    },
    {
      "name": "CVE-2024-39469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39469"
    },
    {
      "name": "CVE-2024-39471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
    }
  ],
  "initial_release_date": "2024-07-12T00:00:00",
  "last_revision_date": "2024-07-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0578",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2362-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242362-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2372-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242372-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2381-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242381-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2358-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242358-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2396-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242396-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2351-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242351-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2376-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2385-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242385-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2369-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242369-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2335-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242335-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2394-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242394-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2344-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242344-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2384-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242384-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2338-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242338-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2343-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242343-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2326-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242326-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2411-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242411-1"
    },
    {
      "published_at": "2024-07-08",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2337-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242337-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2368-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242368-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2365-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242365-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2407-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242407-1"
    },
    {
      "published_at": "2024-07-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2382-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242382-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2373-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242373-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2341-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242341-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2360-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242360-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2357-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242357-1"
    },
    {
      "published_at": "2024-07-11",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2410-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242410-1"
    },
    {
      "published_at": "2024-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2024:2342-1",
      "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242342-1"
    }
  ]
}

CVE-2021-47328

Vulnerability from fstec - Published: 01.06.2021

Title

Уязвимость функции iscsi_prep_bidi_ahs() модуля drivers/scsi/libiscsi.c - драйвера поддержки устройств SCSI ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции iscsi_prep_bidi_ahs() модуля drivers/scsi/libiscsi.c - драйвера поддержки устройств SCSI ядра операционной системы Linux связана с повторным использованием ранее освобожденной памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 4.20 до 5.4.133 включительно (Linux), от 5.5 до 5.10.51 включительно (Linux), от 5.11 до 5.12.18 включительно (Linux), от 5.13 до 5.13.3 включительно (Linux), от 2.6.12 до 4.19.197 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024052134-CVE-2021-47328-441f@gregkh/ https://git.kernel.org/linus/ec29d0ac29be366450a7faffbcf8cba3a6a3b506 https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=89812e7957ab0746eab66ed6fc49d52bb4dca250 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1 https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506 https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00 https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9 https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250 https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11

Reference

https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1 https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506 https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00 https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9 https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250 https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11 https://www.cve.org/CVERecord?id=CVE-2021-47328 https://lore.kernel.org/linux-cve-announce/2024052134-CVE-2021-47328-441f@gregkh/ https://git.kernel.org/linus/ec29d0ac29be366450a7faffbcf8cba3a6a3b506 https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=89812e7957ab0746eab66ed6fc49d52bb4dca250 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 4.20 \u0434\u043e 5.4.133 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.51 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.12.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.13 \u0434\u043e 5.13.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.12 \u0434\u043e 4.19.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024052134-CVE-2021-47328-441f@gregkh/\nhttps://git.kernel.org/linus/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=89812e7957ab0746eab66ed6fc49d52bb4dca250\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4\nhttps://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1\nhttps://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\nhttps://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00\nhttps://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9\nhttps://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250\nhttps://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "01.06.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.06.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-07327",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47328",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.133 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.51 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.12.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.13 \u0434\u043e 5.13.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.12 \u0434\u043e 4.19.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 iscsi_prep_bidi_ahs() \u043c\u043e\u0434\u0443\u043b\u044f drivers/scsi/libiscsi.c - \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 SCSI \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 iscsi_prep_bidi_ahs() \u043c\u043e\u0434\u0443\u043b\u044f drivers/scsi/libiscsi.c - \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 SCSI \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1\nhttps://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\nhttps://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00\nhttps://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9\nhttps://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250\nhttps://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11\nhttps://www.cve.org/CVERecord?id=CVE-2021-47328\nhttps://lore.kernel.org/linux-cve-announce/2024052134-CVE-2021-47328-441f@gregkh/\nhttps://git.kernel.org/linus/ec29d0ac29be366450a7faffbcf8cba3a6a3b506\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=89812e7957ab0746eab66ed6fc49d52bb4dca250\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

GHSA-3WHV-3WRH-JJQQ

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2024-12-26 21:30

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: iscsi: Fix conn use after free during resets

If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait.

We can only do one TMF per session so this just moves the TMF fields from the conn to the session. We can then rely on the iscsi_session_teardown->iscsi_remove_session->__iscsi_unbind_session call to remove the target and it's devices, and know after that point there is no device or scsi-ml callout trying to access the session.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-47328"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:19Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix conn use after free during resets\n\nIf we haven\u0027t done a unbind target call we can race where\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\nthose threads are still accessing the conn ehwait.\n\nWe can only do one TMF per session so this just moves the TMF fields from\nthe conn to the session. We can then rely on the\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\nto remove the target and it\u0027s devices, and know after that point there is\nno device or scsi-ml callout trying to access the session.",
  "id": "GHSA-3whv-3wrh-jjqq",
  "modified": "2024-12-26T21:30:36Z",
  "published": "2024-05-21T15:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47328"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/89812e7957ab0746eab66ed6fc49d52bb4dca250"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bf20d85a88384574fabb3d53ad62a8af57e7ab11"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d04958a348e560938410e04a12fb99da9c7e6a00"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ec29d0ac29be366450a7faffbcf8cba3a6a3b506"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f0a031f7c55ffd944fead1ddaf2aa94df9a158c1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fa9542b35ceb4202e8f8d65f440529a63524dca9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-47328 (GCVE-0-2021-47328)

FKIE_CVE-2021-47328

CERTFR-2024-AVI-0610

Solutions

CERTFR-2024-AVI-0578

Solutions

CVE-2021-47328

GHSA-3WHV-3WRH-JJQQ

Tags

Sightings

Nomenclature